A Ukrainian security official speaking at the RSA Conference has called for cyber attacks against critical infrastructure to be classified as war crimes.
As the war in Ukraine has evolved, so have the tactics of Russian cybercriminals who are now aligning their cyberattacks with facilities that are also under kinetic attack by the Russian military. This includes attacks against energy plants.
Ukraine has already convicted some Russian commanders of carrying out missile attacks on civilian infrastructure, said Illia Vitiuk, head of the cyber and information security department of the Security Service of Ukraine.
“I think the military commanders who are in charge of special forces and special services like the [Russian] GRU or SVR who are responsible for cyber attacks on civilian infrastructure should also be convicted as war criminals,” he added.
“Every cyber attack we come across, we take the materials and put them into criminal cases to convict those responsible for these attacks,” he said.
Vitiuk stressed that the targets of these criminal prosecutions are not only the people with their hands on the keyboards, but also those higher up in the chain of command.
However, he noted that it can be very difficult to prove who is responsible, so it is important that they gather as much information as possible about cybercriminal actors in Russia.
“We believe that cyber war crimes cases are something new and should also go to the International Criminal Court (ICC),” he added.
The Security Service of Ukraine is the body responsible for criminal investigation and war crimes.
Regarding the physical war crimes that have taken place in Ukraine, for example the civilian mass graves discovered in towns like Bucha, the FBI is working with US companies and Ukrainian entities to assist in the investigations.
The Ukrainian military and the Ukrainian National Police are collecting a lot of digital information that has documented war crimes on the Ukrainian battlefield, and the FBI has experience analyzing this type of data, Alex Kobzanets, Deputy Legal Assistant at the US Embassy in Kyiv for the Federation. The Bureau of Investigation (FBI) explained it.
“The next step is to work with US domestic service providers and transfer that information and get subscriber information and geolocation information whenever possible,” Kobzanets said.
The FBI has been working with US providers on how to obtain legal and better information to address the war crimes investigation.
This information will also be used to identify Russian spies and collaborators in Ukraine.
At the recent RSA Conference 2020, a Ukrainian government official declared that cyber-attacks on civilian infrastructure such as oil and gas plants, water supplies, and electricity networks should be considered war crimes. Oleksiy Markovskyi, the adviser to Ukraine’s minister of defense, stated that such attacks should be treated in the same way as physical destruction of these infrastructures and be listed as war crimes.
Hacking of infrastructures is already a feature of warfare. Ukraine was the victim of a massive attack in 2015, where a group of hackers shut off the nation’s power and telecom network. In 2019, the country’s biggest council was hit by a targeted ransomware. Infrastructure attacks could potentially cause even more economic and social damage than bombs and missiles.
Although countries are already taking precautionary steps against cyber-attacks, such as forming cyber security units, Oleksiy believes that international institutions like NATO and the European Union should class cyber-attacks on civilian infrastructures as war crimes, and that those found guilty of ordering them should face prosecution.
This is an argument that’s gaining traction globally, especially in the face of the fourth industrial revolution. Those who order such attacks should be held accountable, as cyberspace must be subject to the rule of law, not just technologies.
At Ikaroa, we’re committed to helping protect our clients from malicious attack. Our cutting-edge cyber security solutions protect your infrastructure from cyber terrorism, ransomware, malware, and other potential threats. We’ll help protect your organization, to make sure its digital resources are secure and reliable.