UK tells UN that nation-states should retaliate against cyber badness with no warning

Even nuclear missile attacks came with a 4-minute heads-up

Comment Britain has told the UN that international cyber law should allow zero-notice digital punishment directed at countries that attack others' infrastructure.

A statement made by UK diplomats to the UN's Group of Governmental Experts on Advancing Responsible State Behaviour in the Context of International Security (UN GGE) called for international law to permit retaliation for cyber attacks with no notice.

"The UK does not consider that States taking countermeasures are legally obliged to give prior notice (including by calling on the State responsible for the internationally wrongful act to comply with international law) in all circumstances," said the British submission to the UN GGE, made in advance of the G7 heads of government meeting in Cornwall this week.

The declaration marks a break with cautious British policy from just two years ago, when then-foreign secretary Jeremy Hunt warned against "cyber interference" becoming "commonplace". It is, however, in line with subtly aggressive rhetoric deployed by the Ministry of Defence in its Integrated Review earlier this year.

Government and policy sources have previously told The Register that UK policy is aimed at building international consensus around cyber norms, making it easier to confront Russia, China, Iran, and similar cyber-rogues.

Back in 2019 Hunt had said the UK should be "more emphatic about what we consider to be unacceptable behaviour and the consequences for any breach of international law" while tempering that with warnings about normalising international hacking, but under current foreign secretary Dominic Raab it appears UK policy officials are less worried about inflaming international tensions.

"Any decision to resort to countermeasures without prior notice must be necessary and proportionate to the purpose of inducing compliance in the circumstances," added the UK GGE submission, in a nod to those wanting the world wide web to remain a safe (ish) place to do business and interact with others.

Coming as the western world staggers under the impact of ransomware attacks launched mainly from Russia and Russia-aligned countries, the call for digital retaliation to be launched without warning could be seen as an increasing of pressure against those countries. Britain has also been quietly boasting of initiatives such as the National Cyber Force, an offensive hacking unit supposedly dedicated to attacking online enemies of the government.

Support for increasing weaponisation of cyberspace from prominent UK figures has been lukewarm: last year ex-NCSC chief Ciaran Martin raised the notion that policy makers were "oddly deferential and therefore unquestioning" when presented with the weapon-like capabilities of the NCF.

"Prior notice may not be a legal obligation when responding to covert cyber intrusion with countermeasures or when resort is had to countermeasures which themselves depend on covert cyber capabilities." ®

Broader topics

Other stories you might like

  • Despite global uncertainty, $500m hit doesn't rattle Nvidia execs
    CEO acknowledges impact of war, pandemic but says fundamentals ‘are really good’

    Nvidia is expecting a $500 million hit to its global datacenter and consumer business in the second quarter due to COVID lockdowns in China and Russia's invasion of Ukraine. Despite those and other macroeconomic concerns, executives are still optimistic about future prospects.

    "The full impact and duration of the war in Ukraine and COVID lockdowns in China is difficult to predict. However, the impact of our technology and our market opportunities remain unchanged," said Jensen Huang, Nvidia's CEO and co-founder, during the company's first-quarter earnings call.

    Those two statements might sound a little contradictory, including to some investors, particularly following the stock selloff yesterday after concerns over Russia and China prompted Nvidia to issue lower-than-expected guidance for second-quarter revenue.

    Continue reading
  • Another AI supercomputer from HPE: Champollion lands in France
    That's the second in a week following similar system in Munich also aimed at researchers

    HPE is lifting the lid on a new AI supercomputer – the second this week – aimed at building and training larger machine learning models to underpin research.

    Based at HPE's Center of Excellence in Grenoble, France, the new supercomputer is to be named Champollion after the French scholar who made advances in deciphering Egyptian hieroglyphs in the 19th century. It was built in partnership with Nvidia using AMD-based Apollo computer nodes fitted with Nvidia's A100 GPUs.

    Champollion brings together HPC and purpose-built AI technologies to train machine learning models at scale and unlock results faster, HPE said. HPE already provides HPC and AI resources from its Grenoble facilities for customers, and the broader research community to access, and said it plans to provide access to Champollion for scientists and engineers globally to accelerate testing of their AI models and research.

    Continue reading
  • Workday nearly doubles losses as waves of deals pushed back
    Figures disappoint analysts as SaaSy HR and finance application vendor navigates economic uncertainty

    HR and finance application vendor Workday's CEO, Aneel Bhusri, confirmed deal wins expected for the three-month period ending April 30 were being pushed back until later in 2022.

    The SaaS company boss was speaking as Workday recorded an operating loss of $72.8 million in its first quarter [PDF] of fiscal '23, nearly double the $38.3 million loss recorded for the same period a year earlier. Workday also saw revenue increase to $1.43 billion in the period, up 22 percent year-on-year.

    However, the company increased its revenue guidance for the full financial year. It said revenues would be between $5.537 billion and $5.557 billion, an increase of 22 percent on earlier estimates.

    Continue reading

Biting the hand that feeds IT © 1998–2022