The need for a Digital Geneva Convention


Perhaps most disconcerting, recent years have witnessed the expansion of nation-state attacks. The Sony attack by North Korea in 2014 was not the first nation-state attack, but it represented a visible turning point. While prior attacks had focused on economic and military espionage, the Sony attack in 2014 involved retaliation for free expression in the form of a (not very popular) movie. It was followed in 2015 by even more visible international discussion about nation-state attacks aimed at the theft of companies’ intellectual property. And last year the issue broadened again to include hacking incidents connected to the democratic process itself.

We suddenly find ourselves living in a world where nothing seems off limits to nation-state attacks. Conflicts between nations are no longer confined to the ground, sea and air, as cyberspace has become a potential new and global battleground. There are increasing risks of governments attempting to exploit or even weaponize software to achieve national security objectives, and governmental investments in cyber offense are continuing to grow.

In fundamental ways, this new plane of battle is different from those of the past. It starts with the fact that cyberspace does not exist in a clearly tangible form in the physical world. But beyond this, cyberspace in fact is produced, operated, managed and secured by the private sector. Governments obviously play all sorts of critical roles, but the reality is that the targets in this new battle – from submarine cables to datacenters, servers, laptops and smartphones – in fact are private property owned by civilians.

China, The Soviet Union, North Korea, Iran - none did or follow the Geneva Convention in regards to the treatment of combatants why would anyone be foolish enough to expect them to be 'hands off' cyber attacks

Iran has already had its Nuclear Program attack via computers - it would be ignorant to think they will not pay the west back at some point