For the purpose of conceptual clarity, it’s probably best to think of things from this framework. Otherwise we may lose sight of what actually constitute military vs. law enforcement cyber-threats.
- Cyberwar: The use of cyber weapons to violently destroy–or threaten to destroy–enemy capabilities. This ranges from command and control warfare against enemy C2 systems to strategic attack on enemy population centers during war (all of the doom scenarios about destroying the power grid, etc). This has never happened. Stuxnet is the closest to this but falls more–if we or the Israelis were involved–under the framework of covert action. In others words, the digital equivalent of overthrowing the Iranian government in the 1950s. Note that cyber war will mostly be performed by states but not exclusively. (Update: Alex informs me that there were significant computer-to-computer links involved in the information attack on Syrian air defenses a couple years back).
- Cyber-Espionage: The exploitation of computer systems to steal industrial, military, and political information as well as military reconnaissance efforts to probe the security of adversary defense networks and industrial infrastructure. Note that most–if not all–things dubbed ‘cyber-war’ are really just cyber-espionage.
- Cybercrime: Petty hacking, political activism, large-scale criminal enterprises, etc. Again, most of what is called cyberwar is in fact cybercrime. Cyber-terrorism fits rather uneasily between the spectrum of cyberwar and cybercrime and is mainly a matter of scale. Significant armed rebellion using cyber tools would be considered within the framework of ‘war,’ but the cyber equivalent of the Jonestown cult would probably not be considered to be warfare.
Note that these are only ideal categories–in practice they blend together significantly.