Military Review

War in cyberspace

War in cyberspace

In a modern war, with one keystroke, you can disable the entire infrastructure of the whole city.

The media in the Russian Federation and in other countries regularly report cyber attacks on the websites of state and commercial structures. At the same time, using the expression "cyber attack" and "cyber war", different people, apparently, put different meanings in them. In this case, we use the term “cyberwar” to refer to means and methods of warfare, which are operations that are carried out by or against a computer or computer network through an information flow, and when such cyber operations are conducted within the framework of an armed conflict within the meaning of international humanitarian law (IHL ). Many of the operations, called cyber attacks, are in fact illegal information gathering, such as industrial espionage, and occur outside the framework of armed conflicts. Thus, they are not subject to IHL. The Russian Federation uses the concept of “cyberwar” and defines it in its official documents as part of a broader concept of information warfare.


It may seem strange that the International Committee of the Red Cross (ICRC) is interested in the phenomenon of cyber warfare. In fact, the ICRC constantly monitors the development, use or possibility of using new technologies in armed conflicts, such as unmanned aerial vehicles and robots. He tries to assess the real or potential implications of their humanitarian application, as well as to analyze how this application is governed by IHL. In connection with the application to existing technologies of already existing legal norms, the question may also arise whether these norms are clear enough if we take into account the peculiarities of these technologies and the predictable consequences of their use in humanitarian terms. From this point of view, new technologies in the telecommunications sphere are no exception.

The ICRC is particularly concerned about the phenomenon of cyber war because of the vulnerability of cyber networks and the humanitarian consequences that cyber attacks can cause. When computers or networks of any state are attacked, there is a danger that the civilian population may lose the most necessary: ​​drinking water, medical care and electricity. When GPS systems are put out of action, it can also lead to human casualties: for example, if there are failures in the rescue helicopter flights, on which people's survival sometimes depends. Although the military potential of cyberspace is still completely understood, it seems that such attacks on transport systems, electrical networks, or even dams or nuclear power plants are technically possible. Such attacks can have far-reaching consequences for the well-being, health and lives of hundreds of thousands of people. Thus, the responsibility of the ICRC to remind you that in the event of an armed conflict it is necessary to constantly take measures to ensure that civilians and civilian objects do not suffer. In fact, cyber warfare is subject to IHL, just like any new species weapons or methods of warfare. There is no legal vacuum in cyberspace. Like a number of other states, the Russian Federation recognized the applicability of IHL to cyberwar in several documents, in particular, in the Fundamental Principles of the State Policy of the Russian Federation in the Field of International Information Security for the Period to 2020, signed by President Putin in July 2013.

In the same year 2013, the Tallinn Manual on International Law applicable to cyberwar was published. Although the manual was prepared at the suggestion of the Joint Center for Advanced Technologies in Cyber ​​Defense of NATO, it is not part of the NATO doctrine, but is a non-binding document drawn up by a group of experts in a personal capacity. The ICRC has contributed to the work of this group of experts and generally agrees with the wording of the norms as set out in the part on the law of cyber armed conflicts. However, exceptions are possible when, in the opinion of the ICRC, the existing IHL norm is stricter or provides greater protection than the norm set forth in the manual. Although the Tallinn leadership is regional rather than global in nature, the ICRC welcomes the fact that a discussion on this topic has taken place and, of course, hopes that the guide will be useful for further discussion by states of these difficult issues. In Russia, a negative opinion was expressed about the Tallinn leadership, since it seemed to legitimize cyber war. Of course, it was not for this that the ICRC participated as an observer in the work of the group that formed this document. Through its participation, the ICRC sought to ensure that the leadership reflected the degree of protection that IHL provides to victims of armed conflicts.

A few years ago, the Russian Federation presented to the UN the “Rules of Conduct in the Field of Ensuring International Information Security” and a draft convention on the same issue. While these documents are much broader in scope than IHL, the ICRC is pleased to note the attention that the Russian Federation has been paying to this issue for some years now. Although the importance of IHL as the main branch of law that can regulate cyber warfare needs to be confirmed, the ICRC would not want to rule out the possible need for further development of the law, which would allow it to adequately protect civilians. The solution to this question is a matter of states.


What, according to the ICRC, are the most acute problems that cyber war creates for the application of IHL?

First, anonymity. In most cases, it is difficult, if not impossible, to establish who is guilty of a cyber attack. Since, from the point of view of IHL, establishing the responsibility of states and other parties to armed conflicts is a prerequisite for ensuring justice, anonymity creates great problems. If it is impossible to establish who carried out this cyber operation, it is extremely difficult to determine whether IHL is applicable to it at all. The solution, apparently, should be sought not only and not so much in the legal as in the technical sphere.

Secondly, is it possible to consider that cyber operations represent such a level of use of force that would allow to apply IHL to them? There is no doubt that the situation can be characterized as an armed conflict, when cyber operations are used in combination with traditional kinetic weapons. However, when cyber-operation is the first and perhaps the only hostile action, can this be qualified as an armed conflict within the meaning of the Geneva Conventions of 1949 and the Additional Protocols thereto? Although no one took responsibility for operations such as Staxnet in 2010 or cyber attacks on banks or television stations in Seoul in March and June of 2013. Such questions would undoubtedly arise if it were possible to establish that these operations were carried out by states. The attack using the Stuxnet worm resulted in physical damage to the Iranian centrifuge, while the Seoul 2013 attacks did not cause any physical damage. According to the ICRC, it will be possible to determine whether IHL is applicable to a particular cyber operation in the absence of any actions using kinetic weapons based on the future practice of states on this issue.

Thirdly, in situations where IHL is applicable, the question arises of defining a “cyber attack”, an extremely important concept for the rules governing the conduct of hostilities, especially in connection with the principles of distinction, proportionality and precautionary measures in attack. The Tallinn leadership defines a cyber attack as part of the IHL as “a cyber operation, whether offensive or defensive, which, as you can reasonably expect, will cause injury or death to people, or damage to objects or result in the destruction of the latter.” However, the very essence of the issue lies in the details, namely, what is considered damage in the cyber world. After intense discussion, most experts agreed that the loss of functionality to an object could also be a damage.

The ICRC believes that if the object became unusable, it does not matter how this result was achieved. This question is very important in a practical sense, since a more restrictive interpretation of the concept of cyber attack may mean that fewer IHL rules will apply to such operations and these will be less specific rules. Thus, for example, a cyber operation leading to the loss of functionality of a civilian network will not fall under the prohibition established by IHL on direct attacks on civilians and civilian objects. In this sense, Seoul cyberattacks that occurred in March 2013 can serve as a good illustration, assuming that IHL was applicable to them (which has not been established), since several civilian networks were for some time partially or completely incapacitated, but the immediate physical there was apparently no damage.

Fourthly, we are talking about the problems that creates for the application of IHL norms aimed at protecting civilians and objects, such a phenomenon as the unity of cyberspace. There is only one cyberspace, and the same networks, routes, and cables are used by both civilian and military users. The unity of cyberspace may make it impossible to distinguish between a military and civilian computer network during a cyber attack; if such an attack is carried out, the ban on indiscriminate attacks will be violated. The use of malicious software that is uncontrollably self-replicating and damaging civil cyber networks is also prohibited. In addition, the party to the conflict must do everything possible to assess the likelihood of collateral damage to civilians and civilian networks or objects during the attack, which would be excessive in relation to the direct and specific military advantage, and, if there is such a probability, refrain from attacks. But is it possible in Cyberspace to properly assess such collateral damage, including the indirect effects of a cyber attack?


This is only a brief overview of this topic. There are many other serious problems, such as the geography of cyber conflict, the application of the law of neutrality and the concept of sovereignty, the definition of cyber weapons, and the question of whether computer data are subject to the rules governing the conduct of hostilities. These problems point to the need for extreme caution when deciding on cyber attacks and their implementation in armed conflicts in order to avoid harm to civilians and networks. These problems also show how important it is for states that develop or acquire material assets for cyber warfare, both offensive and defensive, to evaluate their legality from the point of view of IHL, as well as in the case of any other new weapons or methods of warfare. Undoubtedly, this is the only way to ensure that their armed forces and other government departments that may be affected are able to comply with the obligations of these countries under international law in the case of using cyber potential during armed conflict. The fact that more and more states are developing a technical base for conducting cyber warfare, both defensive and offensive, only increases the relevance of this topic.
Dear reader, to leave comments on the publication, you must sign in.
  1. My address
    My address 15 February 2014 15: 50
    For now we are far worse off fighting with us on the information front for our money.
    Examples - "Echo of Moscow" with Venediktov am and TNT with House-2 am . Both vipers are included in the holding Gazprommediya, which is a daughter of state (!) Gazprom.

    For information - until 2008, the chairman of the board of directors of Gazprom was this petty soul with an iPhone angry . And the board of directors determines the overall strategy of the company.
    1. pensioner
      pensioner 15 February 2014 21: 33
      Quote: My address
      Until 2008, this petty soul with an iPhone was the chairman of Gazprom’s board of directors.

      Sasha! Stop it bonfire already! Have pity on the future dead! Then, in his coffin, his head will spin very much ... repeat
  2. Volkhov
    Volkhov 15 February 2014 15: 52
    In a modern war, with one keystroke, you can disable the entire infrastructure of the whole city.

    And where is the key to clean the sewer?
    1. Setrac
      Setrac 15 February 2014 16: 17
      Quote: Volkhov
      And where is the key to clean the sewer?

      Where is the button for repairing the railway track, otherwise the damn crowbar drops out of my hands, there is no urine.
  3. jjj
    jjj 15 February 2014 15: 54
    But interestingly, you can attack supercomputers, or only those that are personal and derived from them? Something tells us that very soon we will be offered a new product, which against the background of cyberattacks and progressive viruses will look very attractive
  4. Stinger
    Stinger 15 February 2014 19: 05
    Horror story! In our Bialowieza Forest, without any keys, 15 countries have disabled and rebuilt the whole of Europe. And if we press a good key? We are hyperboreans, what will happen to us after three hundred grams?
  5. pensioner
    pensioner 15 February 2014 21: 37
    Quote: Volkhov
    In a modern war, with one keystroke, you can disable the entire infrastructure of the whole city.

    And where is the key to clean the sewer?
    They clearly told you:
    Destroy! yes
    Do not clean recourse ...
    1. Volkhov
      Volkhov 16 February 2014 03: 44
      That is, everything will go to the Internet?
  6. polkovnik manuch
    polkovnik manuch 15 February 2014 23: 00
    The development of cybernetics as a science in the USSR was screwed up by the bald corn grower, it was he and this feed that we lagged behind the West for a long time in the 50-60s, and then we did not develop very much. To this day, we are catching up, and "effective managers" help scientists. " And the lag in cyber technologies is worse than an atomic bomb.
  7. pawel1961
    pawel1961 15 February 2014 23: 15
    America played with cyber pontoons, it’s even something in our hands.
  8. Yuri Y.
    Yuri Y. 16 February 2014 02: 55
    that the civilian population may lose the most necessary: ​​drinking water, medical care and electricity. When GPS systems fail, it can also lead to human casualties: for example, if there are crashes in the flights of rescue helicopters, on which people's survival sometimes depends.

    If we recall that a state without cyber warfare (carpet bombing, atomic bombing, bombing of drones of different weddings and funerals) poses a threat to the civilian population (this principle), then this area should be given increased attention (especially after Snowden). For example, in our country (northern city, central heating), technology boilers are increasingly becoming controlled by computers (there is an old line and a new one). On the one hand it’s convenient, on the other hand, the same Win system (to the extreme, who does not know it, they are anyway) and electronics (processors, etc.). And what is it to get all the boilers in the cold for forty for the city. Well, not everything depends on electronics yet, but we are moving and the question here is very serious.