• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Targeted Attacks   »   When Do We Call a Cyber Attack an Act of Cyber War?

When Do We Call a Cyber Attack an Act of Cyber War?

  • Posted on:March 15, 2013 at 2:47 pm
  • Posted in:Targeted Attacks
  • Author:
    Martin Roesler (Director, Threat Research)
3

What is the difference between cybercrime and a “cyber war”?

There are different elements of an attack that help us understand this: the targets, the threat actors behind it, as well as the tools used. But I think one of the most important aspects, something that drives all the other aspects, is also the answer to the question I posed earlier: intent.

I believe this difference in intent matters because it defines the threat itself. There are a lot of reports on different kinds of organizations being successfully victimized by targeted attacks, and it has become so overwhelming to the point that it has obscured our view of what kind of threats we’re dealing with. And though knowing the intent might not be able to help us stop an attack, it can enable us assess if we are a potential target.

Cyber war or Cybercrime?

For example, when a threat actor from country A conducts a targeted attack against several companies in country B, does it count as cyber war, or cybercrime? The answer, again, depends on the intent.

Cyber war, as Raimund Genes also said in his 2013 predictions, refer to politically motivated attacks that may destroy data or even cause physical damage to infrastructure of a specific country. So in my example above, if the goal of the attack is to destroy the companies’ data or their infrastructure with a political intent, it may be considered an act of cyber war.

However, if the attack is conducted in order to steal information from the companies with a pure financial intent, then it should be considered a form of cybercrime. Most of the cybercrime schemes we’ve seen in the past aimed to affect as many individual users as possible, but the cybercriminals have found a bigger and better target in companies.

Ends vs. Means

Of course, although the end goals are different, there is a clear overlap between the two, that being the gathering of information. For example, gaining internal information in order to gain money is the goal of cybercrime, but in terms of cyber war, the same scheme can be just part of reconnaissance for a bigger operation. So if we look at it, the targeted attack itself is simply a tool in order to achieve the intent. The structures, techniques, and tools used can be the same, but the ending can be completely different.

Does It Matter?

So in the end, does the intent matter? Not that much. But how you protect yourself and your network does. Regardless of who you think is after you, any of them will be after your crown jewels. So act accordingly. It’s all a name game.

Learn how to protect Enterprises, Small Businesses, and Home Users from ransomware:
ENTERPRISE »
SMALL BUSINESS»
HOME»
Tags: APTcyber warcybercrimetargeted attacks

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Recent Posts

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits
  • August Patch Tuesday Fixes Critical IE, Important Windows Vulnerabilities Exploited in the Wild
  • Water Nue Phishing Campaign Targets C-Suite’s Office 365 Accounts

Popular Posts

Sorry. No data so far.

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.