Cyberwar: A Guide

At its core, cyber warfare is the use of digital attacks by one country or nation to disrupt the computer systems of another with the aim of create significant damage, death or destruction.

What does cyber warfare look like?

Cyberwar is still an emerging concept, but many experts are concerned that it is likely to be a significant component of any future conflicts. As well as troops using conventional weapons like guns and missiles, future wars will also be fought by hackers using computer code to attack an enemy's infrastructure.

Governments and intelligence agencies worry that digital attacks against vital infrastructure, like  banking systems or power grids, will give attackers a way of bypassing a country's traditional defences.

And unlike standard military attacks, a cyber-attack can be launched instantaneously from any distance, with little obvious evidence in the build-up, and it is often extremely hard to trace such an attack back to its originators.

Modern economies, underpinned by computer networks that run everything from sanitation to food distribution and communications, are particularly vulnerable to such attacks, especially as these systems are in the main poorly designed and protected.

The head of the US National Security Agency (NSA) Admiral Michael Rogers said his  worst case cyber-attack scenario would involve "outright destructive attacks", focused on some aspects of critical US infrastructure and coupled with data manipulation "on a massive scale".

Shutting down the power supply or scrambling bank records could easily do major damage to any economy. And some experts warn it's a case of when, not if.

What is the Definition of Cyber-Warfare?

Whether an attack should be considered to be an act of cyberwarfare depends on a number of factors. These can include the identity of the attacker, what they are doing, how they do it, and how much damage they inflict.

Like other forms of war, cyber-warfare is usually defined as a conflict between states, not individuals. Many countries are now building up military cyber-warfare capabilities, both to defend against other nations and also to attack if necessary.

Attacks by individual hackers, or even groups of hackers, would not usually be considered to be cyber-warfare, unless they were being aided and directed by a state.

For example, cyber-crooks who crash a bank's computer systems while trying to steal money would not be considered to be perpetrating an act of cyber-warfare, even if they came from a rival nation. But state-backed hackers doing the same thing to destabilise a rival state's economy might well be considered so.

The nature and scale of the targets attacked is another indicator: defacing a company website is unlikely to be considered an act of cyberwarfare, whereas disabling the missile defence system at an airbase would certainly come close.

And the weapons used are important too: cyber-war refers to digital attacks on computer systems: firing a missile at a data center would not be considered cyber-warfare. Similarly using hackers to spy or even to steal data, cyber-espionage, would not in itself be considered an act of cyber-warfare but might be one of the tools used.

Cyber-warfare and the use of force

How these factors combine matters because they can help determine what kind of response a country can make to a cyberattack.

There is one key definition of cyber-warfare, which is a digital attack that is so serious it can be seen as the equivalent of a physical attack.

To reach this threshold, an attack on computer systems would have to lead to significant destruction or disruption, even loss of life.

This is a significant threshold because under international law states are permitted to use force to defend themselves against an armed attack.

It follows then that, if a country were hit by a cyber-attack of significant scale, they would be within their rights to strike back using their standard military arsenal: to respond to hacking with missile strikes.

So far this has never happened, indeed it's not entirely clear if any attack has ever reached that threshold. That doesn't mean that attacks which fail to reach that level are irrelevant or should be ignored: it just means that the country under attack can't justify resorting to military force to defend itself.

There are plenty of other ways of responding to a cyber-attack, from sanctions and expelling diplomats, to responding in kind, although calibrating the right response to an attack is often hard.

What is the Tallinn Manual?

One reason that definitions of cyber-warfare have been blurred is that there is no international law that covers cyber-war, which is what really matters here, because it is such a new concept.

That doesn't mean that cyber-warfare isn't covered by the law, it's just that the relevant law is piecemeal, scattered, and often open to interpretation.

This lack of legal framework has resulted in a grey area: in the past some states have used the opportunity to test out cyber-war techniques in the knowledge that other states would be uncertain about how they could react under international law.

More recently that grey area has begun to shrink. A group of law scholars has spent years working to explain how international law can be applied to digital warfare. This work has formed the basis of the Tallinn Manual, a textbook prepared by the group and backed by the NATO-affiliated Cooperative Cyber Defence Centre of Excellence (CCDCoE) based in the Estonian capital of Tallinn, from which the manual takes its name.

The first version of the manual looked at the rare but most serious cyberattacks, which rose to the level of the use of force; the second edition released earlier this year looked at the legal framework around cyber-attacks, which  do not reach the threshold of the use of force, but which take place on a daily basis.

Aimed at legal advisers to governments, military, and intelligence agencies, the Tallinn Manual sets out when an attack is a  violation of international law in cyber-space, and when and how states can respond to such assaults.

The manual consists of a set of guidelines, 154 rules, which set out how the lawyers think international law can be applied to cyberwarfare, covering everything from the use of cyber-mercenaries to the targeting of medical units' computer systems.

The idea is that by making the law around cyber-warfare clearer, there is less risk of an attack escalating, because escalation often occurs when the rules are not clear and leaders overreact.

ZD Net:

You Might Also Read:

The Stage Is Set For Cyber War:

US Steps Up Its Cyberwar Capability:

Russian General Brags About Cyberwar Successes:

« Millions of Instagram Users Hacked
S. Africa’s Model For Cybesecurity »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Delphix

Delphix

Delphix is the industry leader for DevOps test data management.

Redcentric

Redcentric

Redcentric is a leading UK IT managed services provider. We deliver managed IT, cloud computing, data backup, information security services and managed networks.

Cyber Security Research Centre - University of Cardiff

Cyber Security Research Centre - University of Cardiff

Cardiff University's Centre for Cyber Security Research is a leading UK academic research unit for cyber security analytics.

ITC Secure Networking

ITC Secure Networking

ITC are a leading cloud-based MSSP delivering service innovation in cyber security analytics & cloud technology.

Visual Guard

Visual Guard

Visual Guard is a modular solution covering most application security requirements, from application-level security systems to Corporate Identity and Access Management Solutions.

Genians

Genians

Genians provides the industry’s leading Network Access Control (NAC) solution, which ensures full visibility of all IP-enabled devices regardless of whether they are wired, wireless, or virtual.

CyberASAP

CyberASAP

CyberASAP provides expertise, knowledge and support to convert academic ideas into commercial products in the cyber security space.

Jobsite

Jobsite

Jobsite is an award winning job board in the UK providing job listings in the key sectors of IT, Engineering and Finance.

Consistec Engineering & Consulting

Consistec Engineering & Consulting

Consistec Engineering & Consulting GmbH is an information technology and services company offering solutions for monitoring the security of IT and OT infrastructure.

Stratia Cyber

Stratia Cyber

Stratia Cyber is an independent, technology agnostic company providing high quality, pragmatic cyber security consultancy and expertise.

Drumz

Drumz

Drumz plc is an investment company whose investing policy is to invest principally but not exclusively in the technology sector within Europe.

Eurotech

Eurotech

Eurotech provides Edge Computers and IoT solutions. We help to connect your assets and make them smarter through secure and agnostic hardware and software technologies.

SecurityBridge

SecurityBridge

SecurityBridge provide a cybersecurity connection between our customers’ IT departments, the forward-facing business services, and their SAP applications.

Proaxiom

Proaxiom

Proaxiom are focused on erasing cyber driven panic paralysis for Small and Medium Enterprises through brilliant cyber technologies which drive productivity and support growth.

Keyrus

Keyrus

Keyrus is a global consultancy that develops data and digital solutions for performance management.

CyberKinetics

CyberKinetics

CyberKinetics specializes in cloud-based services and solutions for federal agencies and commercial clients with compliance mandates.