What is cyberwar? State-on-state conflicts intensify

Anton P. | July 27, 2022

Cyberwar refers to devastating cyberattacks or hacking attempts from one country to another to distort its computer systems. The means to obstruct digital operations usually target critical infrastructures. For instance, it could attack government websites and databases or aim to cause power grid outages. 

So, cyberwar refers to invisible warfare, with troops getting replaced with cunning hackers. Unfortunately, modern history depicts the dangers of international conflicts in cyberspace. Let’s see just what cyberwar entails and its risks to the world. 

What is cyberwar? State-on-state conflicts intensify

What is cyberwar?

Cyberwar or cyberwarfare is the usage of computer technologies to harm an organization or country. So, it is a state-on-state conflict, with one or both sides striking their opponents via virtual means. 

Attackers could implement various attacks, from Distributed Denial of Service, ransomware to killware. Such strategies can cease critical operations, like water supply or electricity. In other cases, sensitive information might be the goal, with attackers planting spyware to surveil enemies. 

So, cyberwar represents the new digital battlefield, with attacks capable of stealthily passing borders. It is a horrifying phenomenon when invisible enemies can disrupt vital services and lead to the deaths of innocent people. 

The division of cyberspace: where attacks occur

Cyberspace consists of three significant layers that can become targets during cyberwar: 

  • Hardware. This layer consists of physical components like devices, servers, cables, or other equipment. 
  • Software. It is the applications and operating systems sending commands and performing actions. 
  • Human interaction. This layer refers to how people use and understand the information presented. 

One goal of cyberwar could be to use physical means like traditional weapons to disrupt the hardware. However, digital infections like malware, trojans, spyware, and worms could target systems. Thus, attacks against the second layer aim to infiltrate, corrupt, or destroy software.

Finally, strikes against the third layer refer to means of manipulating human behavior. Social engineering plays an important role here, like sending phishing emails to extract inside information or financial gains. 

Cyberwar vs. cyber espionage 

Cyberwar is not the same as cyber espionage. There is a link between these two terms. However, cyber espionage is usually a longer affair, and its motives differ. For instance, its goal is to retrieve confidential information. 

Thus, it can be an activity preceding cyberwar. Countries could gain intel before executing attacks aimed at regions’ infrastructures. It is the main difference between cyber espionage and cyberwar. The latter aims to cause damage, outages, and is somewhat military. 

What are the types of cyberwarfare? 

It takes a lot for digital attacks to mutate into cyberwars. However, traces of harmful actions against particular countries have gradually emerged since 2007. At that time, Estonia had decided to relocate a Soviet war memorial. Soon after, a series of cyberattacks followed, pushing banks and government services offline. 

Russian hackers were the alleged culprits, although Russian authorities claimed no responsibility. While the attack against Estonia mitigated damages, it showcased the potential of likely state-on-state attacks. 


Deceptive emails, phone calls, or messages could hope to extract sensitive information from victims. Spear phishing is a possible type during cyberwar, meaning fake emails get customized. So, it could target officials or employees with access to confidential documents.

Spyware and malware

Software capable of logging keystrokes, secretly enabling microphones, or snatching files is highly dangerous. For instance, Pegasus spyware is one surveillance tool involved in many controversies. Accusations depict the suspicions of European countries using Pegasus. In other cases, investigations revealed high-profile victims like Spain’s prime minister and defense minister. So, snooping on countries and their official affairs is possible during cyberwar. 


File-encrypting viruses are nothing new. However, nation-state hacking stands on a different level. Instead of hoping to receive ransom, countries can release ransomware with the sole goal of destruction. So, nation-backed ransomware campaigns are incredibly dangerous, capable of pushing systems and services offline. WannaCry is an unfortunate example of ransomware supported by North Korea. 

DDoS attacks

Distributed Denial of Service attacks means that hundreds or thousands of zombified devices flood services with bogus traffic. The aim here is to push a target offline when it renders incapable of dealing with each request. For instance, Italy reported DDoS attacks during the Eurovision Song Contest 2022, likely aimed at stopping the broadcast. 

Vulnerability exploitation

Zero-day vulnerabilities could be the means used to corrupt devices. Government or military facilities might still rely on outdated Windows versions, like Windows XP. So, cyberwar could take advantage of systems with flaws or lack of support. 

Misinformation, fake news, propaganda

Cyberwar showcases countries’ ability to spin particular events and block access to opponents’ media. Public opinion is crucial, and propaganda forcefully pushes specific values and ideas. In fact, an information war can be just as dangerous as malware or bombs. 

Examples of cyberwar incidents

Cyberwar is no longer a hypothetical boogeyman. Recent news marks the new age of conflict, with weaponized computers wreaking havoc on their targets. 

Let’s investigate several state-supported campaigns that prove how vicious these attacks can be. 

Cyberwar between Israel and Iran 

Cyberwar has one significant feature. It is a stealthy battle, with governments refusing to take responsibility for their actions. Therefore, the public admissions and discussions from Israel and Iran are unusual. However, while they have begun taking credit, their conflict has been around for years. Here are some notable incidents from 2020 alone: 

  • Iran-linked hackers compromised Israel’s water and sewage infrastructure to sabotage water supplies. 
  • Israel-linked perpetrators attacked Shahid Rajaee port terminal. 
  • Iran-linked attackers struck a hosting company from Israel, leaking users’ data as a result. 
  • Israel-linked hackers interfered with the operation of gas stations located in Iran. 

So, the cyberwar between Israel and Iran is incredibly active. Both sides initiate attacks on critical infrastructure and disrupt civilian life. 

Cyberwar between Russia and Ukraine 

Cyberwar can accompany traditional combat on the battlefield. Tensions between Russia and Ukraine have been boiling since February 24, 2022, when Russian troops invaded Ukraine. However, cyberwar began way before this date. 

Ukraine’s officials claim that Russian aggression in the digital form began as early as 2014. Nevertheless, Russia never took credit for any of the attacks. The allegations against the country include defacement of websites, ransomware, malware, DDoS attacks, and more. Attacks on Belarus have also greatly intensified.

Cyberwar between China and India

The tension between China and India over the Aksai Chin region has been prevalent since the 1960s. The cyberwar between these two countries has resulted in attacks against various institutions. For instance, they hit hospitals, power control systems, banks, government facilities, and military enterprises. 

However, China is a powerful opponent in multiple conflicts. Allegedly, its state-sponsored attacks extend to Ukraine, the USA, Taiwan, and the UK. 

What is the point of information cyberwar? 

Cyberwar also exploits and misrepresents information. For instance, experts call Russia’s approach to propaganda the firehose of falsehood. Essentially, it represents the various channels the government uses to spread spun truths or outright lies. 

However, similar approaches to media are nothing new. China is masterful at gaining support from its people by strictly controlling the available information. Thus, media outlets become tools to push specific ideas and values or identify enemies.  

Cyberwar puts people’s data and lives in danger 

Sadly, cyberwar can drastically affect the lives of innocent people. For instance, power outages or water supply cuts are one of the most devastating consequences. So, the tensions between governments drip into civilian life, offline and online. 

Here are some tips for staying safe during these uncertain times: 

  • Update your operating systems and software to mitigate vulnerabilities. 
  • Use a unique and complicated password for every account. 
  • Regularly scan the web to find whether your personal information is safe.
  • Apply two-factor authentication to prevent account takeovers. 
  • Install appropriate antivirus tools to detect and remove digital viruses. 
  • Back up important digital files and documents. 
  • Use a VPN to protect your internet connections and digital data.
Browse safely & anonymously with a VPN

Browse safely & anonymously with a VPN

Encrypt your internet traffic and defend against online snooping, hackers, governments, or ISPs.
Anton P.

Anton P.

Former chef and the head of Atlas VPN blog team. He's an experienced cybersecurity expert with a background of technical content writing.


malwarecyberattackscyber espionage

© 2023 Atlas VPN. All rights reserved.