Cyber warfare – Why we need to define a model of conflict?

Cyber warfare or information warfare is still a gray area of the military doctrine, it is necessary to define the “model of conflict” and rules for the actors.

Cyber war and cyber information warfare are two terms very inflated used to describe the current disputes within the cyberspace.  To explain the effect of acts of cyber war, security experts use to mention the cyber attack against the Estonia’s government networks in 2007, an offense occurred in a period of intense political contrasts with Russia.

But the recent years have been characterized by an intense activity of governments in the cyberspace considered the fifth domain of the warfare, we assisted to the mutual network intrusions of Korean cyber armies the disputes between US and Israel against countries like China, Iran and Syria.

Almost every government in investing to improve its cyber capabilities, New Zeland and Russia for example have started important initiatives recently, the definition and the implementation of an efficient cyber strategy is a must for everyone. In many cases we discussed about the repercussions of a cyber attack on the reality, Stuxnet is a good example of the potential effect of a cyber weapon, a malicious code could in fact be used to harm an industrial process and cause loss of human life.

The absence of global accepted rules in the cyberspace, let’s think the concept itself of cyber weapon is ambiguous, is causing a fragmentation of the power, information warfare is significantly influencing the defense strategies of every governments requesting a review of decisional processes.

It is mandatory to establish a global collaboration interstate to prevent the escalation of cyber conflicts, the cyber warfare scenario is rapidly evolving and governments must align their strategies working to the definition of a set of cyber rules globally recognized and accepted.

Early 2013 an International Group of Experts tried to define this set of rules, formalizing their effort in an handbook titled “The Tallinn Manual on the International Law Applicable to Cyber Warfare”, a document that provides a study on how extant international law norms could be applied to cyber warfare.

NATO Cooperative Cyber ​​Defense Center of Excellence has sustained the drafting of the document to clarify the rules of the governments in the cyberspace, and their conduct, defining jurisdiction, control and legal responsibilities.

«A State bears international legal responsibility for cyber operation attributable to it and which constitutes a breach of an international obligation.»

The experts provided a legal definition for a concept such as a cyber attack and a cyber weapon, following an abstract from the first draft release:

«A cyber attack is cyber operation, whether offensive or defensive, that is reasonably expected to cause injury or death to persons or damage or destruction to objects»

The NATO group isn’t the unique one,  the EastWest Institute has created the Cyber 40, with delegates from 40 digitally advanced countries, the purpose is to involve government organizations, industry groups and think tanks to define practical “humanitarian agreements for cyber conflicts” in cyber warfare.

Within principal goals the definition of  the duty of care in case of cyber attacks against a country that have to define which targets have to be preserved due the possible damage on the population. Dam, dykes and Nuclear Electrical Generating Stations could not represent a primary target for a cyber attack, another question is to operate in a “context” that needs to preserve children, journalists, medical and religious personnel. In cyber warfare, the context is fundamental to introduce the concept of cyber weapons, and experts have approached it defining the ‘Means’ of cyber warfare that are cyber weapons and their associated cyber systems.

“Cyber weapons are cyber means of warfare that are by design, use, or intended use, capable of causing either injury to, or death of, persons. The ‘Methods’ of cyber warfare are the cyber tactics, techniques and procedures, by which hostilities are conducted.”

As highlighted by many cyber experts it is necessary to contextualize the principles proposed by the Geneva and Hague conventions, to the information warfare facing with difficulties specific in the use of cyber tools.

What could be considered an act of cyber war? Which are the rules of engages? When is a cyber attack justified? Which is the limitation of an “offensive” approach to cyber security?

These are just a few of questions to approach, it is necessary to define a “model of cyber conflict”, defining roles and responsibilities (e.g. Attackers, targets) .

Within the various urgencies there is the need to be able to distinguish humanitarian interests in cyberspace to avoid that a cyber attack could impact them, but it is a hard task.

Another serious issue to address is the attribution of responsibility for the cyber war acts, in the majority of cases it is quite impossible to discover the origin of the attack and to identify the attacker. The acceptance of a law framework could help to create a shared awareness of what is considerable “moral” and what is not accepted.

Information warfare is conducted through the cyberspace but we must keep in mind the possible consequences on the real world, the human component must be always preserved also in a scenario in which machine component is assuming a crucial rule, let’s think for example of the definition of a new generation of tools and systems able to take decision in real time in case of cyber attacks.

Cyber offensives are instantaneous events and in some cases to avoid the destruction of assets or to prevent the loss of human life it is necessary to take decisions in real time.

Are we really able to substitute human intervention in critical situation evaluating every possible consequences real time? Are we able to design systems that could not be deceived and that will be able to take the right decision in a timely way?

Until we have defined a model for cyber conflict and the rules for the involved actors the answer is no!

Pierluigi Paganini

(Security Affairs –  Cyber warfare, laws and regulations )


Pierluigi Paganini: Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

This website uses cookies.