The Gray Lines Between Reconnaissance, Espionage and Cyberwar

There has been a lot of discussion about cyberwar and other threats to electronic infrastructure in the past few years, but there hasn’t been much basic definition of terms, especially terms that public decision makers and the general public can share.

This is one attempt to provide some basic terms that can be meaningful to both groups. Here are three terms to start the process:

1. Reconnaissance

In conventional warfare terms, this is the process of gathering information about an enemy and the terrain in which you will face him.

Most of this information is readily available; all that’s needed is time and effort. In fact, there is little a defender can do to deny this information to an enemy.

In the electronic arena, reconnaissance efforts would focus on identifying potential value target systems (operating systems, ports used, etc.) and their supporting services (firewalls, DNS, failovers, etc.).

Except for the case of systems totally disconnected from the Internet, this sort of activity is inevitable and probably not worth defending against.

2. Espionage

In conventional warfare terms, this activity is the process of getting non-public or classified information (or items). It’s usually illegal, but not generally a cause for a declaration of war between nations.

Discovered espionage attempts will, however, tend to cool off diplomatic relations. Electronic espionage is the logical extension of conventional means and, like their cousins, may be tolerated, sanctioned on a tit-for-tat basis, or singled out for more severe political sanctions.

The rub for most nations is that, the more they retaliate against these activities, the less able they are to use them to gather their own intelligence information.

3. Act of War

The definition of an act of war has changed over the last century. Originally, it involved the attack or occupation by one nation of another nation–its territory, citizens, commercial interests, etc.–and sometimes included a diplomatic declaration as well.

More recently, it has come to represent a tacit recognition of hostilities without an overt declaration. Democratic nations have the most difficulty with this class of activity, as their populations tend to be more involved in national decisions and may well take the situation in unintended directions.

Further complicating things recently have been the rise of nongovernmental organizations that legally transcend borders (corporations), furtively skirt national power (criminal syndicates), or even influence or displace governmental authority (most semi-successful insurgencies).

Since we currently have only a vague definition for a state of war, people will also have a hard time deciding what an act of war would look like in cyberspace, especially when nongovernmental organizations get involved.

Defining basic terms such as these only begins to scratch the surface, but attempting to make or implement policy without them is no shortcut.

Copyright 2010 Respective Author at Infosec Island

Share article:
  • Facebook
  • LinkedIn
  • RSS
  • Twitter

REPLY

You must login in order to reply.

Panel's Jotter

Editor Intelink says:(2012-10-02 10:49:19)

“Een kwaliteitsslag voor school, student en stagebedrijf” Het herkennen en correct behandelen van bedrijfsvertrouwelijke informatie. Het programma speelt tevens doeltreffend in op de sterk toenemende behoefte aan Social Media Integriteit van stag...

On: Stagevoorbereiding voor MBO en HBO: Bewustwording Bedrijfsgeheimen & Social Media Integriteit
Danny Lieberman says:(2011-05-09 13:35:04)

As one of the pioneers in DLP - data loss prevention and an active thought leader in the field since 2003 - it is typical for people who discover that the emperor is naked to take knee jerk reactions. IT and HR procedures are part of a set of data...

On: WikiLeaks legt menselijke factor bloot (EN)
Rachel McShelley says:(2011-03-31 10:01:15)

Blijft helaas onduidelijk waarom BitDefender dit opvallend en vooral ook een beveiligingsrisico vindt.

On: Facebook: 42% onbekende online vrienden
View all replies»

Join us on:

  • Facebook
  • LinkedIn
  • RSS
  • Twitter


Panels

Join our Research Panel!
Sign up for: Study into Information Leakage in the Netherlands 2010


Publications

News and analyses on Human Factors & Awareness


Upcoming events

No events