Rules of engagement issued to hacktivists after chaoson October 3, 2023 at 11:10 pm

- Advertisement -
- Advertisement -
- Advertisement -
- Advertisement -

The ICRC writes rules of engagement for civilian hackers, as unprecedented numbers join cyber-conflicts

A member of the Squad 303/Anonymous hacker group

The International Committee of the Red Cross (ICRC) has, for the first time, published rules of engagement for civilian hackers involved in conflicts.

The war watchdog warns unprecedented numbers of people are joining patriotic cyber-gangs since the Ukraine invasion.

The eight rules include bans on attacks on hospitals, hacking tools that spread uncontrollably and threats that engender terror among civilians.

But some cyber-gangs have told BBC News they plan to ignore them.

‘Spreading globally’

The ICRC, responsible for overseeing and monitoring the rules of war, is sending the new rules to hacking groups particularly involved in the Ukraine war. It is also warning hackers their actions can endanger lives, including their own if deemed to make them a legitimate military target.

Patriotic hacking is not new, with many attacks around the world at times of heightened tension or conflict over the past decade. For example, the ICRC statement highlights pro-Syrian cyber-attacks on Western news media in 2013.

But the worrying trend, accelerated by the cyber-chaos in the Russia-Ukraine conflict, is now spreading globally, ICRC legal adviser Dr Tilman Rodenhäuser says.

“Some experts consider civilian hacking activity as ‘cyber-vigilantism’ and argue that their operations are technically not sophisticated and unlikely to cause significant effects,” he says.

“However, some of the groups we’re seeing on both sides are large and these ‘armies’ have successfully disrupted many civilian objects, including banks, companies, pharmacies, hospitals, railway networks and civilian government services.”

Based on international humanitarian law, the rules are:

  1. Do not direct cyber-attacks against civilian objects
  2. Do not use malware or other tools or techniques that spread automatically and damage military objectives and civilian objects indiscriminately
  3. When planning a cyber-attack against a military objective, do everything feasible to avoid or minimise the effects your operation may have on civilians
  4. Do not conduct any cyber-operation against medical and humanitarian facilities
  5. Do not conduct any cyber-attack against objects indispensable to the survival of the population or that can release dangerous forces
  6. Do not make threats of violence to spread terror among the civilian population
  7. Do not incite violations of international humanitarian law
  8. Comply with these rules even if the enemy does not

The ICRC is also imploring governments to restrain hacking and enforce existing laws.

The Ukraine conflict has blurred the boundaries between civilian and military hacking, with civilian groups such as the IT Army of Ukraine being set up and encouraged by the government to attack Russian targets.

The IT Army of Ukraine, which has 160,000 members on its Telegram channel, also targets public services such as railway systems and banks.

Its spokesman told BBC News it had not decided whether to implement the ICRC rules. The group has already banned attacks on healthcare targets – but said the wider civilian impact was unavoidable.

“Adhering to the rules can place one party at a disadvantage,” the spokesman added.

Large groups in Russia have similarly attacked Ukraine and allied countries – including disruptive but temporary attacks, such as knocking websites offline, on hospitals.

Killmilk of Russian hacktivist gang Killnet

“Why should I listen to the Red Cross?” a representative of Killnet, which has 90,000 supporters on its Telegram channel, asked BBC News.

Pro-Russian groups are accused of working directly for, or in conjunction, with the Kremlin. But Killnet strongly denies this.

Meanwhile, a representative of Anonymous Sudan, which in recent months has begun attacking technology companies and government services it says are critical of Sudan or Islam, told BBC News the new rules were “not viable and that breaking them for the group’s cause is unavoidable”.

And a high-profile member of the Anonymous collective told BBC News it had “always operated based on several principles, including rules cited by the ICRC” but had now lost faith in the organisation and would not be following its new rules.

- Advertisement -

Discover

Sponsor

Latest

UFC: Molly McCann says she considered retirement before dropping to strawweighton February 2, 2024 at 6:10 am

Molly McCann, who makes her UFC strawweight debut against Diana Belbita on Saturday, says she considered retirement after July's defeat by Julija Stoliarenko in...

The Ashes: Joe Root’s best boundaries as the England captain passes 50on December 18, 2021 at 6:10 am

Watch the best boundaries as England captain Joe Root passes 50 on the third day of the second Ashes Test in Adelaide.Watch the best...

Ukraine war: Resistance to Russian rouble in Khersonon May 1, 2022 at 12:00 am

Russian forces say the currency will be used there from Sunday. But many residents have other ideas.

Wood burners: Sale of coal and wet wood restricted in Englandon April 30, 2021 at 11:18 pm

Owners of wood burners and open fires will need to burn cleaner alternatives as new rules come into force.image copyrightGetty ImagesRestrictions on the sale...

South Korea: How the Halloween tragedy unfoldedon October 30, 2022 at 3:13 pm

The incident occurred on Saturday night, as tens of thousands celebrated Halloween in Itaewon.The incident occurred on Saturday night, as tens of thousands celebrated...