I don’t think the world has seen this phenomenon yet: a major war, during which both sides use severe repeated hacking attacks on the general computing infrastructure in each nation. But it is inevitable. Every developed nation is highly computerized, and the whole of modern society is particularly dependent on the internet. So when there is an all-out war between or against any developed nation(s), hacking attacks are one irresistible way to fight your opponent.
Recently, a few months ago the WannaCry ransomware attacks were traced back to North Korea. The target was apparently South Korea. But due to the interconnectedness of the worldwide computing infrastructure, the malware quickly spread to over 100 nations, including the U.S. A subsequent ransomware attack, called Petya, which appears to have targeted mainly the Ukraine. But again, it spread to many other nations. These kinds of attacks are mild compared to what would be unleashed during a major war.
When the Stuxnet and Duqu worms were used against the uranium enrichment program in Iran, the world soon discovered that these malwares used a set of previously unknown vulnerabilities and capabilities. The likely designer of this malware: U.S. and Israeli intelligence. So here is an example of the NSA stockpiling cyber warfare tools, and unleashing them when there is a high-value target. The intelligence agencies of the U.S., U.K., Israel, China, Russia, and perhaps other nations likely have a considerable stockpile of cyberwar tools and weapons, unknown to the world at large.
In a major cyber-attack, the internet could become unreliable. Various large and small companies might find their ability to provide goods and services greatly hampered. The general population in many nations could suffer. Many businesses might be closed, due to computing problems. Grocery stores could run out of many foods, since the supply chain is very dependent on computers and the internet. We could see some serious effects in everyday life.
And it doesn’t have to be a war in which the U.S. is directly involved. Once malware hits any nation, it spreads to the world through the internet. But it would be worse if Russia or China were to directly target the U.S. Consider this scenario. We strike North Korea, to end their nuclear threat. China retaliates with cyber warfare, severely afflicting U.S. internet and computing infrastructure. Our economy could suffer. (And the cyberwar would likely be accompanied by a trade war as well.)
It is unlikely that the next major war will strike U.S. soil. But a cyber-attack on U.S. soil is very likely. And the attack could come from a relatively small nation. It used to be the case, with conventional war, that a small nation could not take on a large nation. But with a cyber-attack, those rules go out the window.
What happens if the U.S. proves the victor in the cyberwar? Well, whatever cyber weapons we use can be obtained by the other side, reverse engineered, and eventually used against us. So we can never be confident that our cyber warfare capabilities are supreme.
Infrastructure systems that could be affected by a cyberwar: hospitals, airlines and airports, package and letter delivery, internet, the phone system (mobile and landline), factory machinery, city traffic control, credit and debit payment systems, and more. Almost every major aspect of modern day life could be affected. That is one serious SHTF scenario.