Keyword Index and Glossary of Core Ideas
Glossary of Core Ideas
Air gapping is a security measure that isolates a secure network from unsecure networks physically, electrically and electromagnetically.
Software which attempts to identify and delete or isolate malware. Antivirus software may use both a database containing signatures of known threats and heuristics to identify malware. Usually run as a background service to scan files and email copied to the protected system.
A black hat is a computer hacker who works to harm others (e.g., steal identities, spread computer viruses, install bot software).
See also: White Hat
This term is derived from "robot network." Refers to networks of sometimes millions of infected machines that are remotely controlled by malicious actors. A single infected computer may be referred to as a zombie computer. The owners of the computer remotely controlled is often unaware of the infection. The owners of a botnet may use the combined network processing power and bandwidth to send SPAM, install malware and mount DDoS attacks or may rent out the botnet to other malicious actors.
The justification for going to war. From the Latin "casus" meaning "incident" or "event" and "belli" meaning "of war."
The involvement of non-military persons in warfare. While civilians have often provided support to the military in kinetic wars, in cyber warfare civilians are able to remotely participate in direct attacks against opponents. This raises complicated questions of law when the combatants are not uniformed military personnel.
The legal status of combatants in warfare. Existing law distinguishes between uniformed military and civilian status.
Computer Emergency Response Team
A group of experts brought together to deal with computer security issues. The Computer Emergency Response Team (CERT) mandate is to develop and promote best management practices and technology applications to “resist attacks on networked systems, to limit damage, and to ensure continuity of critical services.” (Software Engineering Institute 2008). CERT may be formed by governments to handle security at the national level or by academic institutions or individual corporations.
Computer Network Attack
Includes actions taken via computer networks to disrupt, deny, degrade, or destroy the information within computers and computer networks and/or the computers/networks themselves. Joint Doctrine for Information Operations JP 3-13 at I-9 (1998)
Communications Privacy Law
Laws which regulate access to electronic communications. In the United States, the Electronic Communications Privacy Act (ECPA) protects electronic communications while in transit and prohibits the unlawful access and disclosure of communication contents.
Software tools designed to aid criminals in perpetrating online crime. Refers only to programs not generally considered desirable or usable for ordinary tasks. Thus, while a criminal may use Internet Explorer in the commission of a cybercrime, the Internet Explorer application itself would not be considered crimeware.
In its broadest definition, cybercrime includes all crime perpetrated with or involving a computer. Symantec defines it as any crime that is committed using a computer or network, or hardware device. The computer or device may be the agent of the crime, the facilitator of the crime, or the target of the crime. The crime may take place on the computer alone or in addition to other locations. Symantec
A criminal act perpetrated by the use of computers and telecommunications capabilities, resulting in violence, destruction and/or disruption of services to create fear by causing confusion and uncertainty within a given population, with the goal of influencing a government or population to conform to a particular political, social, or ideological agenda. FBI
Actions by a nation-state to penetrate another nation’s computers or networks for the purposes of causing damage or disruption. Clarke
Digital Pearl Harbor
Distributed Denial of Service (DDoS)
The disabling of a targeted website or Internet connection by flooding it with such high levels of Internet traffic that it can no longer respond to normal connection requests. Often mounted by directing an army of zombie computers (see botnet) to connect to the targeted site simultaneously. The targeted site may crash while trying to respond to an overwhelming number of connections requests or it may be disabled because all available bandwidth is tied up in responding top the attack.
A method of obtaining proprietary or confidential information by searching through trash discarded by a target.
Intelligence Infrastructure/Information Infrastructure
International Humanitarian Law
Internet Relay Chat (IRC)
Internet Service Providers
Laws of War
National Cybersecurity Strategy (U.S.)
Outreach and Collaboration
The criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.