• United States




State-sponsored cyberattacks are now the preferred method of warfare

Oct 30, 20173 mins

Cyber is now cheaper, faster and easier than traditional conflict.

cyber warfare war
Credit: Thinkstock

If you ask around the industry, nearly every cybersecurity expert believes it’s only a matter of time before U.S. infrastructure is the target of a massive cyberattack. The energy sector has already seen major threats and the next dangerous attack won’t be far behind. Why? Put simply, cyber is the new battleground for cross-state conflict. There are a few reasons that this situation has evolved to this point: growing dependence on technology, growing challenges in protecting technology, and the attractiveness of cyber warfare. These issues have existed for years, but they’re independently hitting critical mass at the same time, converging into a “perfect storm” situation.

Our society’s technology dependency has created a high-value target

First and perhaps most importantly, the level of dependence on technology has grown dramatically in the last 10 to 15 years. Almost every part of our society—defense, finance, healthcare, education, government, critical infrastructure, etc.—is almost completely dependent on technology. This is the “plight” (note the explicit quotes) of technologically advanced nations. Some functions have become so technology-driven that there is no going back to non-technology-driven methods. Many of these systems also interact, meaning that a failure of one impacts a larger ecosystem of societal functions. We’ve become so dependent on technology that it’s now a bright, shiny target for those who would seek to do us harm.

Our growing struggle to protect our technology makes it a progressively easier target

Secondly, it’s becoming increasingly difficult to protect the technology that we depend upon so heavily. As compared to 20, 10, or even five years ago, there is more technology in more places than ever—and it all needs to be protected. The technologies themselves are also more varied, meaning a broader set of security skills and operations are needed.

For example, 15 years ago there wasn’t the same level of mobile and cloud technology—these are net-new technologies with their own unique issues and protection requirements. IoT and wearables are right around the corner. And as we’ve reported on in the past, there is a frightening shortage of talent with developed cybersecurity skills and experience, and an even more frightening lack of education programs to develop the talent we need. To sum it up, there’s more technology of more varied types, and not nearly enough skilled talent to protect it all—which makes our technology dependence a weak spot.

Cyber warfare is now cheaper, faster and less gruesome than traditional warfare

The final point is that cyber warfare has become an attractive option for states or other entities attempting to inflict damage on an adversary. In the past ten years or so, the base of available cyber “weapons” (e.g. weaponized exploits) has grown to a critical mass, allowing sophisticated, coordinated attacks to be constructed and executed. A robust underground marketplace for these weaponized exploits—often zero-day—has evolved in recent years. This has created the digital analog to the arms race. Nations have also developed cyberwarfare capabilities within their militaries to a point where meaningfully impactful cyberwarfare can be executed.

Now that the “armies” and “weapons” have been amassed, full-scale cyber warfare is possible. When comparing the risks (political, economic, human risk, failure risks), costs (human, economic), speed, and scalability of traditional warfare to cyber warfare, the latter is an extremely attractive choice for those who might seek to do the U.S. harm.


Carson Sweet is co-founder and chief technology officer for CloudPassage. As founding CEO, Carson led the team that created Halo, the patented security platform that changes the way enterprises achieve infrastructure protection and compliance.

Carson’s information security career spans three decades and includes a broad range of entrepreneurial, management and hands-on technology experience. Carson and his teams have created groundbreaking security solutions across a range of industries and public sectors, with heavy focus on financial services, federal government, and high-tech.

Carson focuses on long-term product, technology, and business strategy as CloudPassage expands market share through existing and emerging cloud security solutions. He also serves as chairman of the CloudPassage board of directors.

The opinions expressed in this blog are those of Carson Sweet and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.