The escalating conflict with North Korea has brought cyberwarfare to the front lines. On April 3, North Korea’s official news website and social media feeds were hacked, and in March several South Korean banks and broadcast networks were shut down by malware. In February, several U.S. businesses and publications, including the New York Times and the Washington Post, were attacked by Chinese hackers, and the hacktivist collective Anonymous digitally infiltrated the State Department.
These sorts of attacks are becoming more common -- and more threatening. On March 25, U.S. Treasury Secretary Jack Lew met with Chinese officials about concerns over attacks by state-sponsored hackers.
The Defense Department’s policies are lagging behind rapid advancements in technology, which is why the Pentagon is finishing up a new set of rules for how the military can engage in cyberwarfare. The Defense Department plans to create 13 teams capable of taking offensive measures to respond to cyberattacks, according to USA Today.
The problem is that most hackers attack corporations to steal commercial secrets, not to engage in war or cause physical harm. How or why the military should respond remains somewhat of a mystery.
There is also the problem of who to respond to. Many hackers route their attacks through a foreign server, making the origin of the attack difficult to trace. The March 20 attack against South Korea was originally blamed on the Chinese, but the investigation found the malware attack could have originated from several different locations.
Many hackers and hacking collectives like Anonymous work independently of any national government. According to the Tallinn Manual on International Law Applicable to Cyber Warfare, countries aren’t considered combatants if they have nothing to do with the attacks, even if its servers were used.
The manual also notes that civilians who engage in combat do not receive the protections of international humanitarian laws. This means they could be considered a target if their attack is deemed an act of war.
To be considered an act of war, the hack must be more than just disruptive; it must inflict actual harm or damage to people, infrastructure or cyber assets.
The Pentagon says its new rules will clearly define which cyberattacks are considered acts of war and that the response will be in line with the rules of traditional warfare.
However, it also says that these rules will remain secret.