Indicates that a cyber actor has attempted to degrade, destroy, disrupt, manipulate, or otherwise detrimentally affect the operation of a system or network. However, manipulation or deletion of data solely for the purpose of hiding one’s tracks is not considered an attack. Some reports use “attack” and “exploit” synonymously, drawing in part on the cryptanalysis sense of “attack” — the use of a technical approach to defeat a security measure. The dual usage can cause confusion, especially for non-technical readers, if the context does not fully explain the type of malicious cyber activity that occurred.

Source: Cyber Threats to Elections – A Lexicon, Cyber Threat Intelligence Integration Center (CTIIC), Office of the Director of National Intelligence,