The IT Law Wiki


Physical attacks (also called kinetic attack) are

intentional offensive actions which aim to destroy, expose, alter, disable, steal or gain unauthorised access to physical assets such as infrastructure, hardware, or interconnection. This threat type basically applies to any kind of infrastructure in general, thus also to the Internet infrastructure. Instances, among others, are vandalism, theft, sabotage, information leakage, and bomb attacks.[1]


A physical attack disrupts, damages, or destroys computer equipment and/or the availability of data. A physical attack is implemented either through use of conventional weapons, creating heat, blast, and fragmentation, or through direct manipulation of wiring or equipment, usually after gaining unauthorized physical access.

"A physical attack can constitute a threat to an organization, certain areas of the organization or individuals. The technical possibilities to perpetrate an attack are numerous: throwing bricks, blasts by explosives, use of firearms or arson."[2]

As an element of an integrated counterinformation effort, physical attack refers to the use of "hard kill" or kinetic weapons to create information effects. There are two types of effects that physical attack can provide to counterinformation efforts. First, physical attack can create a physically discernible effect against an adversary's information system, for example, the destruction or disruption of a key leadership communication node. Second, physical attack can also be used to create or alter adversary perceptions. In either case, the purpose of physical attack in a counterinformation role is to affect adversary information or information systems by using a physical weapon to create a specific effect on the adversary.