Skip to content
SPECIAL

THREATS TO CRITICAL INFRASTRUCTURE IN IRAN CONFLICT

READ MORE

Will victims of cyberattacks get their day in court?

(William Cho / Pixabay)

By Harriet Moynihan, Amal Clooney, Philippa Webb

As geopolitical tensions rise, cyber attacks are intensifying, with public services increasingly targeted. Over 130 countries have experienced cyber disruption. In recent years, ransomware attacks in Costa Rica crippled essential services for months. A cyber attack against Albania paralyzed the border entry system and revealed the identity of police informants. And a months-long ransomware attack on the Irish healthcare system disrupted radiation therapy for hundreds of cancer patients.

AI is “democratizing cybercrime by making cyber tools, such as ransomware-as-a-service, easily available off the shelf. In addition to the human cost — including delays to hospital treatment, lack of power and disruption to education — economic losses are mounting. Last year, 389 healthcare institutions were successfully hit by ransomware in the United States alone. And it is predicted that by 2031, ransomware will attack a device every two seconds and collectively cost victims $265 billion per year.

To date, states have deployed a combination of strategies in response to such cyber operations, such as dialogue (including in the United Nations and between regional bodies), naming and shaming perpetrators or their state sponsors, imposing sanctions on the alleged perpetrators, or disrupting supply chains. But one avenue that has been little used so far is litigation. Few perpetrators of cyber attacks have had to answer for their actions in court.

Read more at Just Security

Click to listen highlighted text!