New rules seek to avoid attacks on civilian infrastructure
It isn’t only drones and satellite broadband that are changing the face of warfare (see p12), but the faces fighting wars are changing, too. That’s why the International Committee of the Red Cross (ICRC) has published a new set of rules laying down the law to civilian hackers participating in cyberconflicts.
“Today, it’s sometimes said people are only one click away from conflict,” said Tilman Rodenhäuser, a legal advisor at the ICRC. “You no longer need to go to a country at war in order to participate in hostilities in a way. The cyber environment, for someone with the right skills, has really made it much easier to cause an impact in a country already devastated by war.”
Designed by Rodenhäuser and his colleague Mauro Vignati, an advisor on digital technology, the rules are analogous to the Geneva Conventions, the international agreements made in the 19th and early 20th centuries in which countries agreed the so-called laws of war. These ruled out, for example, the use of chemical or biological weapons.
So why do we need new rules to govern hackers? “Some years ago, it was dismissed as being cyber vigilantism, and it’s not so significant or not so sophisticated,” said Rodenhäuser. “But we have seen some of these operations directed at hospitals, directed at online pharmacies, taking down banks or entire banking sectors, so the impact and the harm that it can cause is significant.”
The new rules break down into eight main directives that civilian hackers must follow:
No cyberattacks against civilian objects No malware that damages civilian objects Operations should be planned to minimise damage to civilians No cy
