Went to a Cyber Security conference this year and one of the panels is something I want to share.
The Panel was called Battlefield Hackers and the Rules they must follow. The presenters were from the International Committee of the Red Cross. These are the folks who specialize in helping civilian populations caught up in conflicts. Being on the front lines they are seeing the impacts of Cyber war on civilians.
Their focus is on the law of armed conflict and international humanitarian laws that place limits on war, to protect civilian populations. Now they are focusing on adding wartime prohibition on Cyber Operations against civilian populations.
The Geneva convention does not allow the targeting of civilian populations or infrastructure which are noted as Objects (hospitals, power-plants, dams). The ISRC is looking at proposing the inclusion of non-physical objects to be included in the definition.
Attacks they are seeing on the battlefields
Cyber operations at the frontline combined with electromagnetic activities (CEMA) to establish extended A2AD (Anti-Access/Area Denial) areas. Basically denial of access to all electronic communications.
Increase in cyber operations against infrastructure by State Actor Proxies (Ransomware Gangs) , basically taking out the control systems of civilian objects indispensable to the survival of the civilian populations. (SCADA control systems of powerplants, the IT of a hospital would be examples) They wanted to make clear these are war crimes, even if we need to update the language in the Geneva Convention Charter to make that clear.
They noted in the Law of War manual 2023
“The law of war affirmatively anticipates technological innovation and contemplates that its existing rules will apply to such innovation, including cyber operations “
Their comment on the above was the practical details on how that will work in the Internal court are not settled, since member states have not determined their views on cyber warfare.
The further rules that they are proposing to the protocols
- Do not direct cyber attacks against civilian objects
- Do not use malware or automatic techniques that damage military objectives and civilian objects indiscriminately
- When planning a cyber attack against military objectives, do everything feasible to avoid or minimize the effects on civilians
- Do not conduct any cyber operations against medical and humanitarian facilities
- Do not conduct any cyber attack against objects indispensable to the survival of the population
- Do not make threats of violence to spread terror among the civilian population
- Do not incite violations of international humanitarian law
- Comply with these rules even if the enemy does not
These protocols are not in place yet, since it takes along time to get it through – since the committees are made up of member states (signatory nations of the Geneva Conventions) – and states cannot be compelled. The increase in targeting of civilians in the Ukraine and Gaza were brought up, with numerous examples of cyber attacks on civilians.
It is little comfort that these protocols if passed will just be used in war crime cases in the Hague. But they do hold up a light to what is acceptable behavior and helps frame the dialog of nations.
But there was a twist when they talked about civilian hackers/companies’ obligations in war. One of my earlier articles was on an app that was normally used to track availability and prices of items in stores (someone’s Defense department) paid to have Ukrainian citizens take pictures of Infrastructure (possible targets). This was pulled because it put possible unsuspecting civilians in danger, but the talk also pointed out it made the owners/creators of the app possibly accessories to war crimes – if civilians had died or infrastructure was destroyed due to their participation. Folks need to think how their data, programs, apps may be used in a warzone. They may be named as participating in hostilities.
One of my other articles was on using facial recognition to identify the enemies dead. It was being used to target families back in Russia for propaganda value, which also might be a war crime it if is seen to cause terror in the civilian population it was being target at.
This is the best article I found on that Rules for Civilian Hackers in War
My personal take away from all this is that Cyber War makes sure we are all part of the conflict possibly as victims or perpetrators no matter where the actual war is located. Ransomware has been increasing around the world which taken hospitals as hostages and threatened patients around the world. These gangs actually work for Nations states helping them raise funds (N. Korea and Russia) or to get practice in damaging Infrastructure (see the Typhoon attacks on the US from China).
War has been democratized we are all affected by it no matter where the atrocities are happening.
This doesn’t even address the use of social media to mock or lie about civilian causalities, or Deep Fakes used for misinformation
