When one thinks of a Cyberattack taking place, many visions come to mind. Perhaps the most popular is that of an individual dressed in a cloak and dagger outfit and sitting in front of a computer in a dark room, trying to enter a business through a point of weakness. While this particular image may not happen in reality, there is a new attack front that is emerging, known as “Asymmetric Cyber Warfare,” which is the focal point of this article.
What is Asymmetric Cyber Warfare?
The technical definition for Asymmetric Cyber Warfare is as follows:
“It is cyberwarfare that bypasses or sabotages a victim’s strengths while targeting their vulnerabilities. In these types of attacks, the perpetrator has an unfair (or asymmetric) advantage over its opponent and can be impossible to detect. Oftentimes, the aggressor cannot compete in strength or numbers, making this popular among small intelligence groups.” (Source: TechTarget.com)
In other words, it is not just one Cyberattacker launching the attack. Rather, it is an entire unit or group of them. They gain access to your IT/Network Infrastructure not through just one point of entry, but rather through multiple points. They also literally overwhelm even your own strengths, totally overpowering your lines of defense in one, huge blow.
This type of attack is carried out differently than we usually think of in a Cyberattack. An Asymmetric Cyber Attack utilizes different tactics all the time in order to totally surprise the victim. During this phase, most threat variants very often go unnoticed for very long periods of time until it is too late for the victim to do anything about it, simply because they are so overpowered. Threats delivered in this manner are aptly called “Advanced Persistent Threats.”
With the Remote Workforce now becoming a reality for the foreseeable future, many more vulnerabilities and weak spots have begun to emerge, primarily due to the home network and the corporate network coming together as one. This convergence makes deploying software patches and upgrades on a regular basis an almost impossible task.
Nation States and “Weapons of Mass Computers”
Asymmetric Cyberwarfare is not a homegrown style of attack. Such attacks are launched by nation state threat actors, such as those of Russia, China, and Iran, whose Cyberattack groups are overwhelming in their sheer numbers. Instead of deploying “Weapons of Mass Destruction,” these groups attack using the “Weapons of Mass Computers.” A stark example is the September 11, 2001 attack on New York City in which terrorists played on the weaknesses within the air transportation system and global policies to strike down computer networks as well as cause physical destruction.
As large and foreboding as the threat of Asymmetric Cyber warfare is, there are ways to defend against it. That will be the topic of our next article.
Ravi Das is a Cybersecurity Consultant and Business Development Specialist. He also does Cybersecurity Consulting through his private practice, RaviDas Tech, Inc. He also possesses the Certified in Cybersecurity (CC) cert from the ISC2.