Scroll Top

ICRC issues rules of engagement for Hacktivists amid escalating Cyber Warfare


In a groundbreaking move, the International Committee of the Red Cross (ICRC) has taken a significant step in addressing the increasing threat of cyber warfare by publishing rules of engagement for civilian hackers involved in conflicts. This unprecedented initiative comes as a response to the surge in patriotic cyber-gangs following the Ukraine invasion, with the ICRC expressing concern about the potential harm caused by their actions.

The ICRC’s newly established eight rules of engagement are designed to establish ethical boundaries and minimize the risks associated with cyber warfare, particularly when civilian objects and populations are involved. These rules include prohibitions on cyber-attacks against hospitals, the use of malware or tools that cause indiscriminate damage, and threats that incite terror among civilians.

Despite the ICRC’s earnest attempt to promote responsible behavior in the realm of cyber warfare, some cyber-gangs have openly declared their intention to disregard these rules.

The ICRC, responsible for overseeing and monitoring the rules of war, has specifically targeted its outreach towards hacking groups actively involved in the Ukraine conflict. The organization emphasizes the potentially severe consequences of hackers’ actions, including the potential for them to be considered legitimate military targets.

The phenomenon of patriotic hacking has been on the rise over the past decade, with notable incidents like pro-Syrian cyber-attacks on Western news media in 2013. However, the situation has taken a more alarming turn in recent years, driven in large part by the Russia-Ukraine conflict.

Dr. Tilman Rodenhäuser, an ICRC legal adviser, states, “Some experts consider civilian hacking activity as ‘cyber-vigilantism’ and argue that their operations are technically not sophisticated and unlikely to cause significant effects.” Nevertheless, these groups have demonstrated their capacity to disrupt critical infrastructure, including banks, companies, pharmacies, hospitals, railway networks, and government services.

The rules, rooted in international humanitarian law, include directives such as not conducting cyber-attacks against civilian objects, avoiding the use of malware that damages civilian and military objectives indiscriminately, and refraining from attacking medical and humanitarian facilities or critical infrastructure necessary for civilian survival.

The ICRC also implores governments to restrain hacking activities and enforce existing laws to mitigate the impact of cyber warfare on civilian populations.

The ongoing Ukraine conflict has blurred the lines between civilian and military hacking, as governments and civilian groups, such as the IT Army of Ukraine, have been involved in attacks on foreign targets, particularly Russian interests.

Notably, the IT Army of Ukraine, with a substantial following of 160,000 members on its Telegram channel, has yet to decide whether it will adhere to the ICRC rules. While they have previously banned attacks on healthcare targets, they claim that the broader civilian impact of their actions may be unavoidable.

Likewise, pro-Russian hacking groups, like Killnet, with 90,000 supporters on its Telegram channel, have expressed reluctance to follow the ICRC’s guidelines, questioning the relevance of these rules in their operations.

As the world grapples with the evolving landscape of cyber warfare, the ICRC’s attempt to establish ethical norms for hacktivists represents a critical step forward in addressing the challenges and dangers posed by this emerging form of warfare. However, it remains to be seen whether these rules will have a meaningful impact on the behavior of hacking groups, as some continue to prioritize their objectives over international humanitarian guidelines.

Related Posts

Leave a comment

You must be logged in to post a comment.
Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.