By Shalini S
In September last year, a mutual cyber hacking marathon ensued between Indian and Pakistani hackers, who each hacked and defaced multiple government and private websites. The incident was triggered by a detected defacement of a Kerala government website which was attributed to a Pakistani hacker. Indian hackers and hacktivist groups retaliated by defacing multiple Pakistani government websites and making several others inaccessible. Media reports were quick to label these cyber vandalism exchanges as a cyber war between the two countries with headlines such as:
These headlines while raising public awareness about politically motivated cyber-attacks, were also misleading and patently wrong in terming the episode as cyber war. Other politically motivated cyber-attacks involving independent hackers have also been termed cyber war in the past. The incidents were noteworthy and raised several red flags about the vulnerability of official government websites and state of security of data contained therein. However, it certainly did not cross the threshold to be termed an ‘act of war’ or ‘cyber warfare’.
There are clear thresholds for an attack to qualify as an act of war and several scholars opine that the same standards apply on a virtual battleground. For instance, the US Strategic Command’s Cyber Warfare Lexicon’s definition of cyber warfare envisions a military object (Page 8). The document also states that “not all cyber capabilities are weapons or potential weapons” (Page 9). The Tallinn Manual on the International Law Applicable to Cyber Warfare which identifies “laws of armed conflict that apply to cyberspace and delineates the limits and modalities of its application”, does not seek to regulate actions of individual hackers or groups of hackers. Susan Brenner, a cyber conflict specialist opines that cyber warfare is the use of cyberspace to achieve the same ends as conventional warfare – “the conduct of military operations by virtual means”. However, other definitions allow scope to envision the participation of non-state actors in cyber warfare.
Despite numerous attempts at defining and the lack of a clear consensus in existing definitions, ‘cyber war’ has a specific connotation. Most existing definitions of cyber warfare envisage the subversive use of cyber technologies by a nation-state in the conduct of a military operation.
Cyber-attacks are challenging to evolve specific definitions for and this make it difficult to categorize them. However, it is important to identify the exact nature of each attack, unambiguously define and categorize cyber-attacks in order to formulate a proportional and appropriate policy response.
The issue of distinguishing cyber vandalism from cyber war was most notably raised in the aftermath of the Sony hack of 2014. President Obama had characterized the attack as an act of cyber vandalism, while others opined that it was an act of terrorism or act of warfare albeit perpetuated virtually. The characterization of that particular attack on Sony has been shifting with allegations of the incident being a state-sponsored act. Regardless, it remains that the consequence of classification of any cyber-attack carries its own implications for the formulation of a response policy and thus it must also be accurately communicated to the public and policy makers.
It is clear that the above-described incident of mutual defacement of websites by hackers and hacktivist groups, falls short of qualifying as a cyber war on many counts. There is no indication of the attacks being sponsored by the Indian or Pakistani state. Evidently, it was also not carried out in the furtherance of a military objective. The target of the primary attack, an official government website is not critical information infrastructure and the nature and severity of the attack was fairly minimal. Thus, the act and the subsequent retaliation do not qualify as acts of cyber war and can only be characterized as ‘cyber vandalism’.
Cyber vandalism is the digital equivalent of conventional vandalism wherein legitimate content of a website will be made unavailable or replaced. As advanced cyber capabilities are within the reach of even non-state actors, attacks of this nature might be a frequent occurrence in the future. It is vital then to evolve appropriate legal and policy responses to effectively deal with individuals, hacktivist and organized groups that indulge in cyber vandalism.
The rules of cyber war are still nascent but the Tallinn Manual sheds light on the form that law might take on regulating acts of such nature. The international community is bound to arrive at a consensus on the definitions and clear demarcations of acts of warfare, terrorism, vandalism and espionage in the cyberspace. In the meantime, there must be a concerted effort to understand these new-age operations and evolve better classifications that aids policy formulation on these issues.
 Susan W. Brenner, Cybercrime, cyberterrorism and cyberwarfare, 77 Revue internationale de droit pénal 453 (2006) at Para 45, https://www.cairn.info/revue-internationale-de-droit-penal-2006-3-page-453.htm#no33.
 Susan Brenner, At Light Speed: Attribution and Response to Cybercrime/Terrorism/Warfare, 97 Journal of Criminal Law and Criminology (2007) at Page 401, http://scholarlycommons.law.northwestern.edu/cgi/viewcontent.cgi?article=7260&context=jclc.
 Nicolò Bussolati, The Rise of Non-State Actors in Cyberwarfare (2015).