The final version of a NATO document expected to shape cyber warfare policies among Western nations was formally launched in London on March 15 and made available to the public on March 18. The 215 page Tallinn Manual is the first attempt to codify how international law applies to online attacks. It includes a provision that makes it clear that a full-scale war may be triggered by cyber warfare if civilians have been injured, killed or the attack results in significant damage to property.
The handbook, written by 20 legal experts working in conjunction with the International Committee of the Red Cross and the US Cyber Command, says that in accordance with Geneva conventions that specific key civilian sites are outlawed. Rule 80 of the handbook states: "In order to avoid the release of dangerous forces and consequent severe losses among the civilian population, particular care must be taken during cyber-attacks against works an installations containing dangerous forces, namely dams, dykes and nuclear electrical generating stations, as well as installations located in their vicinity." Hospitals and medical units are also protected as they would be under rules governing traditional warfare.
However, our nation’s military and intelligence leaders have raised the volume on their alarms.
“You don’t hear a gun shoot, you don’t hear a plane fly, you just have this situation where [hackers] are gaining access to our most sensitive information,” said Senator John McCain, who added that people are beginning to realize the magnitude of the problem.
The question is what are the most likely targets? The very same targets that have been declared outlawed would be best choice of targets in terms of a strategy to bring a nation to its knees, especially a country that depends on technology. Will cyber hackers, cyber spies and hostile nations observe these rules?