Tuesday, July 14, 2009

On definitions

A big problem in the field of cyber is the lack of commonly agreed definitions. I think cyber war and cyber terrorism are the worst, each having numerous conflicting definitions. So, in order to clarify my own thoughts, here is my attempt to pin down the meaning of some popular phrases in the context of national security:
  • cyber attack - malicious use of information systems in order to influence the information, systems, processes, actions or decisions of the target without their consent,
  • cyber conflict - a confrontation between two or more parties, where at least one party uses cyber attacks against the other(s),
  • cyber war - a cyber conflict between state actors, where the critical information infrastructure is attacked,
  • cyber terrorism - a cyber conflict where one party is using cyber attacks to cause fear, physical damage, and/or death among the civilian population of the other party.
Note that information collection, an activity usually limited to espionage, intelligence gathering and crime, is not included in the cyber attack definition. [TO DO: better explanation of the concept]

I am sure these definitions will change as my understanding of the topic grows.


  1. cyber attack -
    Is it malicious if it's the good guys? ;)
    Not influence information, systems, but alter

    cyber conflict -
    all conflicts now have a cyber dimension!

    cyber war -
    I think that all future wars will be a mixture of cyber and non-cyber attack and defense, with difficulty in drawing the line where each type begins and ends

  2. Malicious refers to the intent of the attack - "good guys" with an intent to damage the systems of the "bad guys" are still malicious towards the system. "Good guys" hired to do pen-testing on your network are not malicious. However, you have a good point in that I need to clarify what I mean. I will look into that.

    I would dispute the second point - I am not convinced that all conflicts have to have a cyber component. They are becoming more frequent and wide spread, however.

    As for the last point - consider that one way to fight a war in the future would be cyber only, without any conventional force engagements. Alternatively, cyber may not be part of the war, if both sides are technologically backward.

  3. cyber terrorism - where one party is using cyber environment to assure success in terrorist attacks.

    The use of information technology by terrorist groups and individuals to further their agenda.


  4. Jyri,

    The problem with these definitions is that they are both too wide. The following activities would fit under these definitions:

    * [terrorists] communicating via e-mail
    * [terrorists] using a web search engine to find the address of a government agency
    * [terrorists] navigating the city streets with the help of GPS

    I am not willing to include these things under cyber terrorism. That would mean that using boots and cars and duct tape should be included in the definition of terrorism. But maybe that is just me.