The two largest hacktivist groups involved in the Ukraine conflict have agreed to de-escalate cyber-attacks and follow the rules of engagement set by the International Committee of the Red Cross (ICRC). The ICRC issued the first-ever list of rules for civilian hackers, known as the “Geneva Code of cyber-war.” These rules were initially criticized but are now being accepted by Ukrainian and Russian hackers. The hacktivist groups have been carrying out unsophisticated cyber-attacks that disrupted public services in both Ukraine and Russia. By complying with the ICRC rules, these groups aim to avoid cyber-attacks that affect civilians. This development is expected to significantly reduce the number of cyber attacks on civilian targets.
| Signal | Change | 10y horizon | Driving force |
|---|---|---|---|
| Hacktivist groups vow to de-escalate | Reduction in cyber-attacks on civilian targets | Cyber attacks limited to official or military targets | Compliance with ICRC rules |
| ICRC issues rules for civilian hackers | Attempt to regulate cyber warfare | More regulated and controlled cyber warfare | Desire to protect civilians during conflicts |
| Hacktivist groups comply with ICRC rules | Decrease in cyber-attacks affecting civilians | Less disruption to public services and civilians | Desire to avoid attacks that harm civilians |
| Cyber-attacks disrupt public services | Temporary disruption of banks, hospitals, etc. | Improved cybersecurity measures for public services | Desire to cause friction and further their causes |
| Ukrainian and Russian hackers involved | Involvement of hackers from Ukraine and Russia | Collaboration and cooperation between hackers | Nationalistic motivations and desire to support a cause |
| Hackers target public services | Disruption of railway systems and banks | Increased cybersecurity measures for public services | Desire to disrupt and cause inconvenience |
| Hacktivist groups have close links to Kremlin | Accusations of Kremlin involvement | Potential decrease in Kremlin-linked cyber-attacks | Alleged support from the Kremlin for certain hacktivist groups |
| Cyber-attacks on Ukraine allies | Threat to UK businesses and allies | Decreased cyber-attacks on Ukraine allies | Desire to target Ukraine and its allies |
| Major reduction in cyber attacks | Decrease in overall cyber-attacks | Increased cybersecurity measures globally | Improved awareness and regulations regarding cyber-attacks |
| Other hacktivist groups will not comply | Non-compliance with ICRC rules | Continued disruption and cyber-attacks | Other motivations and causes driving their actions |
| ICRC attempts to end free-for-all | Regulation and control of cyber-gangs | More regulated and controlled cyber-attacks | Desire to mitigate the escalation of cyber-conflicts |