This chapter considers what, in effect, a cyber-attack actually is and sets out a taxonomy of the characteristics of attacks to provide a context in which it is possible to understand cyber-attacks. Among the many definitions of cyber-attacks, the chapter uses one that is built upon the understanding of 'cyber warfare'. The key characteristics of cyber-attacks are explored to highlight the actual (and potential) nature of cyber warfare are discussed. The chapter examines the 'exploit stage' of a cyber-attack in some detail, as this essentially constitutes the 'weaponry' of the attack. The six characteristics of a cyber-attack at the exploit stage: targetability, controllability, persistence, effect, covertness and mitigation, are then assessed. The chapter considers each of these characteristics and uses some example attacks to illustrate the extremes of each characteristic. It considers the exploit phase of the attack, i.e. the element of the attack that punches through the target's defences.