NATO Document – Hacktivists Can Be Killed Under Rules of CyberWarfare

The Tallinn Manual on International Law Applicable to Cyber Warfare was published this week, at the request of NATO’s Cooperative Cyber Defense Center of Excellence. As you may imagine, its mission is to frame the rules of engagement for cyber warfare as a response to escalating attacks going on throughout cyberspace. The timing is interesting given the recent news of a significant damaging attack on South Korean financial and broadcast institutions, then again when isn’t there a week where a major hack attack doesn’t happen. Still, the 302-page report works through the definition of cyberwar and is a fascinating read. The most potentially controversial statements specifically place “hacktivists” in the same category as enemy combatants and therefore the subject of attack.

As we examine the manual, it takes careful care to describe hacktivists – And provides the following definition in its 6-page cyber security focused glossary.

“Hacktivist: A private citizen who on his or her own initiative engages in hacking for, inter alia, ideological, political, religious or patriotic reasons.”

Under this definition, a “hacktivist”, as a result of a cyber attack, (also defined) can be legitimately targeted as a military target.

“An act of direct participation in hostilities by civilians renders them liable to be attacked, by cyber or other lawful means. Additionally, harm to direct participants is not considered when assessing the proportionality of an attack (rule 51) or determining the precautions that must be taken to avoid harming civilians during military operations.”

In other words, under these rules, there’s no reservation on the potential harm, assuming even death when it comes to response to a cyberattack.

And so the battle rules for the 21st century and beyond have been forged. With the authority of NATO behind this document, it can be safely assumed that while the document itself may not be formal canon, it will have influence and reference throughout the ages. Much like commonly referred to military rules of engagement, such as the treaties of the 1949 Geneva Conventions – this document could serve as justification and a guideline for future cyber wars. If you are a hacker, then you may be a soldier.

 

About John Casaretto

SiliconANGLE's CyberSecurity Editor - Have a story tip or feedback? Please reach out to me! Security is as critical as ever and our mission is to uncover those stories that will help our industry be more secure.