Security News > 2021 > April > Crossing the Line: When Cyberattacks Become Acts of War
The question is, when does a cyberattack cross the line between a criminal action or mere prank, to an act of war? Is it the nature of the victim? The nature of the attacker? The nature of the damage? Or a combination of them all?
Oxford's Reference Dictionary defines an act of war as: "An act by one nation intended to initiate or provoke a war with another nation; an act considered sufficient cause for war." That's a good definition, but it leaves some ambiguity when applied to the realm of cybersecurity.
How do you treat acts of espionage, in this context? Does infecting a country's industrial machinery with a custom-designed virus that caused it to fail destructively count? What about infecting a government supplier and then leveraging that breach to intrude into your rival government's agencies? Both cases have a massive impact on the rival state, though the intent was not to provoke a shooting war.
Incidents in cyberspace have not translated into a shooting war in the real world.
It's yet to cross the line and manifest in the real world as a hot war.
Figuring out whether it was an act of war will fall to the politicians and diplomats - where it belongs.
News URL
https://threatpost.com/crossing-line-cyberattack-act-war/165290/