Cyber Attacks: Unlawful Uses of Force or Prohibited Interventions?

“…The seeds for the attack were sown even around 2008, when the worm was first infected networks around the world, although causing no grate damage to most systems infected. 36 Initially it was assumed the attacks on the nuclear facility had not been successful, but in the autumn of 2010, reports spread quickly about Iran's uranium enriching capabilities becoming 32 [80][81][82][83][84][85][86][87][88][89][90][91]. The authors also opine that nation states, terrorist groups, hacktivists and cyber criminals to achieve their own goals could use future versions of the virus, and that Stuxnet has started a new arms race, creating serious implications for the security of critical infrastructure worldwide.…”

“…And finally, even if one does conclude that certain cyber operations may fall outside the purview of the jus ad bellum, it is patently incorrect to assert that these would also fall outside the scope of international law generally. Such operations would still be captured within the more general principles of non-intervention 81 and/or the duty of due diligence. 82 While violations of these international norms do not trigger or allow for forcible actions in self-defence, states may still lawfully have recourse to non-forcible countermeasures.…”

Cyber warfare and autonomous self-defence

“…The seeds for the attack were sown even around 2008, when the worm was first infected networks around the world, although causing no grate damage to most systems infected. 36 Initially it was assumed the attacks on the nuclear facility had not been successful, but in the autumn of 2010, reports spread quickly about Iran's uranium enriching capabilities becoming 32 [80][81][82][83][84][85][86][87][88][89][90][91]. The authors also opine that nation states, terrorist groups, hacktivists and cyber criminals to achieve their own goals could use future versions of the virus, and that Stuxnet has started a new arms race, creating serious implications for the security of critical infrastructure worldwide.…”

“…And finally, even if one does conclude that certain cyber operations may fall outside the purview of the jus ad bellum, it is patently incorrect to assert that these would also fall outside the scope of international law generally. Such operations would still be captured within the more general principles of non-intervention 81 and/or the duty of due diligence. 82 While violations of these international norms do not trigger or allow for forcible actions in self-defence, states may still lawfully have recourse to non-forcible countermeasures.…”

Cyber warfare and autonomous self-defence

“…To the extent that cyber intrusions do not meet the criteria for 'use of force', Russell Buchan argues that cyber-attacks that do not cause physical damage violate international law on the basis of the principle of non-intervention as embodied in customary law. 35 Buchan maintains that non-intervention proscribes cyber-attacks that are not destructive so long as the attack is intended to coerce a victim State into a change in policy 'in relation to a matter that the victim State is freely entitled to determine 32 itself'. 36 Although the non-intervention norm has the potential to serve as a legal barrier to disruptive cyber intrusions, there is no indication that any State has relied on Buchan's argument, nor that any court has credited it in a cyber context.…”

An emerging international legal architecture for cyber conflict

“…Others have argued that cyber security issues should be treated as a law enforcement challenge (Schachtman and Singer, 2011). This would require that the international system work collectively to advance international law addressing cyber threats (Buchan, 2012;Hathaway et al, 2012;Nguyen, 2013;O'Connell, 2012;Tsagourias, 2012). The general argument has led some scholars to argue for the importance of an international cyber security regime.…”

Predicting the trajectory of the evolving international cyber regime: Simulating the growth of a social network