Training military personnel on cyberwarfare tactics. MC3 Michael A. Lantron/U.S. Navy

The process of identifying potential targets, selecting them and planning “cyberbomb” attacks includes not only technological experts but military strategists, researchers, policy analysts, lawyers and others across the military-industrial complex . These groups constantly analyze technology to develop the latest cyber weapons and tactics. They also must ensure the use of a given “cyberbomb” aligns with national interests, and follows national and international laws and treaties.

For example, as part of their counterterrorism efforts, electronic intelligence services (such as the American NSA and British GCHQ ) routinely collect items like real names, user IDs, network addresses, Internet server names, online discussion histories and text messages from across the Internet. Gathering and analyzing these data could use both classified and unclassified methods. The agencies could also conduct advanced Google searches or mine The Internet Archive’s Wayback Machine . This information can be linked with other data to help identify physical locations of target computers or people . Analysts can also observe interconnections between people and infer the types and strengths of those relationships.

This information can clue intelligence analysts in to the existence of previously undiscovered potential Internet targets. These can include virtual meeting places, methods of secure communications, types of phones or computers favored by the enemy, preferred network providers or vulnerabilities in their IT infrastructures. In some cases, cyberattacks need to be coordinated with spies or covert agents who must carry out physical aspects of the plan, especially when the electronic target of a “cyberbomb” is hard to reach – such as the computers inside the Iranian nuclear facility targeted by the Stuxnet worm.

Cyberattack purposes can vary widely. Sometimes, a government entity wants to simply monitor activity on a specific computer system in hopes of gaining additional intelligence. Other times, the goal is to place a hidden “backdoor” allowing the agency to secretly take control of a system. In some cases, a target computer will be attacked with the intent of disabling it or preventing future use by adversaries. When considering that kind of activity, planners must decide whether it’s better to leave a site functional so future intelligence can be collected over the long term, or to shut it down and prevent an adversary from using it in the near term.

Although not strictly a “cyber” attack, “cyberbombing” also might entail the use of decades-old electronic warfare techniques that broadcast electromagnetic energy to (among other things) disrupt an adversary’s wireless communications capabilities or computer controls. Other “cyberbombing” techniques include modifying or creating false images on an enemy’s radar screens ahead of an air attack, such as how Israel compromised Syria’s air defense systems in 2007. These may be done on their own or to support more traditional military operations.

Finally, using an electromagnetic pulse (EMP) weapon to disrupt and/or disable all electronic circuits over a wide area – such as a city – could be considered the “Mother of All Cyber Bombs.” As such, its effect would be felt both by enemy forces and local (likely) noncombatant citizens, all of whom suddenly would be unable to obtain fresh water and electricity, and find their local hospitals, banks and electronic items ranging from cars to coffee pots unable to function. Depending on the heat and blast from the bomb’s detonation, some people might not notice – though those dependent on electronic medical devices like pacemakers probably would feel effects immediately. EMP is commonly associated with nuclear weapons, but even using nonnuclear EMP devices in a populated area would presumably cause enough “collateral damage” that it would violate international laws.

Fighting against nongovernment groups

In addition to the above techniques, and particularly when fighting opponents that are not foreign governments – such as ISIS – a unique type of “cyberbombing” seeks to target the online personas of terror group leaders. In this type of attack, one goal may be to tarnish their online reputations, such as publishing manipulated images that would embarrass them. Or, cyber weaponry may be used to gain access to systems that could be used to issue conflicting statements or incorrect orders to the enemy .

These types of “cyberbombs” can create psychological damage and distress in terrorist networks and help disrupt them over time. The United Kingdom’s JTRIG (Joint Threat Research Intelligence Group) within GCHQ specializes in these tactics . Presumably similar capabilities exist in other countries.

Making cyberwar public

Until recently, few nations publicly admitted planning or even thinking about waging offensive warfare on the Internet. For those that do, the exact process of planning a digital warfare campaign remains a highly guarded military and diplomatic secret.

The only people announcing their cyberattacks were assorted hacktivist groups such as Anonymous and the self-proclaimed “ Cyber-Caliphate ” supporting ISIS. By contrast, the most prominent cyber-attack waged by a nation-state ( 2011’s Stuxnet ) – allegedly attributed to the United States and Israel – was never officially acknowledged by those governments.

Cyber weapons and the policies governing their use likely will remain shrouded in secrecy. However, the recent public mentions of cyber warfare by national leaders suggest that these capabilities are, and will remain, prominent and evolving ways to support intelligence and military operations when needed.

This post originally appeared at The Conversation . Follow @ConversationUS on Twitter.