Proving a State’s Involvement in a Cyber-Attack: Evidentiary Standards before the ICJ

“…2) as an exercise of the right of self-defence, or 3) as a reaction out of necessity. Given that most cyber operations happen below the threshold of an armed attack 6 (only in case of the latter would a state be able to respond in self-defence 7 ), it makes sense to take a look at countermeasures first before addressing self-defensive measures. "Necessity" as a response option should be seen as a last resort, given the high threshold and non-reliance on attribution (on these criteria, see in detail below).…”

Malicious Cyber Operations, “Hackbacks” and International Law: An Austrian Example as a Basis for Discussion on Permissible Responses

“…2) as an exercise of the right of self-defence, or 3) as a reaction out of necessity. Given that most cyber operations happen below the threshold of an armed attack 6 (only in case of the latter would a state be able to respond in self-defence 7 ), it makes sense to take a look at countermeasures first before addressing self-defensive measures. "Necessity" as a response option should be seen as a last resort, given the high threshold and non-reliance on attribution (on these criteria, see in detail below).…”

Malicious Cyber Operations, “Hackbacks” and International Law: An Austrian Example as a Basis for Discussion on Permissible Responses