1. It can only be an act of war if it was done by a nation state. Even though the US likes to declare war on abstract concepts like "drugs" and "crime", that is not how it works in international law.
2. Terrorism has similarly precise definitions, usually along the lines of "the act has to be in pursuit of political aims". Just because its a big and important target does not make it political, ransomware is an economic crime.
Kinda fair, but "duty to intervene" is heckin' vague. A nation can easily claim to have tried but failed. In any case, with all due respect to the Irish military I don't think they are quite up to invading any of the usual suspects when it comes to harboring extensive cyber operations.
If the attackers are acting under the protection or tacit approval of a foreign government then you can bet that somewhere, someone is prepping a policy paper for kenetic responses. Given the recent pipeline issue and its national security implications I am not going to be surprised at all if some hackers in Russia end up dead from 'accidents' that are so obviously not accidents that no one is fooled.
> If the attackers are acting under the protection or tacit approval of a foreign government then you can bet that somewhere, someone is prepping a policy paper for kenetic responses.
Diplomatic posturing aside ("We will treat any intrusion attempt on our networks as an agression"), literally no government actually wants to go to war over a hack.
> Given the recent pipeline issue and its national security implications I am not going to be surprised at all if some hackers in Russia end up dead from 'accidents' that are so obviously not accidents that no one is fooled.
This is even more nonsensical. Certainly governments would benefit way more from hiring those hackers and/or buying vulns from them than killing them. Especially in less-friendly countries like Russia.
> no government actually wants to go to war over a hack
The war started more than a decade ago. Like the Cold War that preceded it, there is little value in pretending the conflict does not exist nor that escalation is impossible.
Here I was thinking about how wonderful it would be to live in a nation like Ireland, where hacks can happen without interested parties attempting in pathetic fashion to cover their asses by invoking the specter of RussiaRussiaRussia... I should have known someone would break the spell.
Not talking about the Irish attack, but rather the Colonial Pipeline one. The ransomware group in that case are a well-known Russian gang who ended up putting out a press release apologizing for the inconvenience to everyone and that they just wanted money. Sometimes that specter isn't a phantom but actually exists; the only spell to be broken here was your own delusion.
So, do you believe the press release? They clearly disavow connection to any of the dozens of national governments on earth who are subject to USA sanctions: "We are apolitical, we do not participate in geopolitics, do not need to tie us with a defined goverment and look for other our motives." Do you only believe part of that press release? How did you decide which part to believe? Maybe just the parts that threaten to cause global thermonuclear war?
Of course I knew what you were talking about; the war media has been beating this drum for at least a week even though it was obvious from the start that Colonial do shit work and grasp at any straw to excuse that. Anyone who wants to see more of that CYA bullshit can find plenty to see, so your jingoistic and warmongering comment has no place in this thread. Foment war among nuclear powers elsewhere.
I believe the actual professionals who do assessments on these actors and who specialize in analysis and attribution. Then again, I happen to know some of them and know the field. You apparently know little about this subject but seem desperate to turn this into some sort of political fight. Your intentions and objectives are quite clear: it is more important for you to deflect blame from Russia or Russian hackers (even those who may only be acting with the protection of some wing of the government and not being directed by same) and truth is of little consequence.
What a complete waste of time it is discussing anything on HN that you touch.
> It can only be an act of war if it was done by a nation state
This is not true. For example major countries like the United States and the United Kingdom are not nation states but can still commit acts of war under international law.
You’d think these attacks would be worth some tit for tat. If people and companies were physically raided by groups, the govt would likely take action. I’m not sure what the difference is. (And to those saying it’s not international law, that’s just made up anyways so I’m not sure why that’d matter now).
disrupting healthcare systems is likely to provoke physical damage to patients. To me this is even worse than a physical attack to a company because it affects those who deserve it the least. It's morally disgusting and would deserve serious counter measures. If backed by a state it is worth some serious sanctions or worse.
2. Terrorism has similarly precise definitions, usually along the lines of "the act has to be in pursuit of political aims". Just because its a big and important target does not make it political, ransomware is an economic crime.