Cyberwar: A Guide
At its core, cyber warfare is the use of digital attacks by one country or nation to disrupt the computer systems of another with the aim of create significant damage, death or destruction.
What does cyber warfare look like?
Cyberwar is still an emerging concept, but many experts are concerned that it is likely to be a significant component of any future conflicts. As well as troops using conventional weapons like guns and missiles, future wars will also be fought by hackers using computer code to attack an enemy's infrastructure.
Governments and intelligence agencies worry that digital attacks against vital infrastructure, like banking systems or power grids, will give attackers a way of bypassing a country's traditional defences.
And unlike standard military attacks, a cyber-attack can be launched instantaneously from any distance, with little obvious evidence in the build-up, and it is often extremely hard to trace such an attack back to its originators.
Modern economies, underpinned by computer networks that run everything from sanitation to food distribution and communications, are particularly vulnerable to such attacks, especially as these systems are in the main poorly designed and protected.
The head of the US National Security Agency (NSA) Admiral Michael Rogers said his worst case cyber-attack scenario would involve "outright destructive attacks", focused on some aspects of critical US infrastructure and coupled with data manipulation "on a massive scale".
Shutting down the power supply or scrambling bank records could easily do major damage to any economy. And some experts warn it's a case of when, not if.
What is the Definition of Cyber-Warfare?
Whether an attack should be considered to be an act of cyberwarfare depends on a number of factors. These can include the identity of the attacker, what they are doing, how they do it, and how much damage they inflict.
Like other forms of war, cyber-warfare is usually defined as a conflict between states, not individuals. Many countries are now building up military cyber-warfare capabilities, both to defend against other nations and also to attack if necessary.
Attacks by individual hackers, or even groups of hackers, would not usually be considered to be cyber-warfare, unless they were being aided and directed by a state.
For example, cyber-crooks who crash a bank's computer systems while trying to steal money would not be considered to be perpetrating an act of cyber-warfare, even if they came from a rival nation. But state-backed hackers doing the same thing to destabilise a rival state's economy might well be considered so.
The nature and scale of the targets attacked is another indicator: defacing a company website is unlikely to be considered an act of cyberwarfare, whereas disabling the missile defence system at an airbase would certainly come close.
And the weapons used are important too: cyber-war refers to digital attacks on computer systems: firing a missile at a data center would not be considered cyber-warfare. Similarly using hackers to spy or even to steal data, cyber-espionage, would not in itself be considered an act of cyber-warfare but might be one of the tools used.
Cyber-warfare and the use of force
How these factors combine matters because they can help determine what kind of response a country can make to a cyberattack.
There is one key definition of cyber-warfare, which is a digital attack that is so serious it can be seen as the equivalent of a physical attack.
To reach this threshold, an attack on computer systems would have to lead to significant destruction or disruption, even loss of life.
This is a significant threshold because under international law states are permitted to use force to defend themselves against an armed attack.
It follows then that, if a country were hit by a cyber-attack of significant scale, they would be within their rights to strike back using their standard military arsenal: to respond to hacking with missile strikes.
So far this has never happened, indeed it's not entirely clear if any attack has ever reached that threshold. That doesn't mean that attacks which fail to reach that level are irrelevant or should be ignored: it just means that the country under attack can't justify resorting to military force to defend itself.
There are plenty of other ways of responding to a cyber-attack, from sanctions and expelling diplomats, to responding in kind, although calibrating the right response to an attack is often hard.
What is the Tallinn Manual?
One reason that definitions of cyber-warfare have been blurred is that there is no international law that covers cyber-war, which is what really matters here, because it is such a new concept.
That doesn't mean that cyber-warfare isn't covered by the law, it's just that the relevant law is piecemeal, scattered, and often open to interpretation.
This lack of legal framework has resulted in a grey area: in the past some states have used the opportunity to test out cyber-war techniques in the knowledge that other states would be uncertain about how they could react under international law.
More recently that grey area has begun to shrink. A group of law scholars has spent years working to explain how international law can be applied to digital warfare. This work has formed the basis of the Tallinn Manual, a textbook prepared by the group and backed by the NATO-affiliated Cooperative Cyber Defence Centre of Excellence (CCDCoE) based in the Estonian capital of Tallinn, from which the manual takes its name.
The first version of the manual looked at the rare but most serious cyberattacks, which rose to the level of the use of force; the second edition released earlier this year looked at the legal framework around cyber-attacks, which do not reach the threshold of the use of force, but which take place on a daily basis.
Aimed at legal advisers to governments, military, and intelligence agencies, the Tallinn Manual sets out when an attack is a violation of international law in cyber-space, and when and how states can respond to such assaults.
The manual consists of a set of guidelines, 154 rules, which set out how the lawyers think international law can be applied to cyberwarfare, covering everything from the use of cyber-mercenaries to the targeting of medical units' computer systems.
The idea is that by making the law around cyber-warfare clearer, there is less risk of an attack escalating, because escalation often occurs when the rules are not clear and leaders overreact.
You Might Also Read:
The Stage Is Set For Cyber War: