[1] Cyberattacks
targeting civilians in Ukraine "raise serious concerns under the Geneva Convention," Microsoft president Brad Smith said in a blog post today.
As the
Geneva Convention aims to protect civilians, "these attacks on civilian digital targets are very closely treading the line if not crossing it," said Danny Lopez, CEO of cybersecurity vendor Glasswall, in an email to VentureBeat. "By targeting innocent bystanders, particularly emergency response and humanitarian aid organizations, that aren't prepared to defend their cybersecurity infrastructure against a global power, nation-state attackers may have gone a step too far."
The four Geneva Conventions are international treaties that define the rules of war and attempt to limit barbaric behavior during wartime. The fourth Geneva Convention is focused on treatment of civilians in war situations.
While the term "war crimes" doesn't appear in the convention itself, the term does appear in the Rome Statute of the International Criminal Court, Article 8, which defines "
war crimes" as "grave breaches of the Geneva Conventions of 12 August 1949." The article lists several acts that would constitute a violation of the Geneva Conventions, including "willfully causing great suffering, or serious injury to body or health." Other violations include "intentionally directing attacks against the civilian population," according to Article 8 of the statute.
>> Read more. [2] The Open Source Security Foundation (OpenSSF), a pan-industry effort launched by the Linux Foundation 18 months ago, has
gained 23 new member organizations as pressure mounts to bolster the software supply chain.
The expansion comes following the White House-hosted open source security summit, which brought together members from across the public and private spheres to discuss how best to address weaknesses in the
software supply chain.
The meetup, which was arranged after the
critical Log4j vulnerability came to light, seemed to have an immediate effect — Google and Microsoft pledged $5 million each to the new OpenSSF-backed Alpha-Omega Project, which is striving to work with open source project maintainers to improve security.
New
members include Huawei, Citi, Coinbase, Wipro, Alibaba, Block (formerly Square), MongoDB, Spotify, and NCC Group.
>> Read more. [3] Technology giant Nvidia said Tuesday that a "
cybersecurity incident" last Wednesday has led to a leak of employee credentials and proprietary information online.
Following reports about the breach last week, a threat actor claimed to have attacked
Nvidia, one of the largest producers of graphics chips, and threatened to post company information on its public Telegram channel.
A source with knowledge of the matter told VentureBeat that the threat actor's claim that Nvidia hacked back is "untrue."
No comments:
Post a Comment