TheConversation

Blog archive

More questions on global cyber war

world map

A NATO document seeks to establish a global framework for cyberwar. (Stock image)

Regarding our article on the effects of international law on cybersecurity, Randy Soper commented via Twitter: Interesting questions are how "neutrality" will be defined and "civilian"; e.g., is a "zombie" botnet member a legit mil target?

Amber Corrin responds: According to the Tallinn Manual, neutrality – which applies only during international armed conflict, cyber or otherwise – refers to neutral cyber infrastructure, public or private, that is located in neutral territory or owned by a neutral state and is located outside belligerent territory.

"The global distributions of cyber assets and activities, as well as global dependency on cyber infrastructure, means that cyber operations of the parties to a conflict can easily affect private or public neutral cyber infrastructure. Accordingly, neutrality is particularly relevant in modern armed conflict," the manual states.

Logistically, that means something like this: Hackers and other hostile parties frequently route attacks through servers located in various countries throughout the world. Neutrality means that those countries aren't considered combatants if they have nothing to do with the attacks other than their servers being, for all intents and purposes, hijacked to conduct hostile activities.

Speaking of combatants, the manual is clear – as were its backers who spoke at the Atlantic Council event in the original story – on the role of civilians in cyber warfare. There are no laws against civilians taking part in combat, but so long as they do, they do not receive the protections afforded to civilians under international humanitarian laws.

A "zombie" botnet member would, therefore, be a legitimate military target if what they are doing is deemed an act of war (which is also addressed in the manual) – if it is more than disruptive and actually destructive and causes harm or damage to people or cyber assets. In that case, even if the botnet operator is a civilian, they are engaging in cyber warfare activities and thus forfeiting their civilian protections. As things currently stand, the operations of botnets typically are not what would be deemed acts of war; they tend to be more on the disruptive side of the coin – think distributed denial of service attacks and the like.

Posted by Amber Corrin on Apr 04, 2013 at 12:10 PM


Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.