Non-state actors’ cyber activity in Armed Conflict: impact, implications and remediation
10-18, 14:00–15:30 (Europe/Luxembourg), Schengen 1 and 2

A modern armed conflict has an increasingly elaborate cyber dimension substituting or complementing conventional military operations and originating from both state and non-state parties. Often non-state groups are engaging alongside (and including on behalf of) states in international conflicts without sufficient knowledge of the international law designed to avoid unnecessary harm to civilians and often become victims themselves as de facto parties in a given conflict. They may also deliberately ignore the rules due to sufficiently plausible deniability. Yet, the results of their action to support any of the officially combatant parties, especially targeting civilian objects (including hospitals, schools, community centres etc) might lead to unnecessary casualties as well as otherwise undesirable escalation of the conflict.
With a rich choice of examples of such activities in the current conflict in Europe, it seems an important moment to discuss the understanding of ethical limits to non-state actor behaviour in the use of ICTs to ultimately reduce the activity targeting civilians and the chances of undesirable escalation.

This session will aim to:
- Raise awareness and build knowledge in the community about the potential unwanted consequences of non-state cyber activities and the underlying legal context;
- Discuss together with the participants the observed specific TTPs typically used by non-state actors engaged in the cyber dimension of a conflict and the evolving underlying strategies;
- Potential mitigation and (self-)restraint measures to avoid civilian targets, unnecessary injury or suffering. E.g. See 8 suggested rules for "civilian hackers" proposed by
- Long-term effects of the non-state actor engagement ‘banalisation’ - i.e. potential post-conflict consequences of a laissez-faire attitude to the increasingly militarised broader cyber community

Aleksandra serves as an advisor to the Cyber programme of the Geneva-based Centre for Humanitarian Dialogue (HD).

In 2003 Mauro Vignati started working at the first unit of the Swiss Federal Police fighting cybercrime. Later on, he collaborated to the establishment of MELANI, Switzerland's first centre for public-private partnership on cybersecurity for critical infrastructure. Back in 2013, he set up and led the Cyber Threat Intelligence Division within the Department of Defence in Bern. In 2021, he was tasked to create the Vulnerability Management unit within the National Cyber Security Centre, established to manage vulnerabilities, and lead several projects testing the security of the government infrastructure. He then joined the International Committee of the Red Cross one year later, as advisor on new digital technologies of warfare.

This speaker also appears in:

Elena Rückheim comes from the Geneva-based Centre for Humanitarian Dialogue (HD). As part of HD's cyber programme team, her work focuses on establishing confidence-building measures between adversaries in cyber space through dialogue and mediation. Before joining HD, Elena served as Deputy Head of Unit and Security Analyst at the National IT Situation Centre of the German Federal Office for Information Security (BSI). Prior to moving into operational IT security, she was mainly involved in the drafting of national cybersecurity policies and strategies. This was at the Federal Ministry of Defence, where she was also responsible for managing international bilateral partnerships in the field of cyber defense.