The advent of cyberwarfare raises any number of legal quandaries, let alone ethical ones: when it's possible to do serious damage without crossing a border or firing a shot, where do you stop? NATO's Cooperative Cyber Defence Centre of Excellence (CCDCOE) is publishing the finished version of a non-binding guide, the Tallinn Manual, that could settle at least the legal disputes. For the most part, it demands a measured, one-for-one response and attempts to minimize collateral damage. Digital retaliation is appropriate if the state is a victim of a hacking attack, but bombs and guns should only come into play if virtual combat leads to real casualties. Any attacks should likewise steer clear of civilians, and simply having the capacity or desire for a hacking campaign doesn't make someone a target -- there has to be an "imminent" threat to justify a preemptive strike. NATO isn't formally adopting the Tallinn Manual as policy, and it's difficult to know whether the organization's member nations (or any other country) would honor the guidelines when parties on all sides have been pushing the boundaries of cyberwarfare for years. Still, we'll have to start somewhere if we want to draw a line in the silicon.
[Image credit: US Army, Flickr]