Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Editorial
Cyber War and International Law
The theme of this special issue is cyber war and international law. More specif-
ically, this special issue examines the application of the international law on the
use of force (jus ad bellum) and international humanitarian law (jus in bello)
to cyber war.
It is a truism to say that, nowadays, information and communication technol-
ogy forms an integral part of our lives, and that societies as well as states are
dependent upon such technology to carry out their manifold activities. Indeed,
the cyber space as the global digital communications and information infrastruc-
ture1 can deliver immense benefits to individuals and societies but at the same
time can be the source of many threats and vulnerabilities. Due to the depend-
ency of modern societies on cyber technology, cyber security has become a
number one state priority.2 Perhaps one of the most serious threats facing
states is the use of cyber capabilities to conduct military style operations with
the aim of degrading, denying or destroying information resident on computers
or computer networks. Such threats fall under the banner of cyber war.
Conceding that cyber threats are here to stay and that states need to respond
to such threats, questions immediately arise as to whether and to what extent
international law can apply to cyber activities. These are legitimate questions
because the relevant rules have been developed for different types of situations
or events, whereas cyber security involves many additional complicating factors,
such as the anonymity, speed and multi-level nature of cyber operations, the
wide availability of cyber weapons, the easy access by non-state actors to cyber
weapons and the destructive direct or indirect effects that cyber attacks can
1
P Cornish, D Livingstone, D Clemente and C Yorke, On Cyber Warfare, A Chatham
House Report (Royal Institute of International Affairs 2010) 5www.chathamhouse.
org.uk4 (accessed 19 June 2012).
2
For example, in the context of the UK see the UK National Security Strategy (2010)
5http://www.direct.gov.uk/prod_consum_dg/groups/dg_digitalassets/@dg/@en/documents/
digitalasset/dg_191639.pdf?CIDPDF&PLAfurl&CREnationalsecuritystrategy4
(accessed 19 June 2012); Securing Britain in an Age of Uncertainty: The Strategic Defence
and Security Review (2010) 5http://www.direct.gov.uk/prod_consum_dg/groups/dg_
digitalassets/@dg/@en/documents/digitalasset/dg_191634.pdf?CIDPDF&PLAfurl&
CREsdsr4 (accessed 19 June 2012); The UK Cyber Security Strategy Protecting and
Promoting the UK in a Digital World (2011) 5https://update.cabinetoffice.gov.uk/sites/
default/files/resources/uk-cyber-security-strategy-final.pdf4(accessed 19 June 2012). In re-
lation to the US, see National Security Council, The Comprehensive National
Cybersecurity Initiative (2009)5http://www.whitehouse.gov/cybersecurity/comprehensive-
national-cybersecurity-initiative4 and White House, International Strategy for
Cyberspace: Prosperity, Security, and Openness in a Networked World (2011) 5http://
www.whitehouse.gov/sites/default/files/rss_viewer/international_strategy_for_cyberspace.
pdf4(accessed 19 June 2012).
..............................................................................
Journal of Conflict & Security Law (2012), Vol. 17 No. 2, 183186
184 Editorial
property. It follows that a cyber attack that only causes non-physical damage,
such as the attack against Estonia in 2007, will not qualify as an unlawful use of
force. However, Buchan argues that such a cyber attack will nevertheless violate
the principle of non-intervention where it can be regarded as coercive in nature;
this being that the attack is deployed with the intention of forcing the victim
state into a change of policy.
Assuming that a cyber attack amounts to an armed attack for self-defence
purposes, Tsagouriass contribution examines the question of attribution. For
him, attribution has technological, political and legal aspects which interact with
each other. As far as the legal aspects of attribution are concerned Tsagourias
submits that, according to prevailing international legal standards, an armed
attack in cyberspace will be attributed to a state where it has been committed
by an organ or agent of that state. Furthermore, attribution can be established
on the basis that a state has tolerated the existence of a non-state actor that then
commits a cyber attack. Indeed, Tsagourias suggests that, even if no state is
implicated in the cyber attack, customary law going back to the Caroline case
permits self-defence action against the non-state actor that has committed the
cyber attack.
Schmitts article opens the second part of this special issue by addressing how
cyber conflicts should be characterised for the purpose of international humani-
tarian law and, in particular, whether they give rise to an international or a
non-international armed conflict. In this regard, the author considers the ques-
tion of whether cyber attacks satisfy the requirement of international, armed
and attack for the purposes of the law of international armed conflict. In rela-
tion to the law of non-international armed conflict, the author considers the
question of whether a cyber group can be qualified as organised and what is
the required threshold of intensity of a cyber attack.
Dinsteins contribution focuses on the principle of distinction in international
cyber conflicts. For Dinstein, the principles of distinction, proportionality and
precaution apply to cyber war but their application is complicated because of the
complexity of cyber technology and the interconnectivity of computer systems.
Finally, Turnss contribution considers the application of the notion of direct
participation in hostilities to cyber war. In this context, he applies the criteria
developed by the International Committee of the Red Cross in its 2005
Interpretive Guidance; namely, the threshold of harm, direct causation and bel-
ligerent nexus. For him, direct causation is the most problematic in the context
of cyber war. He then goes on to consider the legal status of non-military per-
sonnel that are involved in the design, installation and operation of cyber weap-
onry and, more specifically, whether such non-military personnel can be
regarded as directly participating in hostilities. His findings are mixed, with
certain personnel not satisfying all the criteria all the time.
All the papers in this special issue, with the exception of Professor Schmitts,
have been presented at a workshop organised at the University of Glasgow in
October 2011. We would like to express our gratitude to the School of Law, the
186 Editorial
ASRF and the Chancellors Fund at the University of Glasgow and also to the
University of Sheffield for their generous financial support, without which this
workshop could not have been held. We would also like to thank all the par-
ticipants in the workshop. In particular, we would like to extend our gratitude to
Professor Terry Gill and Professor Eric Myjer for chairing the panels and to
Professor Robert Cryer and Professor Nigel White for providing concluding
comments to the workshop. Finally, we would like to thank the editors of the
Journal of Conflict and Security Law for publishing the papers. We believe that
their publication is timely and will contribute to the legal and policy debates on
cyber war in the years to come.