Hasna Khan is a lawyer working on international law, human rights, and policy research

In a world where the battlefield is no longer confined to physical front lines, the need to regulate and address the legal ramifications of cybercrime has become more critical than ever. The International Criminal Court’s (ICC) senior prosecutor in The Hague recently made an extraordinary announcement: the ICC will from now on investigate and prosecute cybercrimes that violate existing international law, avoiding the need for a new Geneva Convention. This ruling marks a significant step towards holding both individuals and nations accountable for their cybercrimes, ensuring that the digital domain does not become a lawless frontier. The ICC Prosecutors’ commitment to building a framework to discourage future cyber aggressors and protect the integrity of the global cyber domain through existing international law is an optimistic action.

Rising Threats in the Digital Age

Alarming cyberattacks on critical infrastructure such as power grids, transportation networks, and financial institutions have increased in recent years. 

Examples of cyberattacks have demonstrated the extent to which sophisticated techniques can be used to target and disrupt critical infrastructure. For instance, the Stuxnet computer worm, renowned for its complexity, was specifically aimed at Iran’s nuclear facilities in 2010, with a particular focus on its uranium enrichment programme. By exploiting vulnerabilities within control systems, Stuxnet successfully inflicted serious damage upon centrifuges and effectively crippled Iran’s nuclear programme.

In another notable incident in 2017, numerous companies were subjected to an extensive global hack that severely impacted vital infrastructure providers. The NotPetya ransomware attack caused immense financial losses by encrypting the systems of affected businesses.

Preceding this event was yet another ransomware outbreak known as WannaCry. This widespread infection reached millions of computers worldwide and had a significant impact on essential infrastructure such as hospitals, transportation networks, and telecommunications businesses. The attack exploited weaknesses present within the Windows operating system, leading to substantial disruptions across various sectors.

 These attacks can have disastrous results, causing widespread power outages, transportation disruptions, and economic collapse. As cyber criminality develops, governments and organisations face an increasing urgency to strengthen their cybersecurity safeguards to defend against future acts of cyber warfare.

Karim Khan, the lead prosecutor of the International Criminal Court, unveiled the ICC’s new commitment: to investigate cybercrimes that may be in violation of the Rome Statute. This treaty outlines the court’s authority to prosecute unlawful acts, including war crimes, crimes against humanity, and genocide. In a statement to the quarterly publication Foreign PolicyAnalytics, Khan reiterated the importance of adapting to the evolving nature of conflict, emphasising the potential for digital front lines to yield damage and suffering comparable to traditional battlefields.

The ICC’s official stance, as provided by a representative of the Office of the Prosecutor (OTP), is that “conduct in cyberspace may potentially amount to war crimes, crimes against humanity, genocide, and/or the crime of aggression, […] and that such conduct may potentially be prosecuted before the Court where the case is sufficiently grave.”

A Silent War: Russia, Ukraine, and the Global Implications

While the ICC prosecutor did not expressly reference Russia’s and Ukraine’s ongoing cyber battle, it appears to have piqued his interest. Ukraine has been the subject of an increasing number of cyberattacks by Russia, as hostilities have escalated significantly. These attacks go beyond infrastructure targets and include cyber operations aimed at disseminating disinformation and propaganda that can affect public opinion both at home and abroad. These attacks have the ability to destabilise governments and cause public unrest.

Victor Zhora, the deputy chairman and chief digital transformation officer at Ukraine’s State Service of Special Communication and Information Protection (SSSCIP), anticipates that Russia will continue its online attacks, potentially constituting “cyber war crimes,” even after the physical conflict subsides. This underscores the urgent need for international pressure to address these ongoing cyber threats.

The Extent of Cyber Aggression

Since the beginning of this war, Russian hackers have targeted Ukrainian military, financial, and governmental targets. These assaults have had far-reaching implications, such as the 2015 attack on the power infrastructure in western Ukraine, which knocked off electricity for an estimated 230,000 Ukrainians. Furthermore, the second-biggest bank in Russia, state-owned VTB, suffered the largest cyberattack in its history in December 2022, though the perpetrator remains unknown. Notably, the number of malware coming from Russian and Ukrainian IP addresses has increased significantly since February 2022.

Concerns about the possibility of another significant attack are increased by the uptick in malware activity and cyberattacks in the area. The international community is closely monitoring the situation, urging nations to reinforce their cyber defences. Effective resistance to this growing digital threat necessitates international cooperation and information sharing among governments.

The ICC’s Own Cybersecurity Incident

Coincidentally, the International Criminal Court itself was subjected to a cybersecurity issue, emphasising the critical need for enhanced vigilance in the digital arena. The International Criminal Court (ICC) disclosed a computer system breach in September, raising concerns about the security of one of the world’s most prominent international organisations dealing with sensitive information on war crimes. The gravity of the breach, whether it has been entirely remedied, and the probable perpetrators are all still under investigation.

“Immediate measures were adopted to respond to this cybersecurity incident and to mitigate its impact,” the ICC said in a short statement.

The court gained notoriety in March when it issued an arrest warrant for Vladimir Putin, the president of Russia, on charges that he had forcibly removed children from Ukraine. The claims and the court’s authority are denied by the Kremlin.

Despite the rise in malware emanating from Russian and Ukrainian IP addresses, it’s crucial to remember that cyberattacks are frequently hard to pinpoint to a particular nation or group. In addition, blaming either Russia or Ukraine solely for cyberattacks ignores the potential that non-state actors or perhaps other countries could be behind the attacks.

Cyber Warfare as a New Battleground

The United Nations has highlighted cyber-attacks as a modern-day hazard, with data showing a doubling of cyber-attacks in the first half of 2019 compared to the second half of 2018. These attacks mostly target factories, oil and gas companies, and educational institutions, putting vital infrastructure owners at risk. More than a hundred cyber incidents with the potential to disrupt international peace and security have been identified in the last year. These strikes have the potential to cause significant damage and casualties.

States are employing non-state actors in the digital realm, which appears to be classified as a novel domain of military strategy due to the risks it poses to global peace and security if mishandled.

The Emergence of Cyber Ethics

The rise of cyberspace as a new battleground has prompted significant ethical and legal problems about how warfare should be conducted. Notably, the International Committee of the Red Cross (ICRC) has made tremendous progress by publishing the first-ever rules of engagement for civilian hackers active in wars. This endeavour is a direct response to the worrisome increase of nationalistic cyber-gangs since the invasion of Ukraine, which has blurred the distinction between civilian and military hacking.

The International Committee of the Red Cross’ rules of engagement for civilian hackers are based on international humanitarian law, with the primary goal of minimising collateral damage caused by cyberattacks during conflicts. These principles forbid the targeting of civilian objects, the deployment of uncontrollable viruses, and the threat of terrorising citizens. They emphasise the importance of protecting medical and humanitarian facilities, which are critical for civilian survival, as well as preventing the instigation of crimes under international humanitarian law. Importantly, these standards encourage compliance even if the opponent does not, reflecting the ethical ideals that guide the ICRC’s operations.

Challenges and Resistance: Enforcing Ethical Conduct

While the ICRC’s regulations are an important step towards regulating cyber warfare, they confront significant hurdles. Due to the anonymity and decentralised nature of cyber activity, enforcement remains a serious concern. Some hacktivist groups have stated their intention to flout these guidelines, raising worries about their effectiveness. Furthermore, distinguishing between independent hacktivists and those indirectly funded by states can be difficult, complicating enforcement operations.

The Way Forward: Encouraging Accountability and Transparency

In a rapidly changing cyber warfare battlefield, the ICRC effort stands as a light of hope. These criteria, which accord with the concepts of proportionality and distinction that underlie traditional combat, can help limit the harm done to civilians and critical infrastructure during conflicts. The voluntary commitment of certain hacktivist groups to adopt these standards is an encouraging sign that the rules can reduce cyberattacks on civilian targets.

However, it is critical to recognise that not all hacktivist groups will voluntarily follow these standards. International collaboration and robust legal frameworks will be required to hold individuals who continue to operate without restraint accountable for their activities.

Conclusion

The designation of cyberspace as a new strategic military domain emphasises the growing relevance of cyberwarfare in deciding conflict outcomes. As state-sponsored cyberattacks become more widespread, states must prioritise the development of effective defences and the formation of close multilateral alliances to combat this growing threat. Continuous research into novel cybersecurity solutions is required to limit the possible effects of cyber activities on global peace and security. Nations may better protect their interests and build a more stable and secure world by grasping the particular difficulties provided by cyberspace and taking proactive actions to guard against cyber warfare.

These efforts entail investments in research and development to improve cybersecurity experts’ expertise, as well as the creation of cutting-edge technologies to identify and prevent cyber threats. Furthermore, through enhanced cybersecurity measures and cooperation, the establishment of international treaties and agreements that provide standards and guidelines for responsible cyber behaviour can promote a safer digital environment and prevent cyber warfare from disrupting global peace and security.