Cyber Attack

From CIPedia
Revision as of 22:07, 3 July 2017 by Eluiijf (talk | contribs) (Costa Rica)
Jump to navigation Jump to search


Definitions

European/EU Definitions

CIPS / ISEC

Attacks against information systems carried out by using malicious software, including botnets. [1]


Other International Definitions

ITU-T

(Cyber) attack are the activities undertaken to bypass or exploit deficiencies in a system's security mechanisms. [2]

By a direct attack on a system they exploit deficiencies in the underlying algorithms, principles, or properties of a security mechanism. Indirect attacks are performed

when they bypass the mechanism, or when they make the system use the mechanism incorrectly.

Attaque: Activités entreprises pour contourner ou exploiter des déficiences constatées dans les mécanismes de sécurité d'un système. [3]


Ataque: Actividades realizadas para obviar los mecanismos de seguridad de un sistema o aprovechar sus deficiencias. [4]


攻击: 为绕过一个系统的安全机制或利用其漏洞而采取的行动. [5]


NATO

CCD-CoE (Tallinn manual)
Cyber attack is a cyber operation, whether offensive of defensive, that is reasonable expected to cause injury or death to persons or damage or destruction to objects. [6]


National Definitions

Albania

Sulm kibernetik – konsiderohet çdo përpjekje e drejtuar/qëllimshme për të marrë akses, manipuluar, ndërhyrë ose dëmtuar integritetin, konfidencialitetin, sigurinë dhe/ose disponibilitetin e të dhënave, të një aplikimi ose të të dhënave të sistemit kompjuterik, pa patur autoritet ligjor për ta bërë këtë. [7]


Austria

Cyber attack refers to an attack carried out in cyberspace through tools, services, or applications in cyberspace, which is directed against one or several IT system(s). Its aim is to undermine the objectives of ICT security protection (confidentiality, integrity and availability) partly or totally. [8]

Ein Cyber Angriff ist ein Angriff mit Mitteln der IT im Cyber Raum, der sich gegen einen oder mehrere andere IT-Systeme richtet und zum Ziel hat, die Schutzziele der IKT Sicherheit als Teil oder Ganzes zu verletzen. [9]


Bulgaria

Кибер атака: злонамерена дейност, която цели да разруши, да осигури контрол над компютърна среда/инфраструктура, да наруши интегритет на данни или открадне контролирана информация. [10]

(НАТО) Действия, предприети за нарушаване, отхвърляне, влошаване или разрушаване на информация, намираща се в компютър и/или компютърна мрежа или на компютъра и/или компютърната мрежа. [11]


Burkina-Faso

Attaque est in action de malveillance consistant à tenter de contourner les fonctions de sécurité d’un Système Informatique. Il existe deux types d’attaques, les attaques passives et les attaques actives. Une attaque passive ne modifie pas le fonctionnement normal des communications et du réseau : elle se base sur l’Observation et l’Analyse du trafic. Une attaque active modifie l’état de la communication et du réseau et prend trois formes possibles: Altération des messages, Refus de Service et Connexion frauduleuse. [12]



Canada

Cyber attacks include the unintentional or unauthorized access, use, manipulation, interruption or destruction (via electronic means) of electronic information and/or the electronic and physical infrastructure used to process, communicate and/or store that information. [13]

Les cyberattaques comprennent l’accès involontaire ou non autorisé à des renseignements électroniques et/ou des infrastructures électroniques ou matérielles utilisés pour traiter, communiquer ou entreposer cette information, ainsi que leur utilisation, leur manipulation, leur interruption ou leur destruction (par voie électronique). [14]


Chile

Ciberataque: es una expresión del ciberconflicto consistente en acciones hostiles desarrolladas en el ciberespacio con el objetivo de irrumpir, explotar, denegar, degradar o destruir la infraestructura tecnológica, componente lógico o interacciones de éste y pueden tener distintos niveles según su duración, frecuencia y daño generado. [15]



Colombia

Ataque cibernético: Acción organizada y/o premeditada de una o más personas para causar daño o problemas a un sistema informático a través del ciberespacio. [16]

Cyberattack: organised and / or premeditated misconduct or one or more individuals to cause damage to a computer system problems through cyberspace.

Ataque cibernético: acción organizada o premeditada de una o más agentes para causar daño o problemas a un sistema a través del Ciberespacio. [17]



Costa Rica

Ataque cibernético / ciberataque: Acción que tiene por propósito interrumpir, desactivar, destruir o controlar malintencionadamente un entorno/infraestructura informática; o destruir la integridad de los datos o el robo de información controlada. [18]



Cuba

Ataque cibernético: Acción intencionada en el ciberespacio con el objetivo de deshabilitar, destruir o controlar de forma maliciosa una infraestructura o sistema de información, destruir la integridad de los datos o robar información controlada. [19]


Ciberataques: Acto en el que se cometen agravios, daños o perjuicios a equipos y sistemas de computación que se encuentran operando en la red a nivel mundial. Puede ser orientado hacia la información, datos, protocolos, servicios, personas o grupos de ellas, entidades o instituciones usando medios de computadoras conectadas o no a Internet. [19]



Germany

National Cyber Security Strategy 2016
Ein Cyber-Angriff ist eine Einwirkung auf ein oder mehrere andere informationstechnische Systeme im oder durch den Cyber-Raum, die zum Ziel hat, deren IT-Sicherheit durch informationstechnische Mittel ganz oder teilweise zu beeinträchtigen. (2016) [20]
National Cyber Security Strategy 2011
A cyber attack is an IT attack in cyberspace directed against one or several other IT systems and aimed at damaging IT security. [21]

Ein Cyber-Angriff ist ein IT-Angriff im Cyber-Raum, der sich gegen einen oder mehrere andere IT-Systeme richtet und zum Ziel hat, die IT-Sicherheit zu brechen. [22]
BSI
Cyber attacks are attacks carried out in cyberspace through tools, services, or applications in cyberspace; in the process, cyberspace can be origin, target or the environment of the attack. [23]



Japan

攻撃: インテリジェントな脅威、すなわちセキュリティサービスを回避し、システムのセキュリティポリシーを侵害する故意の試み(特に、方式あるいは技法という意味において)としてのインテリジェントな動作によってもたらされるセキュリティシステムへの攻撃.

(Cyber) attack is an assault on system security that derives from an intelligent threat, i.e., an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system. [24]


Morocco

Cyberattaques: Actes malveillants envers un dispositive informatique, généralement via in réseau de télécommunications. [25]

Cyberattacks: Malicious acts against a computer device, usually via a telecommunications network.



New Zealand

Cyber attack is an attempt to undermine or compromise the function of a computer-based system, access information, or attempt to track the online movements of individuals without their permission. [26]


Nigeria

Cyber attack (usually) involves the use of malicious codes to alter digital codes, logic or data, resulting in disruptive consequences that can compromise the confidentiality, integrity, and availability of data and lead to manipulation of information systems and internetwork infrastructure. [27]



Philippines

Cyber attack:
(a) Is an attack via cyberspace, targeting an enterprise‘s use of cyberspace for the purpose of disrupting, disabling, destroying, or maliciously controlling a computing environment/infrastructure;

(b) destroying the integrity of the data or stealing controlled information; A hostile act using computer or related networks or systems, and intended to disrupt and/ or destroy an adversary's critical cyber systems, assets, or functions. [28]



Poland

Cyberatak – celowe zakłócenie prawidłowego funkcjonowania cyberprzestrzeni.

Cyber attack - deliberate disruption of the proper functioning of cyberspace. [29]



Portugal

[Definição] Ciberataque: Ataque realizado através das tecnologias de informação no ciberespaço dirigido contra um ou vários sistemas, com o objetivo de prejudicar a segurança das tecnologias de informação e da comunicação (confidencialidade, integridade e disponibilidade), em parte ou totalmente. [30]



Romania

Atac cybernetic: acţiune ostilă desfăşurată în spaţiul cibernetic de natură să afecteze securitatea cibernetică.

Cyber attack: hostile action to affect the cyberspace and Cyber Security. [31]


Atac informaţional: Acţiune de luptă ofensivă, realizată prin utilizarea unor ştiri şi comunicate, în urma cărora inamicul este „intoxicat” cu informaţii false; atac împotriva informaţiilor confidenţiale ale unor instituţii; acces neautorizat la informaţii; lansare de zvonuri, în scopul calomnierii cuiva. [32]



Switzerland

Cyber attacks are carried out on computers, networks and data. They are aimed at disrupting the integrity of the data or the functioning of the infrastructure and restricting or interrupting their availability. They also seek to compromise the confidentiality or authenticity of information by means of unauthorised reading, deletion or modification of data, connections or server services are overloaded, information channels spied upon or surveillance and processing systems are manipulated in a targeted manner. [33]


Turkey

Siber saldırı: Ulusal siber uzayda bulunan bilişim sistemlerinin gizlilik, bütünlük veya erişilebilirliğini ortadan kaldırmak amacıyla, siber uzayın her hangi bir yerindeki kişi ve/veya bilişim sistemleri tarafından kasıtlı olarak yapılan işlemleri. [34]

Cyber attack: Operations carried out deliberately by a person and/or information systems at any place in cyber space for the purpose of compromising the confidentiality, integrity or availability of information systems in national cyber space. [35]


United Kingdom (UK)

Cyber attack is the deliberate exploitation of computer systems, digitally-dependent enterprises and networks to cause harm. [36]



Cyber attack can refer to anything from small-scale email scams through to sophisticated largescale attacks with diverse political and economic motives. Large-scale attacks may have a number of interrelated aims such as: gaining unauthorised access to sensitive information; causing disruption to IT infrastructure; or causing physical disruption (e.g. to industrial systems). [37]


United States

NIST
Cyber attack is an attack, via cyberspace, targeting an enterprise’s use of cyberspace for the purpose of disrupting, disabling, destroying, or maliciously controlling a computing environment/infrastructure; or destroying the integrity of the data or stealing controlled information. [38]


An attack is an attempt to gain unauthorized access to system services, resources, or information, or an attempt to compromise system integrity, availability, or confidentiality. [39]



Other Definitions

East-West Institute (Russia-US)

Cyber Attack is an offensive use of a cyber weapon intended to harm a designated target.

наступательное, использование [кибероружия], с целью нанесения вреда определенной цели . [40]


See also

Notes

  1. CIPS and Programme Prevention of and Fight against Crime (ISEC)
  2. ITU Security in Telecommunications and Information Technology: An overview of issues and the deployment of existing ITU-T Recommendations for secure telecommunications, ITU-T, Geneva (2012) - ITU-T H.235.
  3. Sécurité dans les télécommunications et les technologies de l’information: Aperçu des problèmes et présentation des Recommandations UIT-T existantes sur la sécurité dans les télécommunications, ITU-T, Geneva (2012) - ITU-T H.235.
  4. Seguridad de las telecomunicaciones y las tecnologías de la información: Exposición general de asuntos relacionados con la seguridad de las telecomunicaciones y la aplicación de las Recomendaciones vigentes del UIT-T, ITU-T, Geneva (2012) - ITU-T H.235.
  5. 关于电信安全的若干议题综述 及相关ITU-T建议书应用简介, ITU-T, Geneva (2012) - ITU-T H.235.
  6. Tallinn Manual on the International Law Applicable to Cyber Warfare (2013)
  7. Dokumenti i Politikave për Sigurinë Kibernetike 2015 - 2017
  8. Austrian Cyber Security Strategy, Federal Chancellery of the Republic of Austria, Vienna (2013)
  9. Österreichische Strategie für Cyber Sicherheit (2013)
  10. „Кибер устойчива България 2020” - Republic of Bulgaria: national cyber security strategy "Cyber Resilient Bulgaria 2020"(2016)
  11. „Кибер устойчива България 2020” - Republic of Bulgaria: national cyber security strategy "Cyber Resilient Bulgaria 2020"(2016)
  12. CIRT-BF Glossary
  13. Canada’s Cyber Security Strategy (2010). For a Stronger and More Prosperous Canada (2010)
  14. Stratégie de cybersécurité du Canada: renforcer le Canada et accroître sa prospérité. (2010)
  15. BASES PARA UNA POLÍTICA NACIONAL DE CIBERSEGURIDAD, MARZO DE 2015, Chile
  16. Lineamientos de política para ciberseguridad y ciberdefensa (2011)
  17. Conpes 3854 POLÍTICA NACIONAL DE SEGURIDAD DIGITAL (2016)
  18. [DRAFT Estrategia Nacional de Ciberseguridad de Costa Rica (2016-2017)]
  19. 19.0 19.1 Glossary of Cyber terms/Glosario de términos, Centro de Seguridad del Ciberespacio
  20. Cyber-Sicherheitsstrategie für Deutschland 2016
  21. Cyber Security Strategy for Germany (2011)
  22. Cyber-Sicherheitstrategie für Deutschland (2011)
  23. Unpublished working glossary of UP KRITIS and BSI, 2014
  24. RFC2828 (Japanese translation)
  25. STRATEGIE NATIONALE EN MATIERE DE CYBERSECURITE, Morocco, 2011
  26. New Zealand’s Cyber Security Strategy (2011)
  27. National Cybersecurity Policy and Strategy (2014)
  28. DND GLOSSARY OF CYBER SECURITY TERMS (v.4)
  29. 2013 Narodowy Program Ochrony Infrastruktury Krytycznej
  30. Glossário Centro National de Cibersegurança Portugal
  31. Hotărârea nr. 271/2013 pentru aprobarea Strategiei de securitate cibernetică
  32. GLOSAR de termeni din domeniul ordinii şi siguranţei publice, MINISTERUL ADMINISTRAŢIEI ŞI INTERNELOR DIRECŢIA GENERALĂ ORGANIZARE, PLANIFICARE MISIUNI ŞI RESURSE
  33. National strategy for the protection of Switzerland against cyber risks (2012)
  34. 2016-2019 ULUSAL SİBER GÜVENLİK STRATEJİSİ
  35. Turkey's National Cyber Security Strategy 2016-2019 (2016)
  36. National Cyber Security Strategy 2016, HM Government
  37. Cyber Security in the UK, Postnote Number 389, September 2011
  38. NIST Special Publication 800-53 Rev 4: Security and Privacy Controls for Federal Information Systems and Organizations (April 2013)
  39. NIST Special Publication 800-82 Rev 2: Guide to Industrial Control Systems (ICS) Security (May 2015)
  40. RUSSIA-­‐U.S. BILATERAL ON CYBERSECURITY: CRITICAL TERMINOLOGY FOUNDATIONS
Retrieved from "https://websites.fraunhofer.de/CIPedia/index.php?title=Cyber_Attack&oldid=8639"