Cyber War Crimes Will Be Prosecuted

The International Criminal Court (ICC) will begin to investigate and prosecute cyber war crimes in the way it investigates kinetic and physical war crimes.  Writing in the online journal Digital Frontlines, the ICC prosecutor Karim Khan focused on criminal cyber acts. 

In his essay, asserts that the types of aggression being carried out in cyberspace could “potentially fulfill” the conditions already laid out in current international crime criteria, thereby warranting ICC scrutiny and potential prosecution.

“As states and other actors increasingly resort to operations in cyberspace, this new and rapidly developing means of statecraft and warfare can be misused to carry out or facilitate war crimes, crimes against humanity, genocide, and even the aggression of one state against another." 

Cyberwarfare does not play out in the abstract. Rather, it can have a profound impact on people’s lives,” Khan writes. 

“Attempts to impact critical infrastructure such as medical facilities or control systems for power generation may result in immediate consequences for many, particularly the most vulnerable. Consequently, as part of its investigations, my Office will collect and review evidence of such conduct.” In his analysis, Khan includes includes the softer areas of cyber operations for ICC review. These would include, such as disinformation that seek to “exploit ambiguity” and operate in the gray area between conflict and peace, legal and illegal, where proxies and nonstate elements are utilised.  

Under the Geneva Convention, attacks against civilians can constitute war crimes under international humanitarian law, and for some time, researchers have pushed for cyber crimes to be recognized in this category.

Russia is not discussed in the article, although it is clear that the types of activities Khan is describing is what has  been seen taking place during the Ukraine conflict since the 2014 occupation of Crimea. Russia-inspired cyber activity has targeted Ukrainian critical infrastructure, notably its power grids, causing temporary blackouts across Ukraine. These events notably included the deployment of NotPetya malware, initially used to infect Ukraine but quickly spreading around the world.  Instead of stealing data, NotPetya destroyed it, elevating a disruptive attack into a highly destructive one.  

With respect to the softer side of cyber operations, Russia has been connected to global fake information and propaganda attempting to influence national elections. On this basis, is quite likely that  Russia’s cyber attacks against civilian infrastructure in Ukraine may be the first case to be brought by the ICC.

Karim Khan:     Oodaloop:      Wired:     CybersecurityConnect:    Ars Technica:   DigWatch:

You Might Also Read:

How To Counter Covert Action In The Digital Age:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

 

« Update: The 2023 Malware League Table
Neuromorphic Computing Changes Machine Learning »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

IOActive

IOActive

IOActive serves as a trusted security advisor to the Global 500 and other progressive enterprises, helping to safeguard their most important assets and improve their overall security posture.

Proofpoint

Proofpoint

Proofpoint provide the most effective cybersecurity and compliance solutions to protect people on every channel including email, the web, the cloud, social media and mobile messaging.

Verimatrix

Verimatrix

Verimatrix is a global provider of innovative cybersecurity solutions that protect content, devices, software and applications.

Mission Secure (MSi)

Mission Secure (MSi)

MSi is a specialized provider of next generation cyber defense solutions protecting control systems and critical physical assets in energy, transportation and defense.

Namogoo

Namogoo

Namogoo’s disruptive technology identifies and blocks unauthorized product ads that are injected into customer web sessions by client-side Digital Malware.

Arsenal Recon

Arsenal Recon

Arsenal Recon are digital forensics experts, providing consultancy services and powerful software tools to improve the analysis of electronic evidence.

Aspen Insurance

Aspen Insurance

Aspen is a leading diversified specialty insurance and reinsurance company. Products offered include cyber insurance.

Practical Assurance

Practical Assurance

Practical Assurance helps companies navigate the rough terrain of information security compliance.

TAC Security (TAC Infosec)

TAC Security (TAC Infosec)

TAC Security (aka TAC Infosec) is a leading and trusted cyber security consulting partner that specializes in securing the IT infrastructure and assets of enterprises.

Voxility

Voxility

Voxility provides Infrastructure-as-a-Service in the biggest Internet hubs in the world.

SolCyber

SolCyber

SolCyber, a Forgepoint company, is the first modern MSSP to deliver a curated stack of enterprise strength security tools and services that are accessible and affordable for any organization.

Abu Dhabi Gov Digital

Abu Dhabi Gov Digital

Gov Digital (formerly Abu Dhabi Digital Authority - ADDA) enable, support and deliver a digital government that is proactive, personalised, collaborative and secure.

OneLayer

OneLayer

OneLayer provide enterprise grade security dedicated for private LTE/5G networks. We ensure that the best IoT security toolkit is implemented in your cellular environment.

RiskSmart

RiskSmart

RiskSmart empower risk, compliance, and legal teams with a tech-led and data-driven platform designed to save time, reduce costs and add real value to businesses.

Upstack

Upstack

UPSTACK - One partner, end-to-end expertise, helping develop the solutions you need – when you need them.

Huntr

Huntr

Huntr provides a single place for security researchers to submit vulnerabilities, to ensure the security and stability of AI/ML applications.