This Friday NATO announced that the Petya malware cyber attack which had hit over 12, 000 devices in around 65 countries on Tuesday, is believed to be the work of a state actor and is a potential act of war, triggering Article 5 of the North Atlantic Treaty and responses might be with military means.
If a nation is determined to be responsible, “this could be an internationally wrongful act, which might give the targeted states several options to respond with countermeasures.” The UK’s defence secretary announced this week that his country was prepared to respond to cyber attacks “from any domain - air, land, sea or cyber.”
Legally speaking, if Article 5 is triggered by an attack on one member, the other members are required to join in retaliation but Friday’s press release emphasises that we don’t know enough about the origin of NotPetya or the intentions behind its release at this time.
The attack which hit major industries from advertising to oil was designed to cause disruption, not to make financial gains, according to experts.
“If the operation could be linked to an ongoing international armed conflict, then law of armed conflict would apply, at least to the extent that injury or physical damage was caused by it, and with respect to possible direct participation in hostilities by civilian hackers, but so far there are reports of neither,” wrote Tomáš Minárik, a researcher at NATO CCD COE.
Minárik justified full on IRL military conflict but it doesn’t mean that NATO couldn’t respond in cyber-realm if it determined that a government was responsible for NotPetya.
The "Petya" ransomware attack encrypted files on a computer and demanded $300 worth of the cryptocurrency bitcoin in order to unlock them. Kaspersky Lab estimates at least 2,000 targets were affected, mostly in Russia and the Ukraine, but attacks were registered in several other countries, including Germany, the U.K. and China.