Most nations are facing a flood of cyber intrusions. But how do you prosecute a hacker when they bounce an attack through several countries before actually attacking your military systems? Will all the nations involved have the same legal procedures and due process? Will they hand over crucial evidence needed to prosecute or retaliate? Or, will they even co-operate at all?
NATO tries to unravel these inherent complexities of international hacking and cyber war by creating a manual on the international law applicable to cyber-warfare:
“To help address this issue, the North Atlantic Treaty Organisation cooperative cyber defence centre of excellence – or NATO CCD COE – is sponsoring and actively participating in the writing of the manual on international law applicable to cyber-warfare – or MILCW. This is expected to be published by the end of 2012.
The manual is meant to address all the legal issues under a framework of both international use-of-force law and international humanitarian law. In addition, it examines related problems such as sovereignty, state responsibility and neutrality. We are confident that this manual will help the international community answer many unanswered questions, especially those regarding retaliation.”
This is actually a much harder task than it seems. I remember listening to a British federal agent telling about his attempts to prosecute a Russian hacker. The case was held in Russia and the court and jury were not very technically savvy. To make sure the court understood the evidence that was being presented, the British agent created a power point presentation to explain what the hacker did.
Objections from the defense were raised and the court fell into several days of dispute. The reason? No one knew for certain if Power Point presentations were legal in a Russian court.
This is a needed step, hopefully the nations involved can come together and get on the same page to present a united front against cyber aggression.