Categories: Cyber warfare

NATO works to define rules for cyber warfare

Recent explosion of cyber attacks worldwide demonstrating the difficulty to maintain order and stability in the cyberspace, within individual states and among the states themselves. Deterrence strategies adopted by almost all countries are inadequate, cyber warfare need a totally new approach that exceed geopolitical order to mitigate the explosion of cyber threats in the fifth domain.

The absence of roles in the cyber space, even a globally recognized definition of cyber weapon, has caused a cyber arms race, the majority of governments are currently working to improve their cyber capabilities and this is bringing to a fragmentation of the power, cyber warfare is significantly influencing the defense strategies of every governments requesting a review of decisional processes.

A new concept of cyber diplomacy is growing, it is mandatory to work for a global collaboration inter states to prevents that cyber threats will create serious damages to a global economies. The cyber warfare scenario is rapidly evolving and governments must align their strategies working to the definition of a cyber rules globally recognized and accepted.

An International Group of Experts is trying to define this set of rules, formalizing their effort in an handbook that is going to be published later this week. The manual titled “The Tallinn Manual on the International Law Applicable to Cyber Warfare” provides a study on how extant international law norms could be applied to cyber warfare.

NATO Cooperative Cyber ​​Defense Center of Excellence has sustained the drafting of the document, it tries to clarify the position of the states in the cyberspace defining jurisdiction, control and legal responsibilities.

«A State bears international legal responsibility for cyber operation attributable to it and which constitutes a breach of an international obligation.»

The experts provided a legal definition for a concept such as a cyber attack and a cyber weapon, following an abstract from the first draft release:

«A cyber attack is cyber operation, whether offensive or defensive, that is reasonably expected to cause injury or death to persons or damage or destruction to objects»

The manual provides detailed specification on targets, highlighting the duty of care during attacks on dam, dykes and Nuclear Electrical Generating Stations, and the needs to preserve children, journalists, medical and religious personnel. In cyber warfare, the context is fundamental to introduce the concept of cyber weapons, and experts have approached it defining the ‘Means’ of cyber warfare that are cyber weapons and their associated cyber systems.

Cyber weapons are cyber means of warfare that are by design, use, or intended use, capable of causing either injury to, or death of, persons. The ‘Methods’ of cyber warfare are the cyber tactics, techniques and procedures, by which hostilities are conducted. An example of Means and Methods could be provided referring to a DDoS attack conducted using a Botnet. In this case the botnet is the ‘means’ of cyber warfare while the DDoS attack is the ‘method’.

The handbook  also states two fundamental concepts:

  • It is prohibited to employ means or methods of cyber warfare that are of nature to cause superfluous (aggravates suffering without military advantage) or unnecessary suffering.
  • Every time the means or methods of cyber war are used it is necessary to conduct a legal review to determine their technical description, nature of targets, effects on targets, precision and scope of intended effects.

“Everyone was seeing the Internet as the `Wild, Wild West,'” U.S. Naval War College Professor. “What they had forgotten is that international law applies to cyberweapons like it applies to any other weapons.” Michael Schmitt, the manual’s editor, declared during an interview :

The document would be an reference as military lawyers worldwide that face with use of cyber tool for warfare purpose. An interesting consideration raised by the document is related to the possibility to identify cyberwar crimes exactly as in ordinary warfare doctrine, to provide an example of a cyberwar crime we can consider the launching of a cyberattack from a neutral nation’s computer network, it is forbidden exactly in the same way happen when hostile armies march through a neutral country’s territory.

New and future conflicts will involve new actors in the geopolitical scenarios such as independent hackers, state sponsored hackers, cyber criminals and cyber terrorists that could influence the delicate balance. The battlefield is changed, the conflicts are primary conduced in virtual and immaterial global network in which concept of time is changed because the offence is instantaneous and unpredictable. Conflicts have asymmetric nature and the element of surprise is crucial causing the need to totally review of concept of deterrence.

Concepts of self-defense and pre-emptive strike are issue debated for a long during the drafting of the manual,  due the immateriality of cyberspace and instantaneity of cyber threats it is not applicable an ordinary military conduct. Discover an actor within internal networks is quite different to find an enemy that violates country borders.

The concept of enemy must be totally reviewed and with him the conditions necessary to its identification.

The manual is a first step of a long journey … but it has an extraordinary importance.

Pierluigi Paganini

(Security Affairs – Cyber warfare)

 

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Cisco addressed high-severity flaws in IOS and IOS XE software

Cisco addressed multiple vulnerabilities in IOS and IOS XE software that can be exploited to…

12 hours ago

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…

19 hours ago

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

1 day ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

1 day ago

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…

2 days ago

The DDR Advantage: Real-Time Data Defense

This is the advantage of Data Detection and Response (DDR) for organizations aiming to build…

2 days ago

This website uses cookies.