With the rapidly increasing risk and crime associated with the cyberspace, examining the full extent of the risks that cybercrime poses to a nation is an important evaluation to get right. A property almost unique to the cyberspace, it is far easier to go on the offence with cyber attacks than it is to be defensive against such attacks due to how the structure of the internet was born, with little consideration of how entities would exploit the system in order to commit crimes, and due to the anonymity of such criminal activity. As such, it is a large investment of tax money in order to ensure sufficient barriers against cyber attacks, and an important policy to achieve.
Policies are also warped due to how many non-state actors are now able to hinder the activity of nations. With no way of confirming accurately whether an attack originates from a state, such offensive properties are only exemplified, making defensive policies that much harder to enforce. The scale of cyber attacks could also make a nation highly vulnerable, if not on their knees, making the need for cyber defense that much more needed.
However, there are arguments made that such terrible cyberwar is not possible, as all cyber incidents so far have not met all 3 of the “essential criteria” necessary for war: violence, means to an end, and politically charged. While more sophisticated attacks are likely to be highly damaging and disruptive, the difficulty in their execution is far higher, to the point where it blurs the line between cyber attack and physical actions.
Ultimately, the issue of cybersecurity for nations is highly nuanced. While only cybercrimes that target individuals will be the only serious threats from both state and non-state actors, these crimes can target larger organizations and cripple their operations, ranging from governments to large corporations. Different nations may also have differing perspectives on the threat of cyberspace, either due to ideological thoughts or loose connection between the state and the cyberspace.
