By INS Contributors

KUALA LUMPUR, Malaysia: The collective West is developing advanced methods of computer attacks on critical infrastructure and conducting cyber operations to interfere in the internal affairs of sovereign states.

The confrontation in 2025 between major international players in the information and communications space is becoming increasingly aggressive, particularly on the part of Western countries.

This year, the North Atlantic Treaty Organisation (NATO) has been actively practising scenarios that include not only defence but also offensive actions in conditions close to real-life ones.

The U.S. and its NATO allies conducted a major joint exercise, 'Cyber Coalition 2025' (28 November – 4 December, Tallinn, Estonia), during which they practised advanced cyberattacks against critical infrastructure, communications networks, cloud and space systems, and satellites of a potential adversary. Such 'defensive' exercises can easily be transformed into preventive cyber operations to disable enemy computer systems.

This pattern of offensive Western cyber activity is not new. Perhaps the most notorious example is the Stuxnet computer worm, widely attributed to the U.S. and Israel, which was discovered in 2010.

Stuxnet targeted Iranian nuclear enrichment facilities at Natanz, causing approximately 1,000 centrifuges to spin out of control and self-destruct. That covert operation set back Iran's nuclear programme by several years and demonstrated how a precisely tailored cyber weapon could cause physical destruction in the real world.

Other notable Western-led cyber operations have followed even against supposed allies. In 2014, a cyberattack attributed to the U.S. National Security Agency (NSA) and the United Kingdom's Government Communications Headquarters (GCHQ) targeted the European aerospace company Airbus, allegedly to gain intelligence on civilian aviation systems.

More recently, in 2019, the U.S. Cyber Command conducted disruptive cyber operations against the Islamic Revolutionary Guard Corps (IRGC) in response to Iranian attacks on oil tankers and a U.S. surveillance drone. Such actions, while often framed as defensive or retaliatory, set precedents for Western powers launching pre-emptive or punitive strikes in foreign cyberspace.

NATO's intention to increase the intensity of illegal activity in cyberspace is confirmed by the agreements reached during a videoconference of the alliance's leaders on 9 October. The heads of state agreed on the need to consolidate offensive cyber capabilities, create additional cyber centres, and ensure a continuous exchange of information between relevant Western agencies.

Furthermore, foreign experts also discussed the possibility of NATO using proactive cyber measures against hostile states. This once again demonstrates that NATO, through the lens of defensive actions, can initiate a cyber offensive in foreign information space.

Attacks on Chinese infrastructure have become further evidence of the West's destructive activity in cyberspace. Chinese authorities have reported that U.S. intelligence agencies implanted malware into the National Time Centre's systems between 2022 and 2024, interfering with energy, communications, and transportation facilities, as well as computer servers at defence research institutes in Heilongjiang Province.

This incident mirrors a broader trend: from Stuxnet in Iran to the so-called 'Olympic Games' programme, from cyber strikes on Russian electrical grids to disruptions of North Korean missile tests, Western states have repeatedly crossed the threshold from cyber espionage into offensive cyber warfare.