Defining the Qualities of Cyber Warfare

Thursday, February 14, 2013

Jarno Limnéll


Cyber warfare is one of the hottest topics currently trending in newsfeeds and, although many are quick to use the term, not everyone fully understands the concept. Cyber warfare is a reality, but the reality of the situation may be far different than many believe.It’s notable that we’re already living in an era of state-led cyber warfare activities, even if most of us aren’t fully aware of it.

The Reality

“We are at the beginning of a new and dangerous era of cyber warfare,” according to the CEO of Kaspersky Lab Eugene Kaspersky, and F-Secure chief research officer Mikko Hypponen. An article in the UK’s TheGuardiansummarized their presentation at the DLD13 conference in Munich, and the summary was not pretty.

The reality is not pretty either. Governments are taking potential threats seriously, with at least 12 of the world’s 15 largest military powers building cyber warfare programs that assess tactics and capabilities that will be critical in any future war. Intelligence sources additionally told ISSSource that the number of intrusions and attacks has increased dramatically over recent years.

Accusations about cyber attacks are also on the increase worldwide, with Iran ranking high on the accusation and danger list, according to Iran has become “a force to be reckoned with,” U.S. Air Force’s Space Command leader General William Shelton said in a January speech in Washington, D.C. reports that Iran has been fortifying its own cyber attack capabilities following the Stuxnet malware attacks believed to have resulted in the explosion of several Iranian nuclear centrifuges.

The Changes in Warfare

The world is moving towards a greater strategic use of cyber weapons to persuade adversaries to change their behavior. At the same time it is essential to understand that cyber operations, such as cyber espionage and cyber attacks, are now a recognized part of strategic influence and combat.

Past conflicts required soldiers that were physically and mentally tough enough to succeed in battle, but strength is no longer the only requirement for fighting wars. Physical strength need not be an issue at all for the new breed of soldiers that instead must possess a sophisticated knowledge of computer security and code.

“Hackers now are either criminals out to make money, activists out to protest or governments engaged in targeting their own citizens or attacking other governments, whether for espionage or cyber warfare,” says The Guardian. Not every malicious attack, however, falls into the cyber warfare category, which is largely where unwarranted paranoia and misuse, and misconceptions of the term, arise.

The Misconceptions

What counts as “cyber warfare” remains an open question, but it does have certain stipulations. A major misconception is that cyber war takes place in a different domain, i.e. the fifth domain, that is totally separate and disconnected from all other forms of warfare, be it land, sea, air or space. Rather than being disconnected from all other types of warfare, the cyber “world of bytes” is an integral part of all other domains.

Warfare taking place on land, at sea, in the air or in space has its own cyber components, and the “world of bytes” is everywhere. It penetrates all the levels and dimensions of warfare, with cyber components prevalent in weaponry, communications, equipment and other war-related matters.

Any future crisis, even one not deemed a cyber war per se, is likely to have a cyber component to it. It would be tough to avoid it, particularly in major wars between developed countries. Cyber is the only dimension that allows you to have an impact on all other dimensions.

Cyber components may alter submarine and shipping steering, impede flight control functions and air-drop accuracy, interfere with satellites, cut off the distribution of electricity, affect the performance of smartphones, automobiles, prisons, and engage in a laundry list of additional maneuvers that shut down, deter or otherwise work to destroy your enemy.

The Definition

While Kaspersky limits his definition of cyber war to activity that uses cyber weapons to cause physical damage, only Stuxnet fits that definition to date. Cyber weapons can also indeed be deployed to disrupt command and control without physical destruction. A country impoverished by erased banking records, for example, could very well be a victim of cyber warfare although no physical damage has been done.

An attack that qualifies of cyber warfare must, however, occur in the political and strategic context of warfare.

“War is thus an act of force to compel our enemy to do our will,” says the famous formulation of Prussian military strategist Carl von Clausewitz. Chinese military general Sun Tzu’s ideal of warfare was “to subdue the enemy without fighting.”

Neither case necessarily involves physical destruction, although both function as a means to achieve a political aim. The same holds true with cyber warfare. The cyber instrument may have its own grammar, but its logic is that of war as a whole.

The ongoing and sophisticated online conflict in Syria reported by serves as a prime example of cyber warfare. While the efforts on both the side of Syrian government and the side of its opponents are meant to “sabotage, disrupt and destroy,” not all involve physical destruction.

One of the cyber weapons was a destructive Trojan known as “DarkComet.” The digital-rights group Electronic Frontier Foundation described it as: “a remote administration tool that allows an attacker to capture webcam activity, disable the notification setting for certain antivirus programs, record key strokes, steal passwords and more — and sends that sensitive information to an address in Syrian IP space.”

War vs. Peace

While it is painfully clear Syria is the midst of an ongoing civil war, many other nations are instead in a grey area that is neither a state of war – nor a state of peace. Cyber reality further blurs the boundaries between war and peace, adding a dangerous new dimension of instability. Instead of being an obvious form of war, future conflicts involving cyber warfare may instead become vague with no clear beginning or end. It is also important to observe that the concept of war might be blurred intentionally referring to different “cyber actions.”

The cyber (warfare) victims may not even be conscious of being in conflict with someone, just acutely aware that unpleasant, tangible things “just happen.” Those unpleasant events may be a regular occurrence or they may crop up at random and infrequent intervals. Although such events may seem to have neither rhyme nor reason, they could in fact be part of a larger strategy in the cyber warfare game.

Cyber warfare is definitely out there, but it should not be the catchall phrase for any malicious computer-related activity. Distributed denial-of-service attacks that have no physical impact should not automatically be considered cyber warfare, nor should activities such as spying. If cyber warfare were used to classify every single malicious attack or unpleasant event, we would be a war-torn world indeed.

Additionally, there would be no term remaining to describe a severely devastating and debilitating cyber war when it did occur in the open between nations. Truely defining what qualifies as war and what does not is challenging in the cyber realm. To qualify as official “warfare,” the term needs to be put into the right context as a part of the strategic and political decision making process. We can also take one more cue from Clausewitz who said that war is “the continuation of politics by other means.” To qualify as cyber war, the means may be virtual – but the impact should be real.

Possibly Related Articles:
Federal Military Municipal State/County
Government Cyberwar Security cyberwarfare
Post Rating I Like this!
Mikko Jakonen I was going to write a short sum-up but it went way beyond it, so apologies are in place. This can be found at too.


This article may trigger a short debate about the figure of cyber warfare may possess and what may belong to it and among that, I must believe that intelligence sources which ISS refers contains amount of non governmental players and other illegitimate practitioners currently on market.

Sure, the total amount of inductions that can be counted as intrusions has gained mass significantly. Iran fortifying attack capabilities would mean only that they realized, finally, among other nation states that some other nation shall use capabilities introduced by the cyber domain and building pure defensive side is not going to be good enough, as developing defensive capabilities lets you be only underdog. Attacker has the upper hand. Always. Prove me wrong.

Maneuvering tactical depth is always difficult and in case Iran vs. US as an example, the depth is significant – in both sides. I bet there is no nation existing that understands the factor well enough. What shall they do when decision making capabilities are removed? In civilized societies the pan governmental integration is tight, and that makes it vulnerable. Its service based approach in very large end-2-end service architecture and while important information service is rendered unavailable, all others collapse.

Information operations

I believe that cyber warfare as part of the information operations has gained much in past years, and will gain even more towards ‘information exploitation’ with larger yield available.

Strategic value of cyber

I can not see any other way than count cyber warfare as one of the most important strategic ‘values’, if you will, what nation state may possess after strong self recognition. It has influencing ability from deep down the ground till up in the space. No other domain has such cutting through factor. It is the only domain that possess capability to render all the other domains useless.

Those ‘fashionalble smart’ people may come at this point to tell “how you disable all kinetic power military possess with your DDoS?” – well, I dont. No one does. It’s a vague understanding people have for the information superiority capabilities and possibilities.
Do you think that influencing to those ‘higher velocity human factors’ require DDoS to succeed? That’s information warfare at its purest.

For what comes to the future crisis. I believe amount of influence it has from ‘cyber’ depends on struggle itself. In most cases it shall have vertical yield with more regular information warfare components, to influence hearts and minds with traditional
methods of false information, distraction, propaganda et al.

On the other hand, the ability to influence through digital channels gain more and more presence each day, so it would be ridiculous to argue that things shall remain as they are for now on.

Weaponization efforts

Instead, I do believe – I am certain about it – that major areas of cyber warfare shall see real platformization displays within 2 years. The activities building for such capabilities are already underway and yes – that shall be another set of weaponry available for right price.
Do not get me wrong here, its vague to say it wouldn’t go that far. Every other war fighting domain has done it already.

More value such capability has – more tightly kept secret it is – so comparison to nuclear weapons is not that far fetched. Nor the yield on deployment it may have. Cyber warfare has, an advantage over any kinetic force. It’s the controllable focus and controllable yield, precise targeted weapon abilities. A real smart bomb. Stuxnet was not cyber weapon, it was technology demonstrator and single project, with single scope show up.

What is cyber warfare in tactical, operational and in procedural terms?

Cyber warfare is simultaneous intel, defense and offense that can not be compared to kinetic world references, nor can be applied separately. Defense and offense maneuvers simultaneously, thus defeating formal methods. Intel is high-fidelity and automated emulation of research activities taking in place for information exploitation, analysis, direct and in-direct emanuation for tactical and operational needs. The role of intel is much
more important than in pure kinetic trial-error warfare. Imagine intel existing as nexus for data acquisition, analysis and dissemination – basically for everything defensive and offensive component requests.

Decision making in cyber

That requires amount of decision making capabilities and I do believe that significant parts of the efforts put in cyber capabilities shall go in visualization and maneuvering decisions to be made during the loop. Lots of decisions and tasking currently done with manpower shall transform to automation, meaning that human interference shall happen on much higher abstraction layer and the resource intensive (take CN example) work of “hackers” shall be converted to much more automated functions. The team potentionally existed for our fellow Stuxnet example shall look very different in future.


Based on my understanding, utilization of any cyber warfare capabilities does not count to be in Sun Tzu’s category of ‘without fighting’.

I hate to speculate what is war and what is not - for future with any cyber involvement with its operations warfare, a project warfare in future. It shall include kinetic force elements, but many and massive amount of elements delivered by cyber capabilities shall be in display.

Instead – what I do believe is that things are getting pretty fast much more straight forwards with cyber warfare. Yes, amazing statement? The reason is that cyber enablement shall be understood as de-facto and preparations with and against it shall gain space. That means cyber warfare existence as strategic value shall be recognized and understood as attribute or variable we just have to co-exist with. Like with nuclear weaponry. We gained the ability to control power of atom, we maneuvered information superiority and we realized that its a very powerful to possess.
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.