Cyber War Crimes Will Be Prosecuted

Uploaded on 2023-09-25 in GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-Law

The International Criminal Court (ICC) will begin to investigate and prosecute cyber war crimes in the way it investigates kinetic and physical war crimes.  Writing in the online journal Digital Frontlines, the ICC prosecutor Karim Khan focused on criminal cyber acts. 

In his essay, asserts that the types of aggression being carried out in cyberspace could “potentially fulfill” the conditions already laid out in current international crime criteria, thereby warranting ICC scrutiny and potential prosecution.

“As states and other actors increasingly resort to operations in cyberspace, this new and rapidly developing means of statecraft and warfare can be misused to carry out or facilitate war crimes, crimes against humanity, genocide, and even the aggression of one state against another." 

Cyberwarfare does not play out in the abstract. Rather, it can have a profound impact on people’s lives,” Khan writes. 

“Attempts to impact critical infrastructure such as medical facilities or control systems for power generation may result in immediate consequences for many, particularly the most vulnerable. Consequently, as part of its investigations, my Office will collect and review evidence of such conduct.” In his analysis, Khan includes includes the softer areas of cyber operations for ICC review. These would include, such as disinformation that seek to “exploit ambiguity” and operate in the gray area between conflict and peace, legal and illegal, where proxies and nonstate elements are utilised.  

Under the Geneva Convention, attacks against civilians can constitute war crimes under international humanitarian law, and for some time, researchers have pushed for cyber crimes to be recognized in this category.

Russia is not discussed in the article, although it is clear that the types of activities Khan is describing is what has  been seen taking place during the Ukraine conflict since the 2014 occupation of Crimea. Russia-inspired cyber activity has targeted Ukrainian critical infrastructure, notably its power grids, causing temporary blackouts across Ukraine. These events notably included the deployment of NotPetya malware, initially used to infect Ukraine but quickly spreading around the world.  Instead of stealing data, NotPetya destroyed it, elevating a disruptive attack into a highly destructive one.  

With respect to the softer side of cyber operations, Russia has been connected to global fake information and propaganda attempting to influence national elections. On this basis, is quite likely that  Russia’s cyber attacks against civilian infrastructure in Ukraine may be the first case to be brought by the ICC.

Karim Khan:     Oodaloop:      Wired:     CybersecurityConnect:    Ars Technica:   DigWatch:

You Might Also Read:

How To Counter Covert Action In The Digital Age:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Update: The 2023 Malware League Table
Neuromorphic Computing Changes Machine Learning »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Tech Industry Forum (TIF)

Tech Industry Forum (TIF)

Tech Industry Forum is a not-for-profit, membership driven trade body. We bring together end users and some of the UK’s leading cloud, software, platform, infrastructure, and service providers.

CSR Privacy Solutions

CSR Privacy Solutions

CSR Privacy Solutions is a leading provider of privacy regulatory compliance programs for small and medium sized businesses.

Cellebrite

Cellebrite

Cellebrite delivers comprehensive solutions for mobile data forensics and mobile lifecycle management.

S2 Grupo

S2 Grupo

S2 Grupo is the benchmark company in Europe and Latin America, for Cyber Intelligence and mission critical systems operations.

Exonar

Exonar

We enable organisations to better organise their information, removing risk and making it more productive and secure.

NetLib Security

NetLib Security

NetLib Security’s powerful, patented data security platform helps companies control data loss prevention (DLP) by managing what data can be transferred outside of their network.

Windscribe

Windscribe

Windscribe is a Virtual Private Network services provider offering secure encrypted access to the internet.

Information System Security Directorate (ISSD) - Afghanistan

Information System Security Directorate (ISSD) - Afghanistan

Information System Security Directorate (ISSD) is the Directorate of MCIT responsible for the security of critical information infrastructures in Afghanistan.

ERI

ERI

ERI is the largest fully integrated IT and electronics asset disposition provider and cybersecurity-focused hardware destruction company in the United States.

Aware

Aware

Aware is the only comprehensive AI solution for governance, risk, compliance and insights for leading collaboration platforms.

SecureClaw

SecureClaw

SecureClaw offers specialized cybersecurity consultation, various products, and a range of services to meet your company's business domain needs.

42Crunch

42Crunch

42Crunch provides API security testing and threat protection. We proactively test, fix and protect your APIs from development to runtime.

Cyphershield

Cyphershield

Cypershield is a Security and Smart Contract audit company providing professional smart contract auditing services for varied Crypto projects.

Ark Technology Consultants

Ark Technology Consultants

Ark Technology Consultants is a unique IT Services Firm which blends technology solutions with consultative insight around governance and process management.

Cythera

Cythera

Cythera is an Australian cyber security company with in-house cyber security professionals providing world-class cyber protection to medium to large companies all over Australia.

Upwind Security

Upwind Security

Upwind delivers comprehensive cloud security, precisely when and where it’s most critical.