The Weak Link

Offensive cyber operations are shaping the battlefield without crossing borders

Antara Jha

In the evolving landscape of international conflict, cyber operations have emerged as powerful instruments that states wield long before and sometimes without ever crossing traditional borders with tanks or troops. Far from being abstract digital nuisances, these operations can disable critical infrastructure, shape adversary decision-making, and fundamentally redefine the notions of escalation, coercion, and deterrence. They are integral to modern hybrid warfare strategies, offering a spectrum of effects ranging from subtle espionage and disruption to near-physical damage to essential systems.

The focus of this article is to explore how cyber operations are strategically sequenced to prepare battlefields, weaken adversaries, and influence the trajectory of conflicts without kinetic violence; to examine real world examples of cyber escalation and de-escalation; and to reflect on lessons that rising powers like India must assimilate to protect national infrastructure. All assertions here are grounded in verified research and documented incidents.

Strategic Logic of Digital Preparation

Military strategists have long understood that successful invasions require meticulous preparation of the operational environment. Historically, this preparation involved reconnaissance flights, sabotage operations, and propaganda campaigns aimed at weakening an adversary before the first shot was fired. Cyber operations have revolutionised this concept, allowing states to conduct extensive preparations that would have been impossible or prohibitively risky in previous eras. The fundamental advantage lies in the ability to position capabilities within an adversary’s most critical systems years before any contemplated military action, creating what intelligence professionals call “pre-positioned access.”

The strategic sequencing of cyber-attacks against communications infrastructure, electrical grids, and logistics networks follows a carefully orchestrated timeline that maximises disruption while minimising the defender’s ability to respond effectively. Unlike conventional military preparations that involve visible troop movements, equipment positioning, and logistical buildup that intelligence agencies can detect and analyse, cyber preparations occur silently within the digital architecture of the target nation. This invisibility provides attackers with the element of surprise even when the broader geopolitical tensions suggest conflict may be imminent.

When hostilities appear inevitable, the activation of pre-positioned cyber capabilities can create cascading failures across multiple infrastructure sectors simultaneously. A successful attack on electricity distribution systems does not merely leave cities in darkness; it triggers a domino effect that cripples water treatment facilities unable to power their pumps and filtration systems, disables hospital ventilators and medical equipment, halts the refrigeration systems storing medicines and blood supplies, paralyses transportation networks dependent on electric railways and traffic management systems, and crashes financial networks unable to process transactions or maintain trading systems. This interconnectedness, while creating tremendous efficiencies during peacetime, becomes a profound vulnerability during conflict.

Digital Preludes to Kinetic War

In traditional paradigms of war, forces mobilise physically, amassing personnel, equipment, and firepower. In the 21st century, that mobilisation increasingly has a digital precursor. Sophisticated cyber operations often precede or accompany conventional military actions with the aim to blind, confuse, or degrade an adversary’s ability to respond effectively. Rather than simply stealing data, modern cyber tools can sever communications, disrupt power grids, and fracture logistical networks that armies depend on.

A stark example occurred in the days surrounding Russia’s full-scale invasion of Ukraine in February 2022. In the early hours of February 24, Russian cyber units launched a damaging attack on the Viasat KA-SAT satellite internet network using the AcidRain wiper malware, disabling tens of thousands of satellite communications terminals used by Ukrainian forces. This cyberattacks coincided with the conventional invasion, directly degrading Ukraine’s ability to command and control forces just as the physical assault began.

Earlier Russian campaigns also illustrate this synergy: the 2015 Ukrainian power grid hack by the state-linked Sandworm group disrupted electricity to hundreds of thousands of consumers, revealing how pre-positioned malicious access and command control software can bring down physical infrastructure. 

These incidents demonstrate a crucial characteristic of modern cyber operations: they are not random or opportunistic but sequenced intentionally. Disabling communications can precede kinetic manoeuvres; disabling energy and water systems can induce confusion and societal strain that erodes resistance before ground or air operations begin.

Disrupting Interconnected Systems

In highly digitised societies, critical infrastructure sectors are tightly interconnected. Power grids support water treatment, healthcare, transportation, and financial networks; communications technologies support emergency responses and civilian coordination. This interconnectedness is precisely what makes modern states vulnerable to cascading disruptions from a single point of failure.

The 2015 Ukraine power grid attack exemplified this. Once BlackEnergy malware compromised utility networks, it allowed attackers to remotely open substations, disable supervisory control systems, and trigger denial-of-service conditions that left essential services momentarily offline. At the same time, attackers targeted call centres, preventing consumers from accessing reliable outage information.

The systemic consequences of similar operations were underscored by the NotPetya campaign in 2017, where destructive malware aimed at Ukrainian financial and state infrastructures spread globally, crashing systems across transport, logistics, and manufacturing sectors and resulting in billions of dollars in economic loss. Such dynamics illustrate how digital attacks even when not intended as purely mili