Given the unprecedented number of ‘patriotic’ hackers that emerged after Russia invaded Ukraine, an international war watchdog has released the first-of-its-kind rulebook for safe engagement.
The International Committee of the Red Cross (ICRC), which is in charge of reviewing and monitoring war regulations, is delivering the new rules to hacking groups, notably those active in the Ukraine conflict.
It also warns hackers that their acts may jeopardize lives, including their own, if they are designated a legitimate military target.
The rulebook contains eight criteria that prohibit hospital attacks, uncontrollable hacking tools, and threats that instill fear in civilians.
Based on international humanitarian law, the rules are:
Do not direct cyber-attacks against civilian objects.
Do not use malware or other tools or techniques that spread automatically and damage military objectives and civilian objects indiscriminately.
When planning a cyber-attack against a military objective, do everything feasible to avoid or minimise the effects your operation may have on civilians.
Do not conduct any cyber-operation against medical and humanitarian facilities.
Do not conduct any cyber-attack against objects indispensable to the survival of the population or that can release dangerous forces.
Do not make threats of violence to spread terror among the civilian population.
Do not incite violations of international humanitarian law.
Comply with these rules even if the enemy does not.
Man cyber gangs, however, intend to ignore the rules, according to reports.
Patriotic hacking is not a new phenomenon, with several attacks occurring around the world during times of high tension or war during the last decade. The ICRC statement, for example, mentions pro-Syrian cyber-attacks on Western news organizations in 2013.
However, the dangerous tendency, which has been hastened by the cyber-chaos in the Russia-Ukraine conflict, is now spreading globally, according to ICRC legal consultant Dr Tilman Rodenhäuser.
He believes the Ukraine crisis has blurred the distinction between civilian and military hacking, with civilian organizations like as the IT Army of Ukraine formed and encouraged by the government to attack Russian targets.
The Ukrainian IT Army, which has 160,000 members on its Telegram channel, also targets public services like railway networks and banks.
It had not yet determined whether to implement the ICRC standards, according to a representative for the organization. The group has already prohibited strikes on healthcare facilities, but the larger civilian impact is unavoidable, according to the group.
“Adhering to the rules can place one party at a disadvantage,” the spokesman stated.
Large organizations in Russia have similarly assaulted Ukraine and its allies, including disruptive but temporary attacks on hospitals, such as knocking websites offline.
“Why should I listen to the Red Cross?” a Killnet representative, who has 90,000 followers on its Telegram channel, asked BBC News.
Pro-Russian organizations are accused of working directly for or in collaboration with the Kremlin. Killnet, on the other hand, strenuously rejects this.
Meanwhile, a spokesman of Anonymous Sudan, which has been attacking technological businesses and government services it claims are critical of Sudan or Islam in recent months, told BBC News that the new restrictions were “not viable and that breaking them for the group’s cause is unavoidable.”
In addition, a report quoted a prominent member of the Anonymous collective saying that the collective had “always operated based on several principles, including rules cited by the ICRC,” but that it had now lost faith in the organization and would not be obeying its new rules.