The present paper attempts to delve into the underexplored field of cyber crisis management, by initiating an academic problematization on crisis conceptualization and crisis management theory. It uses the theoretical framework of transboundary crisis management in order to examine two different major cyber attacks, the 2017 WannaCry ransomware attack and the 2016 hacking of the DNC, and answer an empirical puzzle: why are these cases not characterized as crises even though they fit already existing definitions? The study concludes that this grey area in terminology is generated by an academic reluctance to delve into the cyber domain and consequently by using old concepts to explain new threats. Moreover, it contributes to the theory of transboundary crisis management by shedding light on certain characteristics of cyber crises which were previously overlooked.