Analysis: ‘Cyber attack’ term overused

Jim Lewis, director of Technology and Public Policy Program, Center for Strategic and International Studies

wfedstaff | June 4, 2015 9:06 am

The Defense Department’s recent cybersecurity strategy and the latest White House cyber proposal made it plain to many that a lot of time and money are being put into protection against cyber attacks and the specter of cyber warfare.

Jim Lewis, director of the Technology and Public Policy Program at the Center for Strategic and International Studies, said he thinks the notion of cyber warfare is getting too much hype.

In a column he wrote for CSIS last week, “Cyber Attacks, Real or Imagined, and Cyber War,” Lewis argued that lost amid the media attention of the Pentagon’s new plan is the fact that it calls for a much stricter definition for a cyber attack than is commonly used.

Online Chat: Beth Killoran, deputy assistant secretary for Information Technology and chief information officer at HHS, on March 28.

“Since many reports call everything – pranks, embarrassing leaks, fraud, bank robbery and espionage – a cyber attack, the strategy led to expressions of concern that the United States would be shooting missiles at annoying teenage hackers or starting wars over Wikileaks,” he wrote. “In fact, the strategy sets a very high threshold that is derived from the laws of armed conflict for defining a cyber attack. Nothing we have seen this year would qualify as an attack using this threshold.”

Advertisement

Lewis joined In Depth with Francis Rose to discuss the hype surrounding cyber warfare.