Episode 21: Cyber War and Current Conflicts

As we discuss this topic  this topic today, we are not condoning any actions that put civilians in harms way.

Defining Terms

In order to keep everyone on the same level ground, it is important to understand the terms used.

Hacktivism – a combination of “hacking” and “activism”  It is often associated with groups such as Anonymous, Hacktivists may target government or corporate websites, as well as other significant institutions such as religious groups, drug dealers, terrorists, or pedophiles. The methods used by hacktivists can vary widely in terms of severity and legality, ranging from online movements that promote free use of the internet to cyberattacks that destroy computers and reputations and cost companies millions of dollars in damage.

Cyber warfare – the use of computer technology to disrupt the activities of a state or organization, especially the deliberate attacking of information systems for strategic or military purposes. The term “war” inherently refers to a large-scale action, typically over a protracted period of time and may include objectives seeking to utilize violence or the aim to kill. Cyberattacks can cause significant harm to a nation-state, including disruption of vital computer systems up to the loss of life.

Both hacktivism and cyber warfare are prevalent in current warfare and conflicts. Both can cause extreme hardships to nation states and civilians alike. While some may justify the use of these tactics against governments, most do not agree with their use against civilian targets.

Attempts to Curtail Cyber Warfare

The International Committee of the Red Cross (ICRC) has published rules regarding the use of hactivism and cyber warfare. (see footnote 1)

The full list of rules that apply to civilian online attackers is:

  1. Do not direct cyberattacks against civilian objects.
  2. Do not use malware or other tools or techniques that spread automatically and damage military objectives and civilian objects indiscriminately.
  3. When planning a cyberattack against a military objective, do everything feasible to avoid or minimize the effects your operation may have on civilians.
  4. Do not conduct any cyber operation against medical and humanitarian facilities.
  5. Do not conduct any cyberattack against objects indispensable to the survival of the population or that can release dangerous forces.
  6. Do not make threats of violence to spread terror among the civilian population.
  7. Do not incite violations of international humanitarian law.
  8. Hacktivists should respect human rights and fundamental freedoms.

The four rules that apply to states are:

  1. States must not encourage civilians or groups to act in violation of international humanitarian law.
  2. States have a due diligence obligation to prevent, investigate, prosecute, punish, and redress the effects of cyberattacks committed by individuals or groups under their jurisdiction or control.
  3. States must respect human rights and fundamental freedoms in their own conduct in cyberspace.
  4. States must cooperate with each other in preventing, investigating, prosecuting, punishing, and redressing the effects of cyberattacks.

All of these rules are based on International Humanitarian Law or IHL.  The ICRC stated

“In particular, every hacker that conducts operations in the context of an armed conflict must respect them, and States must ensure this is the case to protect civilian populations against harm.”

“IHL sets out essential rules to limit the effects of armed conflicts on civilians. No one that participates in war is beyond these rules,” said the ICRC. 

While the ICRC encourages everyone to follow these laws, some Cyber Security experts have stated that any organization that chooses to follow these laws may be more vulnerable because of them.

According to the BBC, most of the well known hacking groups have admitted that they will most likely not follow these rules.

Unfortunately, rules only work for those that want to follow rules. Most of these groups thrive by not following any rules.

At the time of the recording of this podcast on Monday, October 9th, 2023, the National Security Agency has not seen any major cyber campaigns in the conflict between Israel and Hamas. (see footnote 2)

However within hours of the original attack, there were reports of the Israeli government websites.  Several hacking groups are allying themselves with Hamas,

Killnet, a group that purports to be made of up patriotic Russian volunteer hackers, announced that it would target all Israeli government systems with distributed denial-of-service attacks

This  type of cyberattack known as DDoS that floods websites with traffic and forces them offline.. The group’s claim couldn’t immediately be substantiated. Both websites were down for a period on Sunday, according to the website monitoring site check-host.net. Meanwhile, Anonymous Sudan — a hacking group that cybersecurity experts suspect as being a Russian front group — declared its support for the “Palestinian resistance” and took credit for attacks on the Jerusalem Post’s website, taking it offline briefly on Monday morning

While there seem to have been limited cyber attacks in this conflict, the longer it continues, the higher the chance for increases in the attacks.

Footnotes:

  1. Red Cross Publishes Rules of Engagement for Hacktivists During War – SecurityWeek
  2. Hackers Join In on Israel-Hamas War With Disruptive Cyberattacks  – SecurityWeek

Leave a Comment