TheConversation

Blog archive

More questions on global cyber war

world map

A NATO document seeks to establish a global framework for cyberwar. (Stock image)

Regarding our article on the effects of international law on cybersecurity, Randy Soper commented via Twitter: Interesting questions are how "neutrality" will be defined and "civilian"; e.g., is a "zombie" botnet member a legit mil target?

Amber Corrin responds: According to the Tallinn Manual, neutrality – which applies only during international armed conflict, cyber or otherwise – refers to neutral cyber infrastructure, public or private, that is located in neutral territory or owned by a neutral state and is located outside belligerent territory.

"The global distributions of cyber assets and activities, as well as global dependency on cyber infrastructure, means that cyber operations of the parties to a conflict can easily affect private or public neutral cyber infrastructure. Accordingly, neutrality is particularly relevant in modern armed conflict," the manual states.

Logistically, that means something like this: Hackers and other hostile parties frequently route attacks through servers located in various countries throughout the world. Neutrality means that those countries aren't considered combatants if they have nothing to do with the attacks other than their servers being, for all intents and purposes, hijacked to conduct hostile activities.

Speaking of combatants, the manual is clear – as were its backers who spoke at the Atlantic Council event in the original story – on the role of civilians in cyber warfare. There are no laws against civilians taking part in combat, but so long as they do, they do not receive the protections afforded to civilians under international humanitarian laws.

A "zombie" botnet member would, therefore, be a legitimate military target if what they are doing is deemed an act of war (which is also addressed in the manual) – if it is more than disruptive and actually destructive and causes harm or damage to people or cyber assets. In that case, even if the botnet operator is a civilian, they are engaging in cyber warfare activities and thus forfeiting their civilian protections. As things currently stand, the operations of botnets typically are not what would be deemed acts of war; they tend to be more on the disruptive side of the coin – think distributed denial of service attacks and the like.

Posted by Amber Corrin on Apr 04, 2013 at 12:10 PM


The Fed 100

Save the date for 28th annual Federal 100 Awards Gala.

Featured

  • Social network, census

    5 predictions for federal IT in 2017

    As the Trump team takes control, here's what the tech community can expect.

  • Rep. Gerald Connolly

    Connolly warns on workforce changes

    The ranking member of the House Oversight Committee's Government Operations panel warns that Congress will look to legislate changes to the federal workforce.

  • President Donald J. Trump delivers his inaugural address

    How will Trump lead on tech?

    The businessman turned reality star turned U.S. president clearly has mastered Twitter, but what will his administration mean for broader technology issues?

  • Login.gov moving ahead

    The bid to establish a single login for accessing government services is moving again on the last full day of the Obama presidency.

  • Shutterstock image (by Jirsak): customer care, relationship management, and leadership concept.

    Obama wraps up security clearance reforms

    In a last-minute executive order, President Obama institutes structural reforms to the security clearance process designed to create a more unified system across government agencies.

  • Shutterstock image: breached lock.

    What cyber can learn from counterterrorism

    The U.S. has to look at its experience in developing post-9/11 counterterrorism policies to inform efforts to formalize cybersecurity policies, says a senior official.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group