SOCRadar® Cyber Intelligence Inc. | 8 Commandments of Red Cross (ICRC) to Hacker Groups: Do Not Harm Civilians


Oct 06, 2023
6 Mins Read

8 Commandments of Red Cross (ICRC) to Hacker Groups: Do Not Harm Civilians

At the Warsaw Summit in 2016, NATO took a momentous step forward in acknowledging the paramount importance of cyberspace in modern warfare. During this historic event, NATO officially recognized cyberspace as a distinct operational domain, elevating it to the same status as the more traditional domains of air, land, and sea. This pivotal declaration signaled a paradigm shift in NATO’s approach to security, underlining the critical role that cyberspace plays.

For the very first time, the International Committee of the Red Cross (ICRC) has released a set of guidelines outlining rules of engagement for civilian hackers participating in conflict scenarios.

This move comes as the organization raises concerns about a surge in the recruitment of individuals into patriotic cyber groups, largely attributed to the conflict in Ukraine.

These guidelines, directed at hacking groups involved in the ongoing cyber conflict in Ukraine, aim to establish a framework for responsible behavior in cyberspace. While NATO’s recognition of cyberspace as an operational domain laid the foundation for addressing cyber threats at a strategic level, the ICRC’s guidelines serve as a practical and ethical compass for individuals and groups engaged in cyber warfare.

The rules were crafted with the objective of safeguarding both civilians and critical infrastructure during times of conflict, have been dispatched to several hacking collectives currently involved in the cyber confrontation in Ukraine. They encompass prohibitions on targeting hospitals, employing hacking tools that can propagate uncontrollably, and instigating threats that create fear and distress among civilians.

Eight Rules of Red Cross: Guidelines Lacking Legal Enforceability but Establishing a Moral Benchmark

Comprising eight pivotal articles, based on International Humanitarian Law, these guidelines serve as a vital framework governing the behavior of cyber operatives amidst this digital battleground:

  1. Do not direct cyber-attacks against civilian objects
  2. Do not use malware or other tools or techniques that spread automatically and damage military objectives and civilian objects indiscriminately
  3. When planning a cyber-attack against a military objective, do everything feasible to avoid or minimise the effects your operation may have on civilians
  4. Do not conduct any cyber-operation against medical and humanitarian facilities
  5. Do not conduct any cyber-attack against objects indispensable to the survival of the population or that can release dangerous forces
  6. Do not make threats of violence to spread terror among the civilian population
  7. Do not incite violations of international humanitarian law
  8. Comply with these rules even if the enemy does not

The ICRC’s aspiration is to reduce needless suffering and damage within the virtual realm while simultaneously cultivating a culture of respect and responsibility among hackers, a notion that aligns with the evolving dynamics of cyber warfare. It is worth noting that while these guidelines are not legally binding, they are intended to serve as a moral compass and a basis for constructive dialogue among hacking communities.

A Testament of the Evolving Nature of Cyber Warfare 

In the wake of this groundbreaking development, it is essential to acknowledge the broader context of the evolving cyber landscape. Just a few years ago, NATO formally recognized cyberspace as an operational domain alongside traditional domains such as land, air, sea, and space. This acknowledgment underscores the growing importance of cybersecurity in modern conflict scenarios. The emergence of these Red Cross guidelines is a testament to the evolving nature of cyber warfare and the urgency of establishing ethical norms in this domain.

However, it is important to note that not all hacking groups have embraced these guidelines. Groups like KillNet and Anonymous Sudan have publicly stated their intention to disregard these rules, citing their perceived impracticality and a lack of recognition of the Red Cross’s authority according to BBC’s news

In contrast to BBC’s news, groups, UserSec, Anonymous Russia and KillMilk, active in the Ukraine conflict, have pledged their commitment to abiding by these principles, heralding a potential shift in the cyber warfare landscape.

Telegram message by KillMilk (Auto-translated from Russian)
Telegram message by KillMilk (Auto-translated from Russian)

A message from KillMilk shared in the group’s official Telegram group and then shared by UserSec and Anonymous Russia states that (English Translation) “Today Killnet takes the first step towards peace! That’s why we listen to the Red Cross and commit to complying with these rules! Glory to Russia.”

The Red Cross welcomes open dialogue on these guidelines and invites stakeholders, including governments, corporations, and civil society, to actively participate in shaping a more humane cyberspace. As the world grapples with the increasingly prominent role of cyber warfare, these guidelines represent a significant step towards establishing a framework for responsible conduct in this digital frontier. The path forward will undoubtedly involve continued discourse, adaptation, and a shared commitment to minimizing the impact of cyber conflict on innocent civilians and critical infrastructure.

The ICRC’s guidelines, which underscore the importance of ethical and responsible behavior in cyberspace, have the potential to instigate a transformation within the hacking community, pushing them towards more principled conduct. Although these guidelines lack legal enforceability, they establish a moral benchmark that certain hacking groups may opt to adhere to. 

Consequently, this shift in behavior could result in a decrease in indiscriminate cyberattacks targeting organizations, thereby mitigating the risk of unintended harm to innocent entities. Additionally, when combined with the formal endorsement of these rules by certain groups, it can provide valuable insights into the motivations and intentions behind cyber incidents.

Being Vigilant and Proactive is Still Important

While the introduction of ethical guidelines and commitments in the realm of cybersecurity is undoubtedly a welcome step, it is crucial for industry stakeholders, organizations, and security professionals to remain vigilant and proactive in the face of evolving cyber threats. Embracing responsible conduct in cyberspace is a significant stride towards a safer digital environment, but it should not lead to complacency.

The ever-evolving landscape of cyber threats demands continuous adaptation and preparedness. Cyber threat actors are persistent, innovative, and agile in their tactics. Therefore, organizations must stay ahead of the curve to protect their assets and safeguard against potential breaches.

One effective way to stay updated with the latest tactics, techniques, and procedures of threat actors is by leveraging advanced Threat Intelligence platforms like SOCRadar. These platforms provide real-time, actionable insights into emerging cyber threats, enabling organizations to proactively defend their networks, data, and reputation. 

SOCRadar XTI platform dashboard (Widgets from ASM module), red cross
SOCRadar XTI platform dashboard (Widgets from ASM module)

In conclusion, ethical guidelines and commitments serve as a valuable framework for fostering responsible behavior in cyberspace. However, they should complement, not replace, the ongoing efforts of organizations and security professionals to fortify their defenses and stay informed about the ever-changing threat landscape. With the right tools and proactive strategies, it is possible to maintain a strong cyber defense posture and effectively protect against emerging cyber threats in today’s dynamic digital environment.