Why cyberattacks could be war crimes

Author(s): 
Publication Type: 
Other Writing
Publication Date: 
July 17, 2017
Cyberattacks are the new normal, but, when they come from abroad, they can raise panic about an invisible cyberwar. If international conflicts are unavoidable, isn’t a cyberwar better than a physical war with bombs and bullets?
 
Sure, cyberwar is better than a kinetic or physical war in many ways, but it could also make war worse. Unless it’s very carefully designed, a cyberattack could be a war crime.
 
Imagine that you’re a political leader and you want to take out an enemy base. We suspect it’s a propaganda machine and financing terrorist activities. How would you do it?
 
Well, you could go the old fashioned way — call in some airstrikes or send troops to blow up the building — but this would be an open declaration of war, worsening tensions. It would also be a political disaster if your troops or even drones were captured.
 
Now, there is another way: you could launch a cyberattack against the facility. This is more invisible and therefore less risky. It’d take too long to directly hack into the facility’s secure network, but you’ve already created an email virus that can knock out the town’s energy grid, which would take out the base.
 
Let’s say you plan to disguise the malware as an official United Nations email to help ensure it’ll be opened by the local leaders. Once opened, the malware will autonomously spread on its own across the town’s networks until it finds the energy grid and is able to disable its controls and overload its transformers.
 
Read the full piece at the World Economic Forum