If we are seeking to retrofit military terminology to explore offensive actions in the 'cyber' domain then perhaps the best fit is 'special operations' or 'special warfare' as mentioned in a post. Conventional force-on-force just does not seem apt to the discussion. The tomahawk scenario is like a DDoS barrage and still does not mold well into the discussion in my view.
Cyber requires special training and considerable practice and preparation to achieve 'relative superiority' over a given opponent. "Special operations defies conventional wisdom by using a small force to defeat a much larger or well-entrenched opponent." Any action is short lived and require a series of successful action to conduct espionage, issue false orders to military units or entire commands, sabotage systems or markets. A given cyber attack can be measured from the initial point of vulnerability (detection, deterrence etc.) through the gradual rise to 'mission completion'. Perhaps somewhere along the way 'Murphy's law increased the probability of failure and as an attacker you regroup and determine if you have lost the element of surprise. Conventional special ops is usually measures in hours yet a cyber attack is inverse, it would be mere seconds for well-planned attacks or months of entrenching in preparation for a possible mission. These ideas are not new but p erhaps mapping them to cyber is novel. You can find these concepts in the very first chapter of McRaven's Spec ops book. A very big factor in all this is surprise, either in the audacity of the objective or the events that lead up to it. This list has been throwing darts in the shifting sands of cyber for quite some time, does any model really map to cyber or are we forced to wait for the language develop organically. Kevin N. _______________________________________________ Dailydave mailing list [email protected] https://lists.immunityinc.com/mailman/listinfo/dailydave
