Cyberwar: play by the rules1 min read . Updated: 25 Mar 2013, 05:34 PM IST
With the Indian govt digitizing data, cyber war must be taken seriously, especially with a neighbour like China
The formal publication this month of the Tallinn Manual, named after the Estonian capital where it was compiled, on international law applicable to cyber war is a welcome step.
Traditional wars have rules laid down by the Geneva Conventions to regulate the conduct of armed conflict and limit damage by protecting civilians, health and aid workers, the sick and prisoners of war. Cyber war—often backed by governments—has no such rules. The Tallinn Manual plugs this gap.
The manual has been written by a group of experts at the invitation of a North Atlantic Treaty Organization (Nato) think tank called the Nato Cooperative Cyber Defence Centre of Excellence. Conceived in 2009, it examines how existing international legal norms apply to this new form of warfare and underscores jus ad bellum (international law governing the resort to force by states as an instrument of their national policy) and jus in bello (international law regulating the conduct of armed conflict). The project director, Michael N. Schmitt, and others insist the manual does not reflect Nato doctrine.
It was just last week that South Korea’s police began investigating a “massive" hack attack on Internet service provider LG Uplus, which led to server outages at three domestic broadcasters and two major banks. A 20 March Reuters report said that, as a result, the South Korean army raised its alert status amid concerns the attacks were initiated by North Korea. On 19 February, a 60-page report by an American computer security firm Mandian alleged that advanced persistent threat (APT) groups in China are waging a long-running and extensive cyber espionage campaign, especially in the US, with the help of direct government support. China expectedly rubbished the reports.
The term cyber war has been in existence for almost a decade in some form or the other, but it was the havoc that the Stuxnet virus wreaked in September 2010 that made countries, including India, realize its potential threat. With the Indian government digitizing data and making them available to all citizens online, besides setting up state wide area network (SWAN) connections and important e-governance programmes—including that of MCA 21, e-passport and e-office—cyber war will have to be taken seriously, especially with a neighbour such as China.
Land or the Web: can the rules of war be any different? Tell us at email@example.com