While the brighter side of the information revolution facilitated the human race in connecting more easily and conducting their businesses far more conveniently, the darker side of this revolution has yet to be fully understood. Interventions into the private lives of each person through data monitoring, data collection, data hacking, and using the same against them is one such aspect. From call monitoring to secret video surveillance, manipulating financial transactions to leaking sensitive data, nearly everything can be targeted about an individual’s lifestyle, financial integrity, and personal belongings. Therefore, it is necessary to create awareness about these aspects of cyber security, which has now become an integral element of human security and without which, the national security of any state remains compromised. Information warfare has a long history of misinformation, propaganda campaigns, and deception, but it was never meant to intervene in the personal lives of individuals. However, as soon as we became accustomed to utilising the newly-developed information tools like smartphones, laptops, ATMs, and credit cards, dark web operators also became active to harm and hurt privacy and integrity through these means. The information tools developed to facilitate human beings are now being weaponised and used to hurt individuals, groups, society and even states. People have now become so dependent on the available tools for communication, interaction, sharing information, entertainment, and even financial transactions, that an outage of certain web-based applications for just six hours on October 4 left many rudderless during the blackout across the globe. Unfortunately, lack of awareness and consciousness about online safety and security, especially in Pakistan, for cultural reasons, has compounded the problem of individual data protection and security. In turn, it facilitates dark-web operators to easily target the users of these facilities. While the purpose of smart devices was to achieve better connectivity, they are now fully exploited for hybrid warfare. The same holds for state institutions. Cyber security of state’s functioning has emerged as one of the weakest links and the most serious threats to its national security. This is particularly true for developing countries dependent on developed nations for the provision of hardware and software for their government’s organisational management. The attack on Iran’s nuclear power plant through Stuxnet Worm in June 2010 is just one example of a cyber-attack on sensitive state institutions. Worm attacked and destroyed several centrifuges at the Natanz uranium enrichment facility, as part of the US-Israeli effort to slow down Iranian efforts to develop its alleged nuclear weapons programme. Likewise, recently-discovered Pegasus spyware, developed by an Israeli firm, can be installed in cell phones and other devices for monitoring and recording of data, and activities of users. Pegasus was widely used against prominent political figures around the world by various governments, including the Modi-led BJP government against its political rivals in India. While the rapid development in Information Technology has connected us to the world through “smart” devices. We do not realise that our voluntary acceptance of various web-based applications, which we install on our devices, has placed us at great risk of being monitored, recorded, and even hacked for harmful purposes. In fact, our cell phones act as virtual transmitters even if they are at off position. Whereas the purpose of such inventions was to achieve better connectivity, integration, and networking in the globalised world, they are now fully exploited by the relatively-developed states for 5th Generation Warfare (5GW) or hybrid warfare. It is certainly the responsibility of the state to ensure the cyber security of its citizens, but the task is momentous. The citizens also bear the responsibility to safeguard their sensitive data and devices. In this regard, it is necessary to reduce our dependency on web-based applications, where possible. We need to regularly change our passwords, and avoid carrying cell phones to sensitive places of work. It may also be useful to follow multiple safety/verification mechanisms during online financial transactions. Perhaps, it is also time to enhance awareness about the dangers and threats to cyber security faced by each individual, group, and state institution. While security establishments may have taken the necessary safeguards, it is incumbent upon the state to invest in the indigenous development of the requisite and robust hardware and software to ensure data security of its citizens, especially databases of the financial sector, government functionaries, and utilities. The writer is the author of the book ‘Nuclear Deterrence and Conflict Management Between India and Pakistan’. He is presently working as the Director of the Centre for Aerospace and Security Studies (CASS).