Cyberwars

America is 'dropping cyberbombs'—but how do they work?

Recently, United States Deputy Defense Secretary Robert Work publicly confirmed that the Pentagon's Cyber Command was "dropping cyberbombs," taking its ongoing battle against the Islamic State group into the online world. Other American officials, including President Barack Obama, have discussed offensive cyber activities, too.

The American public has only glimpsed the country's alleged cyberattack abilities. In 2012 The New York Times revealed the first digital weapon, the Stuxnet attack against Iran's nuclear program. In 2013, former NSA contractor Edward Snowden released a classified presidential directive outlining America's approach to conducting Internet-based warfare.

The terms "cyberbomb" and "cyberweapon" create a simplistic, if not also sensational, frame of reference for the public. Real military or intelligence cyber activities are less exaggerated but much more complex. The most basic types are off-the-shelf commercial products used by companies and security consultants to test system and network security. The most advanced are specialized proprietary systems made for exclusive – and often classified – use by the defense, intelligence and law enforcement communities.