Cyberwarfare is the use of technology to attack a nation, causing comparable harm to actual warfare.[1] ‘Cyberwarfare’ does not imply scale, protraction or violence which are typically associated with the term ‘war’.[2] There is significant debate among experts regarding the definition of cyberwarfare, and even if such a thing exists.[3] The term ‘Cyberwarfare’ is a misnomer, to date no offensive cyber actions could be described as ‘war’. Offensive cyber actions, such as those in Estonia in 2007, Georgia in 2008, Iran in 2010, North Korea[4] have occurred in the context of international relations, only resulting in condemnation and denial by sides.[2]

Cyberwarfare may not meet the typical definition of the term war, however, many states including the United States, United Kingdom, Russia, India, China, Israel, Iran, and North Korea.[5][6][7] have active cyber operations for offensive and defensive operations. As states explore the use of cyber operations and combine capabilities the likelihood of physical confrontation and violence playing out as a result of, or part of, a cyber operation is increased. However, meeting the scale and protracted nature of war is unlikely, thus ambiguity remains.[2]

The first instance of kinetic military action used in response to a cyber-attack resulting in the loss of human life was observed on May 5, 2019, when the Israel Defense Forces targeted and destroyed a building associated with an on-going cyber-attack.[8][9]


'Cyberwarfare' is used in a board context to denote interstate use of technological force within computer networks in which information is stored, shared or communicated online.[2] The term warfare has significant differences over the term 'war', which invokes ideas of scale and protraction. Cyberwarfare is also distinct, if closely related to, 'cyber espionage', 'cyber terrorism' and 'cyber crime'. The term and its definition remain the subject of debate and no absolute definition is widely agreed.[2]

Paulo Shakarian and colleagues, put forward the following definition drawing from various works including Clausewitz's definition of war - "War is the continuation of politics by other means.":[10]

"Cyberwarfare is an extension of policy by actions taken in cyberspace by state actors (or by non-state actors with significant state direction or support) that constitute a serious threat to another state's security, or an action of the same nature taken in response to a serious threat to a state's security (actual or perceived)."

Definitions focus on the act of penetrating a state's computer network infrastructure, or that of businesses and organisations within a target nation. The former US National Coordinator for Security, Infrastructure Protection and Counter-terrorism, Richard A. Clarke, defines cyberwarfare as "actions by a nation-state to penetrate another nation's computers or networks for the purposes of causing damage or disruption."[11] Own cyber-physical infrastructure may be weaponized and used by the adversary in case of a cyber conflict, thus turning such infrastructure into tactical weapons[12].

While the majority of scholars, military's and governments use the definition to refer to state and state-sponsored actors,[2][10][11] that is actors who are provided significant direction or support from a state. Some definitions may include non-state actors, such as terrorist groups, companies, political or ideological extremist groups, terrorist, hacktivists, and transnational criminal organizations depending on the context of the work.[13][14]

Controversy of term

There is debate on whether the term 'cyberwarfare' is accurate. Eugene Kaspersky, founder of Kaspersky Lab, concludes that "cyberterrorism" is a more accurate term than "cyberwar". He states that "with today's attacks, you are clueless about who did it or when they will strike again. It's not cyber-war, but cyberterrorism."[15] Howard Schmidt, former Cyber Security Coordinator of the Obama Administration, said that "there is no cyberwar... I think that is a terrible metaphor and I think that is a terrible concept. There are no winners in that environment."[16]

Some experts take issue with the possible consequences linked to the warfare analogy. Ron Deibert, of Canada's Citizen Lab, has warned of a "militarization of cyberspace", as militaristic responses may not be appropriate.[17] Although, to date, even serious cyber attacks which have disrupted large parts of a nations electrical grids (230,000 customers, Ukraine, 2015) or affected access to medical care, thus endangering life (NHS, WannaCry, 2017) have not led to military action.

Oxford academic Lucas Kello proposed a new term – "unpeace" – to denote highly damaging cyber actions whose non-violent effects do not rise to the level of traditional war. Such actions are neither warlike nor peacelike. Although they are non-violent, and thus not acts of war, their damaging effects on the economy and society may be greater than even some armed attacks.[18][19] This term is closely related to the concept of the "grey zone" which has come to prominence in recent years, describing actions which fall below the traditional threshold of war.

Cyberwarfare vs. Cyber War

The term 'cyberwarfare' is distinct from the term 'cyber war'. Cyber warfare includes techniques, tactics and procedures which may be involved in a cyber war. As discussed, the term war inherently refers to a large scale action, typically over a protracted period of time and may include objectives seeking to utilize violence or the aim to kill.[2] A cyber war could accurately describe a protracted period of back-and-forth cyber attacks (including in combination with traditional military action) between nations. To date, no such action is known to have occurred. Although tit-for-tat military-cyber actions have occurred. In June 2019 the United States launched a cyber attack against Iranian weapons systems in retaliation to the shooting down of a US drone being in the Strait of Hormuz.[20][21]