Cyber War Crimes Will Be Prosecuted

The International Criminal Court (ICC) will begin to investigate and prosecute cyber war crimes in the way it investigates kinetic and physical war crimes.  Writing in the online journal Digital Frontlines, the ICC prosecutor Karim Khan focused on criminal cyber acts. 

In his essay, asserts that the types of aggression being carried out in cyberspace could “potentially fulfill” the conditions already laid out in current international crime criteria, thereby warranting ICC scrutiny and potential prosecution.

“As states and other actors increasingly resort to operations in cyberspace, this new and rapidly developing means of statecraft and warfare can be misused to carry out or facilitate war crimes, crimes against humanity, genocide, and even the aggression of one state against another." 

Cyberwarfare does not play out in the abstract. Rather, it can have a profound impact on people’s lives,” Khan writes. 

“Attempts to impact critical infrastructure such as medical facilities or control systems for power generation may result in immediate consequences for many, particularly the most vulnerable. Consequently, as part of its investigations, my Office will collect and review evidence of such conduct.” In his analysis, Khan includes includes the softer areas of cyber operations for ICC review. These would include, such as disinformation that seek to “exploit ambiguity” and operate in the gray area between conflict and peace, legal and illegal, where proxies and nonstate elements are utilised.  

Under the Geneva Convention, attacks against civilians can constitute war crimes under international humanitarian law, and for some time, researchers have pushed for cyber crimes to be recognized in this category.

Russia is not discussed in the article, although it is clear that the types of activities Khan is describing is what has  been seen taking place during the Ukraine conflict since the 2014 occupation of Crimea. Russia-inspired cyber activity has targeted Ukrainian critical infrastructure, notably its power grids, causing temporary blackouts across Ukraine. These events notably included the deployment of NotPetya malware, initially used to infect Ukraine but quickly spreading around the world.  Instead of stealing data, NotPetya destroyed it, elevating a disruptive attack into a highly destructive one.  

With respect to the softer side of cyber operations, Russia has been connected to global fake information and propaganda attempting to influence national elections. On this basis, is quite likely that  Russia’s cyber attacks against civilian infrastructure in Ukraine may be the first case to be brought by the ICC.

Karim Khan:     Oodaloop:      Wired:     CybersecurityConnect:    Ars Technica:   DigWatch:

You Might Also Read:

How To Counter Covert Action In The Digital Age:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

 

« Update: The 2023 Malware League Table
Neuromorphic Computing Changes Machine Learning »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

GrammaTech

GrammaTech

GrammaTech is a leading developer of software-assurance tools and advanced cyber-security solutions.

XBOSoft

XBOSoft

XBOSoft is a software QA and testing company. We cover the entire QA and testing life cycle including software and application security.

itWatch

itWatch

itWatch is focused on data loss prevention (DLP), endpoint security, mobile security, encryption, and cost reducing solutions for IT operations.

Threat Intelligence

Threat Intelligence

Threat Intelligence is a specialist security company providing penetration testing, threat intelligence, incident response and training services.

Auxilium Cyber Security

Auxilium Cyber Security

Auxilium Cyber Security is independent information security consultancy company providing cyber security services tailored to meet the evolving needs of organizations worldwide.

Resec Technologies

Resec Technologies

Resec provides total protection against all types of known and unknown malware threats including viruses, Trojans, ransomware and phishing, regardless of their delivery method.

Eperi

Eperi

Eperi is a leading provider of Cloud Data Protection (CDP) solutions with 15 years of experience in data encryption for databases, (SaaS) applications and files.

ENAC

ENAC

ENAC is the national accreditation body for Spain. The directory of members provides details of organisations offering certification services for ISO 27001.

Perimeter 81

Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.

Servian

Servian

Servian is one of Australia's leading IT consultancies, with expertise in cloud, data, machine learning, DevOps and cybersecurity.

Eastern Cyber Resilience Centre (ECRC)

Eastern Cyber Resilience Centre (ECRC)

The Eastern Cyber Resilience Centre is part of the national roll out of Cyber Resilience Centres in the UK which began in 2019.

Anxinsec

Anxinsec

Anxinsec Technology is a security solution and service provider with a focus on new technology and innovations in cybersecurity.

Testhouse Ltd

Testhouse Ltd

Testhouse is a thought leader in the Quality Assurance, software testing and DevOps space. Founded in the year 2000 in London, UK, with a mission to contribute towards a world of high-quality software

Sacumen

Sacumen

Sacumen is a niche player in the cybersecurity market, solving critical problems for security product companies.

Compugen Systems Inc (CSI)

Compugen Systems Inc (CSI)

Compugen Systems is an IT service delivery company that focuses on enabling your business outcomes.

SteelGate

SteelGate

SteelGate’s core capabilities are centered around architecture design and engineering of network, systems, and cybersecurity solutions.