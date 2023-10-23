Civilian hacking in conflict is on the rise. Recent non-state cyber activity surrounding the Ukraine and Israel conflicts has contributed to destabilizing both situations and enhanced risk of harm to civilian populations. A recent set of notional rules for non-state hacker behavior during ongoing conflict seeks to address this reality, suggesting that hacktivists and patriotic hackers alike should limit their activities to protect civilian populations in line with the principles of International Humanitarian Law (IHL).

To the surprise of some in the global community, these rules - promulgated in early October by the International Committee of the Red Cross (ICRC) - were received with some acceptance by hacker groups tied to ongoing conflicts. The surge of non-state cyber aggression in the wake of Hamas's October 7 attack, however, has thrown cold water on the idea that constraining norms of behavior surrounding civilian hacking in conflict are achievable. After all, the time between general acceptance of these principles and deviation from that position was measured in mere days for some hacker groups.

Against the grain of these developments, there is reason to be optimistic about new progressive, constraining norms against counter-population hacking led by neutral intermediaries like the ICRC. There is evidence of growing global awareness that cyber for cyber's sake is rarely as gainful as desired, and of patterns of support for digital restraint vis-a-vis civilian populations that align with norm emergence features seen with other disruptive technologies. It's also worthwhile to distinguish between conflict and crisis. In particular, state interests appear to drive civilian hacking at such critical junctures in ways that demand recognition. As such, the ICRC and advocates of the applicability of IHL to cyberspace should be bullish about their initiative, so long as they remain pragmatic about the scope and strength of norm evolution.

New Red Cross hacking rules: Old problems, new credibility?

In promulgating new rules on civilian hackers during armed crises, the ICRC cites three broad areas of concern. Most clearly, the Red Cross is worried about the potential for harm produced by non-state hacking against civilian populations, whether via direct hacking or second-order effects. Second, "civilian hackers risk exposing themselves, and people close to them, to military operations," expanding the scope of conflict unnecessarily. Finally, by expanding the scope of armed disputes, particularly those with deep-rooted issues and constituents, hacking can blur the line "between who is a civilian and who a combatant." Should these last two developments take place, the ICRC worries that international law - and its mission - becomes far more ambiguous in how it would be applied in conflict zones.

In response, the ICRC suggests a set of rules that should govern the behavior of civilian hackers in conflict. Perhaps counterintuitively, the final rule is the simplest and takes primacy over all others: Actors should endeavor to follow rules of upstanding humanitarian practice even if their adversaries do not.

Beyond this simple stipulation, the next three are closely related and state that non-state hackers: