This is part two of a two part series on cyber space, cyber war and other concepts. (See part 1.)All the different \u201ccyber\u201d terms sure are confusing and it\u2019s no help that many of the terms used to describe the threat actor behind a cyber attack are often used interchangeably. In part I, we established what constitutes a \u201ccyber attack\u201d within \u201ccyberspace\u201d. Now the real fun begins \u2013 we\u2019ll dissect the four most commonly confused terms: \u201ccyber war,\u201d cyber terrorism,\u201d \u201ccyber vandalism\u201d and \u201ccyber espionage\u201d and provide a common lexicon. The objective is to dispel myths and, by establishing common understanding, provide a way for managers to cut to the chase and understand risk without all the FUD. The graph below shows the four terms and attributes at a glance.Now let\u2019s dig into each individual definition and examine the fundamentals.Cyber warfareCyber warfare is the most misused terms in this list. The U.S. Strategic Command\u2019s Cyber Warfare Lexicon defines cyber warfare as:Creation of effects in and through cyberspace in support of a combatant commander's military objectives, to ensure friendly forces freedom of action in cyberspace while denying adversaries these same freedoms.There are very clear definitions as to what constitutes war (or an action that is an act of war), and the cyber version is, in essence, no different. Cyber warfare is an action, or series of actions, by a military commander or government-sponsored cyber warriors that furthers his or her objectives, while disallowing an enemy to achieve theirs. Military commanders typically belong to a nation-state or a well-funded, overt and organized insurgency group (as opposed to covert rebels, organized crime rings, etc.). Acting overtly in cyberspace means you are not trying to hide who you are \u2013 the cyber version of regular, uniformed forces versus irregular forces.On Dec. 21, 2014, President Obama stated that the Sony hack was an act of cyber vandalism perpetuated by North Korea, and not an act of war. This statement was criticized by politicians, security experts and other members of the public, but one must look at what constitutes an act of war before a rush to judgment is made. Let\u2019s assume for the sake of this analysis that North Korea did perpetrate the attack (although this is disputed by many). Was the act part of a military maneuver, directed by a commander, with the purpose of denying the enemy (the United States) freedom of action while allowing maneuverability on his end? No. The objective was to embarrass a private-sector firm and degrade or deny computing services. In short, Obama is right \u2013 it\u2019s clearly not part of a military operation. It\u2019s on the extreme end of vandalism, but that\u2019s all it is.The subsequent threats of physical violence to moviegoers if they viewed \u201cThe Interview\u201d has never been attributed to those who carried out the cyber attack, and frankly, any moron with Internet access can make the same threats.Few public examples exist of true, overt cyber warfare. Stories circulate that the U.S., Israel, Russia, China and others have engaged in cyber war at some point, but the accounts either use a looser definition of cyber war, or are anecdotal and are not reported on by a reputable news source.One of the strongest candidates for a real example of cyber war occurred during the 2008 Russo-Georgian War.Russia and Georgia engaged in armed conflict over two breakaway republics, South Ossetia and Abkhazia \u2013 both located in Georgia. Russia backed the separatists and eventually launched a military campaign. In the days and weeks leading up to Russia\u2019s direct military intervention, hackers originating from within Russia attacked key Georgian information assets. Internet connectivity was down for extended periods of time and official government websites were hacked or completely under the attacker\u2019s control. In addition, internal communications and news outlets were severely disrupted. All of the above would hamper the ability of Georgian military commanders to coordinate defenses during the initial Russian land attack.Cyber terrorismNo one can agree on the appropriate definition of terrorism, and as such, the definition of cyber terrorism is even murkier. Ron Dick, director of the National Infrastructure Protection Center, defines cyber terrorism as...a criminal act perpetrated through computers resulting in violence, death and\/or destruction, and creating terror for the purpose of coercing a government to change its policies.Many have argued that cyber terrorism does not exist because \u201ccyberspace\u201d is an abstract construct, whereas terror in a shopping mall is a very real, concrete situation in the physical world that can lead to bodily harm for those present. Cyber terrorism, as a term, has been used (and misused) so many times to describe attacks, it has almost lost the gravitas its real world counterpart maintains.According to US Code, Title 22, Chapter 38 \u00a7 2656f, terrorism is:\u2026premeditated, politically motivated violence perpetrated against noncombatant targets by subnational groups or clandestine agents.In order to be a true cyber terrorist attack, the outcome must include violence toward non-combatants and result in large-scale damage or financial harm. Furthermore, it can often be difficult to attribute motivations, goals and affiliations to cyber defilement, just as in the physical world, which makes attribution and labels difficult in the cases of both traditional terrorism and cyber-terrorism.\tThere are no known examples of true cyber terrorism. It certainly could happen \u2013 it just hasn\u2019t happened yet.\u00a0Cyber vandalismThere is not an \u201cofficial\u201d US government definition of cyber vandalism, and definitions elsewhere are sparse. To paraphrase Justice Stewart, it\u2019s not easy to describe, but you will know it when you see it.The definition of \u201cvandalism\u201d from Merriam-Webster is \u201cwillful or malicious destruction or defacement of public or private property.\u201dCyber vandals usually perpetrate an attack for personal enjoyment or to increase their stature within a group, club or organization. They also act very overtly, wishing to leave a calling card so the victim and others know exactly who did it \u2013 think of wayward subway taggers, and the concept is about the same. Some common methods are website defacement, denial-of-service attacks, forced system outages and data destruction.Examples are numerous:Anonymous DDoS attacks of various targets in 2011-2012Lizard Squad DDoS attacks and website defacements in 2014For now, the Sony Pictures Entertainment hack, unless attribution can be made to a military operation under the auspices of a nation-state, which is unlikely.Cyber espionageMuch of what the public, politicians or security vendors attribute to \u201ccyber terrorism\u201d or \u201ccyber war\u201d is actually cyber espionage, a real and quantifiable type of cyber attack that offers plenty of legitimate examples. An eloquent definition comes from James Clapper, Director of National Intelligence:\u2026intrusions into networks to access sensitive diplomatic, military, or economicThere have been several high-profile cases in which hackers, working for or sanctioned by the Chinese government, infiltrated US companies, including Google and The New York Times, with the intention of stealing corporate secrets from companies that operate in sectors in which China lags behind. These are examples of corporate or economic espionage, and there are many more players \u2013 not just China.Cyber spies also work in a manner similar to the methods used by moles and snoops since the times of ancient royal courts; they are employed by government agencies to further the political goals of those organizations. Many examples exist, from propaganda campaigns to malware that has been specifically targeted against an adversary\u2019s computing equipment.Examples:The Flame virus, a very sophisticated malware package that records through a PC\u2019s microphones, takes screenshots, eavesdrops on Skype conversations, and sniffs network traffic. Iran and other Middle East countries were targeted until the malware was discovered and made public. The United States is suspected as the perpetrator.The Snowden documents revealed many eavesdropping and espionage programs perpetrated against both US citizens and adversaries abroad by the NSA. The programs, too numerous to name here, are broad and use a wide variety of methods and technologies.ConclusionThe capabilities and scope of cyber attacks are just now starting to become understood by the public at large \u2013 in many cases, quite some time after an attack has taken place. Regardless of the sector in which you are responsible for security, whether you work at a military installation or a private-sector firm, a common language and lexicon must be established so we can effectively communicate security issues with each other and with law enforcement, without the anxiety, uncertainty and doubt that is perpetuated by politicians and security vendors.