Cyberwar: A Guide

At its core, cyber warfare is the use of digital attacks by one country or nation to disrupt the computer systems of another with the aim of create significant damage, death or destruction.

What does cyber warfare look like?

Cyberwar is still an emerging concept, but many experts are concerned that it is likely to be a significant component of any future conflicts. As well as troops using conventional weapons like guns and missiles, future wars will also be fought by hackers using computer code to attack an enemy's infrastructure.

Governments and intelligence agencies worry that digital attacks against vital infrastructure, like  banking systems or power grids, will give attackers a way of bypassing a country's traditional defences.

And unlike standard military attacks, a cyber-attack can be launched instantaneously from any distance, with little obvious evidence in the build-up, and it is often extremely hard to trace such an attack back to its originators.

Modern economies, underpinned by computer networks that run everything from sanitation to food distribution and communications, are particularly vulnerable to such attacks, especially as these systems are in the main poorly designed and protected.

The head of the US National Security Agency (NSA) Admiral Michael Rogers said his  worst case cyber-attack scenario would involve "outright destructive attacks", focused on some aspects of critical US infrastructure and coupled with data manipulation "on a massive scale".

Shutting down the power supply or scrambling bank records could easily do major damage to any economy. And some experts warn it's a case of when, not if.

What is the Definition of Cyber-Warfare?

Whether an attack should be considered to be an act of cyberwarfare depends on a number of factors. These can include the identity of the attacker, what they are doing, how they do it, and how much damage they inflict.

Like other forms of war, cyber-warfare is usually defined as a conflict between states, not individuals. Many countries are now building up military cyber-warfare capabilities, both to defend against other nations and also to attack if necessary.

Attacks by individual hackers, or even groups of hackers, would not usually be considered to be cyber-warfare, unless they were being aided and directed by a state.

For example, cyber-crooks who crash a bank's computer systems while trying to steal money would not be considered to be perpetrating an act of cyber-warfare, even if they came from a rival nation. But state-backed hackers doing the same thing to destabilise a rival state's economy might well be considered so.

The nature and scale of the targets attacked is another indicator: defacing a company website is unlikely to be considered an act of cyberwarfare, whereas disabling the missile defence system at an airbase would certainly come close.

And the weapons used are important too: cyber-war refers to digital attacks on computer systems: firing a missile at a data center would not be considered cyber-warfare. Similarly using hackers to spy or even to steal data, cyber-espionage, would not in itself be considered an act of cyber-warfare but might be one of the tools used.

Cyber-warfare and the use of force

How these factors combine matters because they can help determine what kind of response a country can make to a cyberattack.

There is one key definition of cyber-warfare, which is a digital attack that is so serious it can be seen as the equivalent of a physical attack.

To reach this threshold, an attack on computer systems would have to lead to significant destruction or disruption, even loss of life.

This is a significant threshold because under international law states are permitted to use force to defend themselves against an armed attack.

It follows then that, if a country were hit by a cyber-attack of significant scale, they would be within their rights to strike back using their standard military arsenal: to respond to hacking with missile strikes.

So far this has never happened, indeed it's not entirely clear if any attack has ever reached that threshold. That doesn't mean that attacks which fail to reach that level are irrelevant or should be ignored: it just means that the country under attack can't justify resorting to military force to defend itself.

There are plenty of other ways of responding to a cyber-attack, from sanctions and expelling diplomats, to responding in kind, although calibrating the right response to an attack is often hard.

What is the Tallinn Manual?

One reason that definitions of cyber-warfare have been blurred is that there is no international law that covers cyber-war, which is what really matters here, because it is such a new concept.

That doesn't mean that cyber-warfare isn't covered by the law, it's just that the relevant law is piecemeal, scattered, and often open to interpretation.

This lack of legal framework has resulted in a grey area: in the past some states have used the opportunity to test out cyber-war techniques in the knowledge that other states would be uncertain about how they could react under international law.

More recently that grey area has begun to shrink. A group of law scholars has spent years working to explain how international law can be applied to digital warfare. This work has formed the basis of the Tallinn Manual, a textbook prepared by the group and backed by the NATO-affiliated Cooperative Cyber Defence Centre of Excellence (CCDCoE) based in the Estonian capital of Tallinn, from which the manual takes its name.

The first version of the manual looked at the rare but most serious cyberattacks, which rose to the level of the use of force; the second edition released earlier this year looked at the legal framework around cyber-attacks, which  do not reach the threshold of the use of force, but which take place on a daily basis.

Aimed at legal advisers to governments, military, and intelligence agencies, the Tallinn Manual sets out when an attack is a  violation of international law in cyber-space, and when and how states can respond to such assaults.

The manual consists of a set of guidelines, 154 rules, which set out how the lawyers think international law can be applied to cyberwarfare, covering everything from the use of cyber-mercenaries to the targeting of medical units' computer systems.

The idea is that by making the law around cyber-warfare clearer, there is less risk of an attack escalating, because escalation often occurs when the rules are not clear and leaders overreact.

ZD Net:

You Might Also Read:

The Stage Is Set For Cyber War:

US Steps Up Its Cyberwar Capability:

Russian General Brags About Cyberwar Successes:

« Millions of Instagram Users Hacked
S. Africa’s Model For Cybesecurity »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Ikarus Security Software

Ikarus Security Software

Ikarus focuses on antivirus and content-security solutions.

exceet Secure Solutions

exceet Secure Solutions

exceet Secure Solutions is your experienced specialist for Internet of Things (IoT), Heath Telematics, electronic signatures and timestamps and IT security.

Armis

Armis

Armis offers the markets leading asset intelligence platform designed to address the new threat landscape that connected devices create.

New Enterprise Associates (NEA)

New Enterprise Associates (NEA)

As one of the world’s largest and most active venture capital firms, NEA has developed deep domain expertise and insight into our industries of focus - technology and healthcare.

Kindus

Kindus

Kindus is an IT security, assurance and cyber security risk management consultancy.

iTechArt Group

iTechArt Group

iTechArt is a top-tier custom software development company offering Cybersecurity Consulting, Application Security Testing, Risk Management and Compliance, and Infrastructure Security services.

FREE eBook: Practical Guide To Optimizing Your Cloud Deployments

FREE eBook: Practical Guide To Optimizing Your Cloud Deployments

AWS Marketplace eBook: Optimizing your cloud deployments to accelerate cloud activities, reduce costs, and improve customer experience.

xorlab

xorlab

xorlab is a Swiss cybersecurity company providing specialized, machine-intelligent defense against highly engineered, sophisticated and targeted email attacks.

Center for Medical Device Cybersecurity (CMDC) - University of Minnesota

Center for Medical Device Cybersecurity (CMDC) - University of Minnesota

CMDC’s mission is to foster university-industry-government partnerships to assure that medical devices are safe and secure from cybersecurity threats.

HarfangLab

HarfangLab

HarfangLab develops a hunting software to boost detection and neutralization of cyberattacks against companies endpoints.

Symbol Security

Symbol Security

Through situational learning, simulations, and a gamified user experience, Symbol strengthens the cyber awareness of employees and helps companies lower cyber risk.

Vaultree

Vaultree

We believe in an encrypted tomorrow. Vaultree technology enables a foundational change in how we communicate with each other: Safely!

HWG

HWG

HWG is a company specialized in providing cyber security solutions and consulting services.

CXI Solutions

CXI Solutions

CXI Solutions: Your trusted partner in cybersecurity. We offer a full range of cybersecurity solutions to protect your business from digital attacks and virtual threats.

Venticento

Venticento

Venticento is an IT company specialized in consulting and network support and assistance for companies that need to make their business processes more effective.

Seers

Seers

Seers is the world’s leading privacy & consent management platform for companies worldwide. Trusted by over 50,000+ businesses.