WASHINGTON — Ask finance ministers and central bankers around the world about their worst nightmare and the answer is almost always the same: Sometime soon the North Koreans or the Russians will improve on the two huge cyberattacks they pulled off last year. One temporarily crippled the British health care system and the other devastated Ukraine before rippling across the world, disrupting shipping and shutting factories — a billion-dollar cyberattack the White House called “the most destructive and costly in history.”

The fact that no intelligence agency saw either attack coming — and that countries were so fumbling in their responses — led a group of finance ministers to simulate a similar attack that shut down financial markets and froze global transactions. By several accounts, it quickly spun into farce: No one wanted to admit how much damage could be done or how helpless they would be to deter it.

Cyberattacks have been around for two decades, appearing in plotlines from “Die Hard” movies to the new novel by Bill Clinton and James Patterson. But in the real world, something has changed since 2008, when the United States and Israel mounted the most sophisticated cyberattack in history on Iran’s nuclear program, temporarily crippling it in hopes of forcing Iran to the bargaining table. (The two countries never acknowledged responsibility for the attack.)

As President Barack Obama once feared, a cyberarms race of historic but hidden proportions has taken off. In less than a decade, the sophistication of cyberweapons has so improved that many of the attacks that once shocked us — like the denial-of-service attacks Iran mounted against Bank of America, JPMorgan Chase and other banks in 2012, or North Korea’s hacking of Sony in 2014 — look like tiny skirmishes compared with the daily cybercombat of today.