The International Committee of the Red Cross (ICRC) is calling for a digital emblem to signify areas online that are off limits to cybercriminals in times of conflict, indicating that they are protected by International Humanitarian Law (IHL). While this system, dubbed a Digital Red Cross or Digital Red Crescent, may work for military institutions that are prepared to comply with international law, it is less likely to have an impact on ruthless cybercriminals and could be open to abuse.

digital red cross
A Digital Red Cross may protect crucial online resources from falling into the wrong hands. (Photo by rospoint/Shutterstock)

An ICRC report released today argues that in the era of hybrid warfare, a digital emblem should be established to signify to cybercriminals and military personnel online that some sites contain information that cannot be tampered with. It would operate in the same way the Red Cross and Red Crescent protect medical professionals on the physical battlefield.

The project began in 2020, in partnership with the Johns Hopkins University Applied Physics Laboratory (APL) and the centre of Cyber Trust (CECYT) and the Australian Red Cross.

How would a Digital Red Cross work?

The humanitarian body is calling on governments, members of the Red Cross and Red Crescent movement and IT experts from the medical, humanitarian, military and security fields to “join forces and develop concrete ways to protect medical and humanitarian services from digital harm during armed conflict”.

It has identified three potential technical solutions: A DNS-based emblem, which would use a special label to link the “digital emblem” to a domain name. Alternatively, an IP-based emblem could use part of the IP address to identify both protected digital assets and protected messages traversing a network. Finally, a so-called ADEM, or authenticated digital emblem, could be set up to use certificate chains to signal protection. In this approach, “these certificates can be authenticated by different actors and communicated over different Internet protocols,” the ICRC says.

Secure measures must be drawn up to protect this information: “Protection against harmful cyber operations requires cybersecurity measures to be implemented by each protected entity,” the report says. The ICRC recognises that a digital emblem cannot replace such measures. However, it says it could supplement them by signalling that the marked entity enjoys special protection under international law and must be protected against harm. The emblem must be easy to implement and easy to verify, it adds.

The ICRC has conceded that this may not be possible in its entirety and that the emblem may even increase the risk of valuable sites being targeted. This is the same in the physical world, however, and as such, the project is still worth entering into. “If a digital emblem can reduce the direct or incidental harm to medical and authorised humanitarian actors, even if only by a small proportion, the development and deployment of such an emblem would be a worthwhile initiative”, it reads.

Is a Digital Red Cross viable?

Such a symbol would only be effective against parties that comply with international law. “If it can be expected that the adversary will respect the emblem, there is no reason why the benefits of a digital emblem would be different from those with a physical emblem,” today’s report says.

However, the use of such a signifier could flag to unscrupulous criminals that the site that bears the emblem may harbour valuable data, further endangering the assets. To this, the ICRC has suggested that abusing the digital emblem could be recognised along the same lines as attacks against buildings, medical units and transport in times of war. These are deemed war crimes under the terms of the Geneva Convention.

In the meantime, such a symbol may end up doing more harm than good, says Jake Moore, global security advisor at cybersecurity company ESET. “It’s guaranteed to be misused,” he says. “In the next crisis we have, an earthquake or a tsunami, you name it, it’s going to be abused.”

Once implemented, the technology will be too new not to be copied, he explains. “Maybe in the future it might have some more pillars that verify its existence,” he says, “but whenever you get these new concepts, people don’t know what’s actually genuine or not, it’s all new.”

Read more: Open-source intelligence key in Russia-Ukraine war