In an effort to curb the rising tide of cyber-attacks on civilian targets during conflicts, the International Committee of the Red Cross (ICRC) has issued a set of guidelines, urging hacktivists to adhere to international humanitarian law. The organization’s warning comes as cyber warfare continues to disrupt non-military entities, including hospitals, pharmacies, and banks, causing harm to innocent civilians.
Growing Impact on Civilian Life
Cyber-attacks carried out by civilians during wartime have increasingly targeted non-military facilities and institutions, leading to severe disruptions and placing blameless members of society at risk. Hospitals, pharmacies, and financial institutions have all fallen victim to these attacks, amplifying the humanitarian crisis during conflicts.
Additionally, the ICRC has pointed out that hacktivists who engage in such activities could inadvertently expose themselves to heightened danger by signaling to opposing forces that they qualify as legitimate military targets. This alarming trend has prompted the ICRC to call on governments to take action against hacktivist activities.
ICRC’s New Rules of Engagement
To address these issues, the ICRC has published a set of rules of engagement in cyberspace. These rules aim to clarify the boundaries that civilian hackers should respect during times of conflict:
- Avoid Attacks on Civilian Objects: Hacktivists are urged not to direct cyber-attacks against civilian objects.
- Prevent Indiscriminate Damage: The use of malware or other techniques that indiscriminately damage both military and civilian objects is prohibited.
- Minimize Civilian Impact: When planning a cyber-attack against a military objective, hacktivists should do everything feasible to minimize the impact on civilians.
- Protect Medical and Humanitarian Facilities: Cyber-attacks against medical and humanitarian facilities are strictly prohibited.
- Preserve Essential Infrastructure: Hacktivists should refrain from targeting objects indispensable to the survival of the population or those that can release dangerous forces.
- Avoid Terror and Violent Threats: Making threats of violence to spread terror among the civilian population or inciting violations of international humanitarian law is against the rules.
- Unilateral Compliance: The ICRC emphasizes that these rules should be followed even if the opposing party does not adhere to them.
Challenges to Compliance
Despite the ICRC’s well-intentioned efforts, it remains uncertain whether hacktivists will heed their call. The nature of cyber-attacks makes attribution challenging, and many hacktivist operations are designed to maintain anonymity.
ESET global cybersecurity advisor, Jake Moore, has raised concerns that these rules may be largely ignored due to the difficulty of attributing attacks. Moore commented, “The enhancement of being able to act in war under an invisibility cloak adds a dimension that sets up rules to fail. Furthermore, the way some targets are chosen in cybercrime means there is often collateral damage miles away simply due to how the networks are set up and which third parties are used.”
Resistance from Hacktivist Groups
The ICRC’s intervention comes in the midst of escalating cyber-attacks by pro-Russia groups and the IT Army of Ukraine, which boasts tens of thousands of members on its Telegram channel. Despite the ICRC’s plea for adherence to humanitarian law, several hacktivist groups have indicated that they have no intention of following these new rules.
As web defacements, Distributed Denial of Service (DDoS) attacks, and other hacktivist efforts continue to be used as propaganda tools by nations involved in conflicts, the ICRC faces an uphill battle in convincing hacktivists to respect the boundaries of humanitarian law in cyberspace.
The ICRC’s efforts to address the growing threat of cyber-attacks on civilian targets during conflicts have shed light on the challenges of regulating hacktivist activities. While the organization’s guidelines seek to protect innocent civilians and critical infrastructure, the inherent complexities of cyber warfare may pose significant obstacles to widespread compliance. The world watches as the tug of war between the principles of humanitarian law and the realities of cyber warfare unfolds.
Follow The420.in on