Cyber War Crimes Will Be Prosecuted

The International Criminal Court (ICC) will begin to investigate and prosecute cyber war crimes in the way it investigates kinetic and physical war crimes.  Writing in the online journal Digital Frontlines, the ICC prosecutor Karim Khan focused on criminal cyber acts. 

In his essay, asserts that the types of aggression being carried out in cyberspace could “potentially fulfill” the conditions already laid out in current international crime criteria, thereby warranting ICC scrutiny and potential prosecution.

“As states and other actors increasingly resort to operations in cyberspace, this new and rapidly developing means of statecraft and warfare can be misused to carry out or facilitate war crimes, crimes against humanity, genocide, and even the aggression of one state against another." 

Cyberwarfare does not play out in the abstract. Rather, it can have a profound impact on people’s lives,” Khan writes. 

“Attempts to impact critical infrastructure such as medical facilities or control systems for power generation may result in immediate consequences for many, particularly the most vulnerable. Consequently, as part of its investigations, my Office will collect and review evidence of such conduct.” In his analysis, Khan includes includes the softer areas of cyber operations for ICC review. These would include, such as disinformation that seek to “exploit ambiguity” and operate in the gray area between conflict and peace, legal and illegal, where proxies and nonstate elements are utilised.  

Under the Geneva Convention, attacks against civilians can constitute war crimes under international humanitarian law, and for some time, researchers have pushed for cyber crimes to be recognized in this category.

Russia is not discussed in the article, although it is clear that the types of activities Khan is describing is what has  been seen taking place during the Ukraine conflict since the 2014 occupation of Crimea. Russia-inspired cyber activity has targeted Ukrainian critical infrastructure, notably its power grids, causing temporary blackouts across Ukraine. These events notably included the deployment of NotPetya malware, initially used to infect Ukraine but quickly spreading around the world.  Instead of stealing data, NotPetya destroyed it, elevating a disruptive attack into a highly destructive one.  

With respect to the softer side of cyber operations, Russia has been connected to global fake information and propaganda attempting to influence national elections. On this basis, is quite likely that  Russia’s cyber attacks against civilian infrastructure in Ukraine may be the first case to be brought by the ICC.

Karim Khan:     Oodaloop:      Wired:     CybersecurityConnect:    Ars Technica:   DigWatch:

You Might Also Read:

How To Counter Covert Action In The Digital Age:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

 

« Update: The 2023 Malware League Table
Neuromorphic Computing Changes Machine Learning »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Contrast Security

Contrast Security

Contrast Security is the leader in modernized application security, embedding code analysis and attack prevention directly into software.

Censornet

Censornet

Censornet's autonomous, integrated cloud security gives mid-market organisations the confidence and control of enterprise-grade cyber protection.

CyberTrap

CyberTrap

CyberTrap is an advanced highly-interactive deception technology allowing real-time analysis and control of security breaches.

SEWORKS

SEWORKS

SEWORKS provides offensive and defensive app security that ensures mobile and web apps are safe from dangerous hacking threats.

Fair Isaac Corporation (FICO)

Fair Isaac Corporation (FICO)

FICO provides analytics software and tools used across multiple industries to manage risk, fight fraud, optimize operations and meet strict government regulations.

SearchInform

SearchInform

SearchInform is a leading risk management product developer, protecting business and government institutions against data theft, harmful human behavior, compliance breaches and incomplete audit.

StrikeReady

StrikeReady

StrikeReady have developed CARA, an advanced technology solution that offers personalized and proactive assessment and remediation of future and current risk in real-time.

Information Security Officers Group (ISOG)

Information Security Officers Group (ISOG)

ISOG's mission is to strengthen information security through awareness and education programs, promoting community and fellowship among information security leaders.

Oregon Systems

Oregon Systems

Oregon Systems is a Regional Leader & Distributor with value added services for OT, IoT, IIoT & IT Cybersecurity products, Solutions & professional services throughout the middle-east region.

GoPlus Security

GoPlus Security

GoPlus is working as the "security infrastructure" for web3, by providing open, permissionless, user-driven Security Services.

Limes Security

Limes Security

Limes Security GmbH is the leading OT Security expert in the German-speaking region of Europe.

Modern Networks

Modern Networks

Modern Networks is a leading provider of IT managed services to the UK’s commercial property sector and medium sized enterprises.

Miggo Security

Miggo Security

Miggo is the first Application Detection and Response (ADR) platform on a mission to stop application breaches.

Xiphera

Xiphera

Xiphera designs and implements proven cryptographic security for embedded systems.

Point Wild

Point Wild

Point Wild is a holding company that acquires, integrates and manages a diverse portfolio of best-in-class cybersecurity brands for consumers and enterprises.

Stratsec

Stratsec

Stratsec is a global team of experts on a mission to protect human life, well-being and the environment against cyber-driven threats.