Establishing New Rules for Cyber Warfare

The efforts of the International Committee of the Red Cross to establish rules of engagement to combatants in a cyberwar should be applauded internationally, even if adherence is likely to be limited.
The ICRC recently released a set of rules for civilian hackers involved in conflicts to follow in order to clarify the line between civilians and combatants, as cyberspace can be a blurry place to work in - especially during a war.
The ongoing conflict between Russia and Ukraine in particular has caused unprecedented numbers of civilian hackers to place themselves in the middle of the war, using their skills to fuel attacks on banks, manufacturing facilities, hospitals, and railways, in an attempt to sway the war to one side or another.
Do not direct cyberattacks against civilian objects.
Do not use malware or other tools or techniques that spread automatically and damage military objectives and civilian objects indiscriminately.
When planning a cyberattack against a military objective, do everything feasible to avoid or minimize the effects your operation may have on civilians.
Do not conduct any cyber operation against medical and humanitarian facilities.
Do not make threats of violence to spread terror among the civilian population.
These rules come at a time when it's never been easier for groups, or even individuals, to get involved in attacks and do their part for their cause.
The easier it is for anybody with a grudge to launch a cyberattack, the less restrictive these rules will be and the less they will be followed.
Many of the stateless groups involved in the Russia-Ukraine conflict aren't bound by current national or international laws.
Several groups, such as the pro-Russian Killnet group, already have reported they will not follow the ICRS's rules.
Even though these rules likely will not be accepted by the hacking groups currently operating within the Russia-Ukraine conflict, the ICRC should be commended for coming up with and publishing these rules.
Establishing norms is crucial for holding such groups accountable for potential war crimes, civilian death and destruction, and other harmful ancillary effects.
The rules are supposed to fall in line with international humanitarian law, a set of rules that seek to limit the effects of armed conflict and, when broken, constitute war crimes.
The IHL rules for armed conflict are critical in protecting citizens in military zones during wartime, but the often anonymous and detached nature of cyberspace means it will be much, much harder to police these new cyber-focused IHL rules.
Rule No. 3, for example, is absolutely critical to mitigating the damage to civilians during a conflict.
Civilian hackers working on behalf of a military goal may be totally unaware of the unintended destruction they would cause with their attacks.
NotPetya - a targeted attack against Ukrainian infrastructure - went into the wild in 2017, paralyzing factories across the globe and costing shipping company Maersk $300 million.
If even some level of deterrence can be achieved by these rules, it will serve to avoid unnecessary damage and harm in future conflicts.


This Cyber News was published on www.darkreading.com. Publication date: Mon, 04 Dec 2023 14:35:04 +0000


Cyber News related to Establishing New Rules for Cyber Warfare

Bringing Composability to Firewalls with Runtime Protection Rules - Rule control - Customers could not easily write their own firewall rules because of the use of proprietary languages that most teams weren't familiar with unless they received specialized training, or behind walled gardens only accessible by vendor ...
8 months ago Securityboulevard.com
What Are Firewall Rules? Ultimate Guide - Firewall rules are preconfigured, logical computing controls that give a firewall instructions for permitting and blocking network traffic. Network admins must configure firewall rules that protect their data and applications from threat actors. ...
8 months ago Esecurityplanet.com
What CIRCIA Means for Critical Infrastructure Providers and How Breach and Attack Simulation Can Help - Cyber Defense Magazine - To prepare themselves for future attacks, organizations can utilize BAS to simulate real-world attacks against their security ecosystem, recreating attack scenarios specific to their critical infrastructure sector and function within that sector, ...
1 week ago Cyberdefensemagazine.com
Understanding the New SEC Rules for Disclosing Cybersecurity Incidents - The U.S. Securities and Exchange Commission recently announced its new rules for public companies regarding cybersecurity risk management, strategy, governance, and incident exposure. "Currently, many public companies provide cybersecurity disclosure ...
10 months ago Feeds.dzone.com
Establishing New Rules for Cyber Warfare - The efforts of the International Committee of the Red Cross to establish rules of engagement to combatants in a cyberwar should be applauded internationally, even if adherence is likely to be limited. The ICRC recently released a set of rules for ...
10 months ago Darkreading.com
Cyber Insurance for Businesses: Navigating Coverage - To mitigate these risks, many businesses opt for cyber insurance. With the wide range of policies available, navigating the world of cyber insurance can be overwhelming. In this article, we will delve into the complexities of cyber insurance and ...
8 months ago Securityzap.com
Cyber Insurance: A Smart Investment to Protect Your Business from Cyber Threats in 2023 - Don't wait until it's too late - get cyber insurance today and secure your business for tomorrow. According to the U.S. Federal Trade Commission, cyber insurance is a particular type of insurance that helps businesses mitigate financial losses ...
7 months ago Cyberdefensemagazine.com
Fighting ransomware: A guide to getting the right cybersecurity insurance - While the cybersecurity risk insurance market has been around for more than 20 years, the rapidly changing nature of attacks and the rise in the ransomware epidemic has markedly changed the nature of cyber insurance in recent years. It's more ...
8 months ago Scmagazine.com
Cyber Insights 2023: The Geopolitical Effect - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. The Russia/Ukraine war that started in early 2022 has been mirrored by a ...
1 year ago Securityweek.com
Securities and Exchange Commission Cyber Disclosure Rules: How to Prepare for December Deadlines - Starting Dec. 18, publicly traded companies will need to report material cyber threats to the SEC. Deloitte offers business leaders tips on how to prepare for these new SEC rules. The U.S. Securities and Exchange Commission’s new rules around ...
10 months ago Techrepublic.com
Wargames director Jackie Schneider on why cyber is one of 'the most interesting scholarly puzzles' - In other games, we had people from Silicon Valley who were leading AI companies or cyber companies. What we found is those who had expertise in cyber operations were more likely to be more nuanced about how they used the cyber capability. On a larger ...
4 months ago Therecord.media
Does Pentesting Actually Save You Money On Cyber Insurance Premiums? - Way back in the cyber dark ages of the early 1990s as many households were buying their first candy-colored Macintoshes and using them to play Oregon Trail and visit AOL chat rooms, many businesses started venturing into the digital realm as well by ...
10 months ago Securityboulevard.com
Three Key Threats Fueling the Future of Cyber Attacks - Improvements in cyber security and business continuity are helping to combat encryption-based ransomware attacks, yet the cyber threat landscape is continually evolving. Protecting an organization against intrusion remains a cat and mouse game, in ...
6 months ago Cyberdefensemagazine.com
Tell the FCC It Must Clarify Its Rules to Prevent Loopholes That Will Swallow Net Neutrality Whole - The Federal Communications Commission has released draft rules to reinstate net neutrality, with a vote on adopting the rules to come on the 25th of April. The FCC needs to close some loopholes in the draft rules before then. Net neutrality is the ...
5 months ago Eff.org
IT Professionals in ASEAN Confronting Rising Cyber Security Risks - The ASEAN region is seeing more cyber attacks as digitisation advances. In July 2023, the Association of Southeast Asian Nations officially opened a joint cyber security information sharing and research centre, or Cybersecurity and Information Centre ...
10 months ago Techrepublic.com
Uncertainty Is the Biggest Challenge to Australia's Cyber Security Strategy - Political shifts could lead to changes in Australia's cyber security strategy. Early in 2023, as the Australian government started to craft its cyber security vision, it met with opposition at both ends of the political spectrum. On the right wing, ...
9 months ago Techrepublic.com
Sigma rules for Linux and MacOS ~ VirusTotal Blog - TLDR: VT Crowdsourced Sigma rules will now also match suspicious activity for macOS and Linux binaries, in addition to Windows. We recently discussed how to maximize the value of Sigma rules by easily converting them to YARA Livehunts. At that time ...
9 months ago Blog.virustotal.com
Power Outage: 2015 Ukraine Cyber Warfare Attack - On December 23, 2015, Ukraine experienced a cyber warfare attack that caused a power outage across the country for over 1.4 million people. The attack targeted three of the nation's distribution companies that resulted in a complete shutdown of their ...
1 year ago Securityaffairs.com
Cyber Warfare 2: The Examined Ukranian Power Outage - The recent cyber attack in Ukraine which led to a power outage illustrates the severity of cyber warfare and the pressing need for better cybersecurity measures. It’s widely believed that the attack was state-sponsored, given the cyber-espionage ...
1 year ago Securityaffairs.com
Check Point Research Report: Shift in Cyber Warfare Tactics - Highlights: Shift in Cyber Warfare Focus: Recent developments in cyber warfare reveal a shift in the activities of Iranian hacktivist proxies. Initially concentrated on Israel, these groups are now extending their cyber operations to include targets ...
10 months ago Blog.checkpoint.com
Mississippi Creates New Cyber Unit and Names First Director - The state of Mississippi has recently announced the creation of a new dedicated cyber security unit, as well as the naming of its first director. The Mississippi Cyber Security Unit, headed by Director Kelly Hurst and backed by the Mississippi Office ...
1 year ago Securityweek.com
Meet Your New Cybersecurity Auditor: Your Insurer - As businesses deal with the fallout of massive ransomware waves, from Lapsus$ to Cl0p/MOVEit, an unlikely new entity is joining the regulatory bodies to raise the bar for cybersecurity: the cyber insurer. Their coverage requirements and ...
10 months ago Darkreading.com
The Evolution of Cyber Threats: Past, Present, and Future - Cyber threats have evolved significantly over time, posing increasing risks to individuals, organizations, and governments in our interconnected world. Let's explore the past, present, and future of cyber threats to better understand how to protect ...
8 months ago Securityzap.com
Russia Set to Ramp Up Attacks on Ukraine's Allies This Winter - Russia is set to ramp up cyber campaigns targeting Ukraine's allies as kinetic warfare slows this winter, according to a report by Cyjax. Researchers noted that Russia's missile production is struggling to keep pace with its tactical, operational and ...
9 months ago Infosecurity-magazine.com
Cyber Insights 2023: Cyberinsurance - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. In 2022, Russia invaded Ukraine with the potential for more serious and more ...
1 year ago Securityweek.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)