Gartner Blog Network

Definition of Cyberwar: No Results Found

by Dan Blum  |  July 12, 2011  |  Submit a Comment

There is no definition of “cyberwar” but there’s plenty of colloquial use of the term. Especially lately.

As multiple breaches and DDOS attacks struck the U.S. and Europe in the savage spring of 2011, I became fascinated with the concept of cyberwar, and then increasingly appalled. In the heat of those news moments I felt we were approaching a state of cyberwar in the world.

I struggled to blog about it, but the initial efforts made trusted colleagues uncomfortable. One told me to “be wary of over-simplifying an area that has many actors and dimensions and largely speculation about the role of nation state intelligence agencies in several noteworthy and publicized attacks.”

Yet the unease with definitions isn’t universal. Andrew Walls at the Gartner Security Summit asked rhetorically: “Does the definition matter?” and noted that the last time the U.S. formally declared war was during World War II.

Indeed, many define cyberwar pretty broadly. According to the “free online dictionary,” cyberwar is just “an assault on electronic communications networks.” As described in another post on cyberwar definitions, even the experts’ opinions differ.

Yet another colleague, Ramon Krikken, got me wondering: Should more sober heads prevail? Ramon comes from the Netherlands, a country on the plains of Northern European, one of history’s great invasion routes.

To paraphrase Ramon’s concerns, “I’d rather you didn’t call it war. I’d rather we didn’t get into another war. Definitions are important and calling something war when it isn’t is asking for trouble. I don’t see current cyber-attacks rising to the level of war, which would mean we’re considering all options including a kinetic response.”

To follow this train of logic, most of the cyber-attacks we’ve seen have been undertaken by individual criminals or hacktivists rather than nation states. And most suspected nation state advanced persistent threats (APTs) fall into the espionage bucket. Bitterly resented, maybe. Cause célèbre for war, rarely.

This isn’t to say we won’t see nation states (or their proxies) conduct digital attacks with kinetic consequences in the future. In fact, a spectacularly successful attack on the electrical grid or the financial system might cause enough economic damage to be called an act of war even if it doesn’t immediately kill anyone.

The good news is that we’re not there yet. The bad news is that nation states are building digital arsenals through cybersecurity programs just in case on again, off again efforts at diplomacy fail. Last month I received an inquiry from a client in a medium-sized country asking me to rate the comparative cyberwar capabilities of four other nations. I declined because we don’t provide that sort of research.

But it was one more data point that me think one should be careful with what language one uses on this complex issue, and consider de-escalating the situation. But that’s for my next post.

Perhaps this sums it up the best. Again, from Andrew Walls: “When I hear the term cyberwar, it tells me that the speaker is attempting to define their pursuits and interests as different and more important or arcane than mere information security. The term is political speech, not a meaningful term that defines or describes a group of activities.”


Tags: cybersecurity  cyberwar  

Dan Blum
Research VP
19 years at Gartner
33 years IT industry

Dan Blum, a VP and distinguished analyst, covers security architecture, cloud-computing security, endpoint security, cybercrime/threat landscape, and other security technologies. Mr. Blum has written hundreds of research… Read Full Bio

Leave a Reply

Your email address will not be published. Required fields are marked *

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.