ified targets and nothing else) are more difficult to design and implement than are weapons that are more indiscriminate. Highly discriminating weapons also require a great deal of intelligence support for their use—and in the absence of adequate intelligence, the effects of using even a highly discriminating cyber weapon may cascade if previously unknown elements are connected (directly or indirectly) to the targeted system.
Cyber weapons can be used to compromise the confidentiality of information, the integrity of information or software/programming, or the availability of IT-based services to the user and also to forge authenticity:26
• Breaching the confidentiality of information refers to the ability to obtain from the targeted IT system information that the rightful owner or operator of that system would prefer to keep confidential. For example, an adversary listens to a Wi-Fi connection between a computer and a base station and is able to capture the data stream between them.
• Compromising the integrity of computer-represented data refers to changing or destroying information that its rightful owner wishes to keep intact. That data may be input to computer programs or machine-readable programs themselves. For example, a computer virus can erase all of the files on a user’s hard drive.
• Denying the availability of IT-based services to users refers to preventing a user from obtaining the full value of his or her interactions with the computer. If the user finds the computer too slow to respond, or that it does not respond at all, availability has been denied. For example, a denial-of-service attack on an important Web site keeps legitimate and authorized users from accessing the services it provides.
• Forging authenticity. An authentic message or transaction is one known to have originated from the party claiming to have originated it. Forgery leads the receiver of the message or the other party in a transaction into believing that the sender or first party in a transaction is who he claims to be, even if that is not true.
Cybersecurity analysts distinguish between cyber exploitation and cyber attack. Cyber exploitation refers to activities involving the first bulleted item above (breaching confidentiality), cyber attack to activities involving the second, third, and fourth items above (compromising integ-
26 This discussion of cyber weapons borrows liberally from National Research Council, Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities, The National Academies Press, Washington, D.C., 2009.