War occurs when states seek goals that clash with the goals of other states and choose to pursue them through violent means.
Cyberwarfare is the attack of another nation’s computer systems with the final goal of damaging or disrupting their infrastructure or warfighting capabilities.
Cyberwarfare is performed in cyberspace. Targets often include computing systems that support critical infrastructure such as power stations, dams, and pipelines. Attackers attempt to gain control of these systems or disable them with the goal of disrupting the target nation’s warfighting capability and to achieve their political goals.
Clear examples of cyberwarfare include the Stuxnet virus that damaged Iranian nuclear energy infrastructure and attacks on Ukrainian and Russian critical infrastructure as part of the ongoing Russo-Ukrainian conflict. Another potential example includes the “Colonial Pipeline Hack” that shutdown critical energy infrastructure on the U.S. east coast. It isn’t completely clear if the attack was state sponsored.
What is Cyber Espionage?
Before we define cyberespionage, we must define espionage. Espionage is the activity of spying on an entity (a state or organization) with the objective of obtaining restricted information.
Cyber espionage is simply espionage performed in cyberspace. Espionage is often referred to as "the world’s second oldest profession”, the first being prostitution. As technology has progressed, so has the profession.
An example of cyberespionage includes a foreign government hacking into a large defense contractor to gain access to Top Secret information such as blueprints for a new fighter jet.
In cyberspace it is often difficult to completely prove which government committed a specific act of cyber espionage. In the cold war era, we would see Soviet and American spies arrested and paraded in front of the cameras, with cyber espionage such spectacles are rare.
The difference between cyberwar and cyber espionage
Cyberwarfare is the attack of another nation’s computer systems with the goal of damaging or disrupting their infrastructure or warfighting capabilities. Cyberespionage is simply spying in cyberspace.
NIST SP 800-171 & CMMC 2.0 - The U.S. Government’s Plan to Protect the Defense Industry
To help protect America’s Defense Industrial Base from cyber-warfare and cyber-espionage the Pentagon is requiring that contractors who work with Controlled Unclassified Information boost their cybersecurity posture. How is this accomplished?
Companies will have to implement 110 security controls, develop a system security plan, plan of action and milestones document as well as provide an assessment score to the Department of Defense. Eventually companies will need to earn a Cybersecurity Maturity Model Certification.
Lake Ridge offers the Compliance Accelerator solution to help companies meet these new requirements.
Quick & Simple
Discover Our Cybersecurity Compliance Solutions:
Whether you need to meet and maintain your compliance requirements, help your clients meet them, or verify supplier compliance we have the expertise and solution for you
NIST SP 800-171 & CMMC Compliance
Become compliant, provide compliance services, or verify partner compliance with NIST SP 800-171 and CMMC requirements.
HIPAA Compliance
Become compliant, provide compliance services, or verify partner compliance with HIPAA security rule requirements.
FAR 52.204-21 Compliance
Become compliant, provide compliance services, or verify partner compliance with FAR 52.204-21 Basic Safeguarding of Covered Contractor Information Systems requirements.
ISO 27001 Compliance
Become compliant, provide compliance services, or verify partner compliance with ISO 27001 requirements.