Skip to main content

What risks does a cyberwar entail?

Researchers contextualise current developments and the background circumstances of the Ukraine war. Part 6: IT security expert Professor Stefan Katzenbeisser about the very real consequences of a virtual war and the question of whether our infrastructure is adequately protected.

Prof. Dr. Stefan Katzenbeisser

Professor Stefan Katzenbeisser

researches cyber security and technical data protection

How can critical infrastructures in a networked world be protected against cyber attacks?

How can critical infrastructures in a networked world be protected against cyber attacks?

Professor Stefan Katzenbeisser holds the Chair of Computer Engineering at the University of Passau. He conducts research on cyber security in embedded systems, on secure critical infrastructures and on technical data protection. He is spokesperson of the new research cluster "ForDaySec - Security in everyday digitalisation", which is funded by the Bavarian Science Ministry and where researchers from computer science, law and sociology have come together to develop new types of technical procedures to provide security in day-to-day digital life. Besides participating in research projects on secure mobility, he is also involved in the research initiative "6G Research and Innovation Cluster (6G-RIC)" which is coordinated by Fraunhofer HHI and aims to develop mobile telecommunication systems of the sixth generation by pushing back the limits of technology.

I would call much of what the media labels as cyberwar, like the Anonymous campaigns, digital protest. Not every cyberattack should be considered the onset of a cyberwar. I would use the term very cautiously as well. Because it can have devastating consequences for all those involved. To me, the risk is that a "real" cyberwar will dramatically affect the civilian population.

The development of the malicious computer worm Stuxnet in 2010 is frequently thought to mark the beginning of the cyberwar era. The US and Israel allegedly developed this malware to damage Iran's nuclear programme. What made this so special for IT security experts like me was that it's a cyber weapon which operates completely autonomously. Finally, the situation we had always been warning about had occurred. The military considers this first actual application to have been quite a success, even if the development costs are thought to have been exorbitantly high. Also, there was hardly any collateral damage.

But that's exactly what's so problematic about cyberwar and makes it so very dangerous. It is near impossible to distinguish civilian from military targets. Cyberwar revolves around just one question: How do I hit my enemy so that he can no longer wage war? Hence, it's about mounting targeted attacks on critical infrastructure, including electricity networks, the public administration, telecommunications, traffic and transport. And when you do that, it doesn't take much for the situation to deteriorate and the civilian population to be hit hard.

Many operators have yet to implement basic IT security requirements and enable their systems to identify attacks in the first place

Professor Stefan Katzenbeisser

Attribution is another problem. It becomes difficult to determine who carried out the initial attack. The attackers have an easy time erasing their footprints and setting people on the wrong track. It doesn't take much to conduct asymmetric attacks, which means that small groups can cause enormous damage.

So protecting critical infrastructures is essential. To my mind, Western countries are not taking this seriously enough. From what I've seen, security levels vary significantly. For historical reasons, power utilities are somewhat ahead of the crowd. Other infrastructures, including those in telecommunications or healthcare, still have a long way to go. Many operators have yet to implement basic IT security requirements and enable their systems to identify attacks in the first place. There have been cases where attackers were able to move around in a system for months without being spotted.

Protecting an entire system is much more difficult than carrying out individual attacks. Unlike the attacker, the defender has to get it right every time and thwart all the attacks. There are still lots of loopholes in many different areas and this makes the systems so vulnerable.

The measures taken by the European Union in terms of cybersecurity are patchy. The EU should develop joint standards and pool best practices. But it is really for the individual operator of a critical infrastructure to do the actual work and ensure actual implementation."

What are your questions regarding the attack on Ukraine? Write us: frag-die-wissenschaft@uni-passau.de - We'll forward your questions and publish answers provided by researchers here as soon as we can

To the topic page

Unabhängigkeitsdenkmal der Ukraine auf dem Majdan Nesaleschnosti in Kiew. Foto: Adobe Stock

Digital propaganda, Putin's view of history, fake news: All assessments by Passau researchers on the background and current developments in the Ukraine war.

Statement of the President

In a video message, President Ulrich Bartosch is outlining the University's response to the war and explains the aid initiatives and options for action the University Executive is currently exploring.

Playing the video will send your IP address to an external server.

Show video