A Hamas cyberattack against Israel was stopped with military force for the first recorded time in cyber warfare. The decisive and deadly retaliation gained notice primarily for being enacted during the commission of an ongoing cyberthreat rather than being performed as a response after an attack. Israel has been a global leader in militarized cyber capabilities for some time now, but for technological and political reasons intervention against cyberattacks has not crossed into the physical realm until now. The Israel-Palestine conflict has many troubling aspects as a possible forerunner of military doctrine, but established guidance from NATO and current global espionage activities indicate that it is too soon to draw major conclusions about future indications.
The Israeli military reported that the several-day conflict began when an Islamic Jihad sniper wounded soldiers on patrol. Rocket attacks then fired from Gaza were met with Israeli air strikes. Israeli Defense Force reporting stated the Hamas cyberattack was launched on Saturday, May 4 and that the building housing the Hamas operatives committing the attack was targeted with an airstrike after the online portion of the hack had been halted. The specific target and nature of the cyberattack have not been clarified by the IDF.
Cyberthreats vary widely in their sophistication, damage, and required technical acumen. Sophisticated computer processors, security software, and networking technologies are not normally penetrable by amateurs. Lone-wolf actors possessing cleverness, time, and commonly available tools are nonetheless able to harm less robustly-defended targets. Many of the most potent tools underpinning major cyberattacks have their origins in government-crafted exploits used for espionage or intelligence gathering that are openly publicized or intercepted by rival actors. Large-scale cyberattacks are predominantly the domain of skilled professionals and long development cycles.
NATO declared that cyberattacks fall under the domain of military threats in 2016, meaning that proportional response by the coalition in the physical space could follow an attack in the purely digital realm. The United States killed ISIS hacker Junaid Hussain with a drone strike in 2015 after the target exposed personal information about US soldiers on Twitter. Major nations such as Russia, the US, France, and Vietnam include digital attack and defense capabilities in their military arsenals. Back-and-forth hacking for intelligence gathering and theft has frequently occurred but cyberattacks between major powers on the level of total warfare have not yet been observed. Some of the most damaging attacks on infrastructure were accomplished by Russian cyber forces during the incursion into Ukraine, but these attacks did not incite major retaliation.
The current global economic and political climate is highly unfavorable to large militarized actors engaging in hostilities against one another. There is nothing gained and a great deal lost from engaging in military or political maneuvers that isolate or antagonize major trading partners and hinder access to markets or resources. Cyber espionage is a daily occurrence that costs billions for large firms and commonly compromises the information of citizens, but this rarely crosses into the lives of the public aside from news reports. Large forces like global corporations or governments have incredible redundancy and while malicious activity is certainly concerning, the stability of hacking and hacking-back has become a norm for cyberdefense at the state level.
Smaller actors like terrorist groups, political activists, and revolutionaries can magnify their impact with the skilled use of cyberattacks. They can threaten exposed actors like corporations or they can publicize incendiary information that governments seek to hide. The most potentially troubling implication of the IDF air strike may be the increased willingness of larger actors to physically deal with more political rivals that rely on digital means to strike more powerful opponents.
Mutual retaliation makes open attack between major powers an unlikely response to cyberattacks, but with authoritarian movements on the rise, the normalization of force against rebels and activists may become a norm. Disproportional capabilities could previously be somewhat addressed with the actions of cyberwarfare. Now, new political realities may place a great many more people in physical as well as legal danger. We will have to observe how this dynamic evolves in the future.
