Cyberwar manual: Civilian hackers can be targets

Handbook is first attempt to codify how international law applies to state-sponsored online attacks

Published March 19, 2013 2:10PM (EDT)

    (Shutterstock/ Sergey Nivens)
(Shutterstock/ Sergey Nivens)

With the support of NATO, legal experts have released a manual as a first broad attempt to codify how international law applies to state-sponsored hacking. The handbook, authored by legal experts working in conjunction with the International Committee of the Red Cross and the U.S. Cyber Command, details what is or is not a legitimate target in cyberwarfare.

It states not only that full-scale conventional wars may be triggered by cyberattacks, but that civilian "hacktivists" can be targeted with conventional weapons if their cyberattacks seriously damage property or cause deaths. The handbook, titled "The Tallinn manual," is primarily advisory and is not an official NATO document; the rules of cyberwarfare remain hotly debated. As the HuffPo U.K. pointed out, experts were divided on exactly when a civilian hacker might be a target. The manual explicitly notes that consensus has not been reached on this issue:

Consider the example of an individual hacktivist who has, over the course of one month, conducted seven cyber attacks against the enemy's command and control system. By the first view the hacktivist was only targetable while conducting each attack. By the second he was targetable for the entire month. Moreover in the absence of a clear indication that the hacktivist was no longer engaging in such attacks, he or she would have remained targetable beyond that period.

As the Guardian noted, the manual follows the Geneva conventions in outlawing certain civilians sites as cyberattack targets. Rule 80 of the handbook states: "In order to avoid the release of dangerous forces and consequent severe losses among the civilian population, particular care must be taken during cyber-attacks against works an installations containing dangerous forces, namely dams, dykes and nuclear electrical generating stations, as well as installations located in their vicinity." Hospitals and medical units are also protected.

Although recent years have seen major incidents such as the Stuxnet virus, which targeted alleged Iranian nuclear enrichment facilities and was believed to have come from the U.S. or Israel, the manual states that, "To date, no international armed conflict has been publicly characterized as having been solely precipitated in cyberspace."

By Natasha Lennard

Natasha Lennard is an assistant news editor at Salon, covering non-electoral politics, general news and rabble-rousing. Follow her on Twitter @natashalennard, email

MORE FROM Natasha Lennard

Related Topics ------------------------------------------

Cyber Warfare Cyberattacks Hacking Hacktivists Nato Stuxnet Tallinn Manual