On February 24, 2022, the day of the Russian invasion of Ukraine, there was a simultaneous hacker attack on a satellite that caused disruptions in thousands of wind turbines in Germany. Experts have long warned of cyberattacks on Germany’s critical infrastructure. For this reason, we would like to explain terms such as cyber war, information war or hacking and why cyber attacks are a serious security problem. 
Cyberattack, Information Warfare & Hacking – What is it?
<< Cyber war is, on the one hand, the warlike confrontation in and around virtual space, cyberspace, with means predominantly from the field of information technology. On the other hand, cyber war refers to the highly technical forms of war in the information age, which are based on extensive computerization, electronization and networking of almost all military areas and concerns. >>Source: Wikipedia
The term cyber war has existed since the 1990s and represents the generic term for the topic area of digital warfare. In addition to digital attacks, targeted attacks on technical devices and hardware are often mentioned, such as the destruction of satellite or connection networks.
Information warfare, on the other hand, aims at manipulating the available information and is far older than the concept of cyber war. As early as the early 20th century (and beyond), media were deliberately manipulated and propaganda was carried out in order to influence public opinion in one’s own interests. In recent years in particular, some states have deliberately spread false information (fake news) on social media, especially via fake profiles (social bots), in order to manipulate the population at home and/or abroad by means of psychological warfare. In this context, we should also mention so-called deepfakes, i.e. media content that looks real but is fake, which is becoming more and more technically sophisticated and is therefore increasingly being used.
Hacking is a versatile term in information technology. Although the term can simply stand for a way of solving problems, in the context of cybersecurity it refers to infiltrating a computer system from the outside by identifying security vulnerabilities and overcoming the corresponding mechanisms.
Information warfare and hacking are thus each possible concrete manifestations of an overarching cyberwar.
Methods of Cyber War
The methods and operations that fall under the umbrella term “cyberwar” are not entirely sharply defined. However, they generally include:
- Espionage, i.e. the acquisition of information through unnoticed intrusion (and persistence) in foreign systems. Here, processes, data streams and files can be tapped and evaluated by the attackers or even searched for further vulnerabilities.
- Disabling IT infrastructure and the operations it supports. This can happen either through attacks from the outside, e.g., via denial-of-service or distributed denial-of-service attacks and even physical attacks on IT infrastructure, or through disruption “from the inside” with previously introduced software, for example, a Trojan.
- The takeover of servers and end devices, for example, to spread false information or other propaganda via official channels of the attacked parties (so-called “defacement”) or to abuse them for further attacks (e.g. bot networks and DDoS attacks already mentioned).
These methods cannot usually be separated in their application, but are often used in coordination with each other. With the exception of physical attacks on data centers or other IT infrastructure, both “take-down” and take-over depend on the prior discovery of a wide variety of vulnerabilities and the infiltration (see: “espionage”) that builds on them. [2, 3, 4]
The takeover of a large number of (also private) devices in the target area or distributed all over the world, on the other hand, can be used for DDoS attacks of critical infrastructure or infromation platforms and thus also disguises the origin of the actual attack. [2, 3, 4]
Whether a technical problem is related to a targeted attack on IT infrastructure, and even more so by whom, can often not be fully clarified and is therefore mostly based on estimates by the intelligence services or even only on conjecture. During the infiltration of devices, false trails can be left behind in order to complicate the reconnaissance efforts afterwards or to blame the attacks on other actors. [2, 3, 4]
The Situation in Germany
Germany is one of the countries most affected by cyberattacks. Last year, according to a Bitkom study, almost 90% of companies in Germany fell victim to cyberattacks, resulting in total damage of 223 billion euros – and rising. Political institutions, above all ministries and the German Bundestag, also regularly fall victim to state and non-state hacker groups. 
It is therefore clear that companies as well as private individuals and public authorities must not underestimate the danger posed by attacks in the digital space. In its digital security strategy, the German government is therefore pursuing a comprehensive approach consisting of prevention, private-public cyber partnerships, international cooperation and expansion of the digital security infrastructure. In particular, the Federal Ministry of the Interior and the Federal Ministry of Defense (and subordinate agencies to them) are responsible for digital security in Germany in this context. [6, 7]
Not least because of the changed security situation in Europe, the risk of cyberattacks on institutions, companies and individuals in Germany is rising steadily despite these efforts. In addition to increased efforts by the security authorities, it is important that companies minimize their risk of attack by investing appropriately in cybersecurity, while at the same time raising awareness of the issue in our society. We have already dedicated ourselves to the topic of data security and possible recommendations for action in the past in a detailed article in our blog.
- Wilkens, Andreas (2022): Satelliten-Störung: Tausende Windräder nicht steuerbar. Online unter: https://www.heise.de/news/Satelliten-Stoerung-Tausende-Windraeder-nicht-steuerbar-6529189.html [01.03.2022].
- Stephen Northcutt et al. (2006): Penetration Testing: Assessing Your Overall Security Before Attackers Do. SANS Analyst Program. URL: http://i.zdnet.com/whitepapers/core_PenetrationTesting_June2006.pdf
- Beiersmann, Stefan (2016): Internationale Atomenergiebehörde – Cyberangriff störte Betrieb eines Atomkraftwerks. Online unter: https://www.zdnet.de/88280549/internationale-atomenergiebehoerde-cyberangriff-stoerte-betrieb-eines-atomkraftwerks/ [11.10.2016]
- Scherschel, Fabian (2017): Alles, was wir bisher über den Petya/NotPetya-Ausbruch wissen. Online unter: https://www.heise.de/security/meldung/Alles-was-wir-bisher-ueber-den-Petya-NotPetya-Ausbruch-wissen-3757607.html [28.06.2017]
- Bitkom (2021): Wirtschaftsschutz 2021. Online unter: https://www.bitkom.org/sites/default/files/2021-08/bitkom-slides-wirtschaftsschutz-cybercrime-05-08-2021.pdf [05.08.2021].
- Bundesministerium der Verteidigung (2021): Cybersicherheit. Online unter: https://www.bmvg.de/de/themen/cybersicherheit [16.03.2021].
- Herrmann, Manuel (2018): Cybersicherheit in Deutschland – Wie sind die Zuständigkeiten von BSI und Co.? Online unter: https://www.hornetsecurity.com/de/security-informationen/cybersicherheit-in-deutschland/?_adin=11165797364 [10.08.2018].