TheConversation

Blog archive

More questions on global cyber war

world map

A NATO document seeks to establish a global framework for cyberwar. (Stock image)

Regarding our article on the effects of international law on cybersecurity, Randy Soper commented via Twitter: Interesting questions are how "neutrality" will be defined and "civilian"; e.g., is a "zombie" botnet member a legit mil target?

Amber Corrin responds: According to the Tallinn Manual, neutrality – which applies only during international armed conflict, cyber or otherwise – refers to neutral cyber infrastructure, public or private, that is located in neutral territory or owned by a neutral state and is located outside belligerent territory.

"The global distributions of cyber assets and activities, as well as global dependency on cyber infrastructure, means that cyber operations of the parties to a conflict can easily affect private or public neutral cyber infrastructure. Accordingly, neutrality is particularly relevant in modern armed conflict," the manual states.

Logistically, that means something like this: Hackers and other hostile parties frequently route attacks through servers located in various countries throughout the world. Neutrality means that those countries aren't considered combatants if they have nothing to do with the attacks other than their servers being, for all intents and purposes, hijacked to conduct hostile activities.

Speaking of combatants, the manual is clear – as were its backers who spoke at the Atlantic Council event in the original story – on the role of civilians in cyber warfare. There are no laws against civilians taking part in combat, but so long as they do, they do not receive the protections afforded to civilians under international humanitarian laws.

A "zombie" botnet member would, therefore, be a legitimate military target if what they are doing is deemed an act of war (which is also addressed in the manual) – if it is more than disruptive and actually destructive and causes harm or damage to people or cyber assets. In that case, even if the botnet operator is a civilian, they are engaging in cyber warfare activities and thus forfeiting their civilian protections. As things currently stand, the operations of botnets typically are not what would be deemed acts of war; they tend to be more on the disruptive side of the coin – think distributed denial of service attacks and the like.

Posted by Amber Corrin on Apr 04, 2013 at 12:10 PM


The Fed 100

Save the date for 28th annual Federal 100 Awards Gala.

Featured

  • computer network

    How Einstein changes the way government does business

    The Department of Commerce is revising its confidentiality agreement for statistical data survey respondents to reflect the fact that the Department of Homeland Security could see some of that data if it is captured by the Einstein system.

  • Defense Secretary Jim Mattis. Army photo by Monica King. Jan. 26, 2017.

    Mattis mulls consolidation in IT, cyber

    In a Feb. 17 memo, Defense Secretary Jim Mattis told senior leadership to establish teams to look for duplication across the armed services in business operations, including in IT and cybersecurity.

  • Image from Shutterstock.com

    DHS vague on rules for election aid, say states

    State election officials had more questions than answers after a Department of Homeland Security presentation on the designation of election systems as critical U.S. infrastructure.

  • Org Chart Stock Art - Shutterstock

    How the hiring freeze targets millennials

    The government desperately needs younger talent to replace an aging workforce, and experts say that a freeze on hiring doesn't help.

  • Shutterstock image: healthcare digital interface.

    VA moves ahead with homegrown scheduling IT

    The Department of Veterans Affairs will test an internally developed scheduling module at primary care sites nationwide to see if it's ready to service the entire agency.

  • Shutterstock images (honglouwawa & 0beron): Bitcoin image overlay replaced with a dollar sign on a hardware circuit.

    MGT Act poised for a comeback

    After missing in the last Congress, drafters of a bill to encourage cloud adoption are looking for a new plan.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group