The idea of cyber peace has been thrown around a lot recently by diplomats concerned with the growing threat of conflict over cyberspace says William D King. As states become more connected to each other through the Internet, the likelihood of a cyber attack being mistaken by a state for an act of war increases daily. In this situation, what are the legal precedents that states must follow when it comes to cyber attacks? Are there any? What makes a cyber attack qualify as an “act of war”?
Let’s take a look at some possible scenarios.
- In our previous article on this topic, we argued that cyberspace is becoming increasingly important in international relations and outlined some theoretical cases where one state may consider launching a counter-strike on another. However, these situations were largely theoretical; without actual precedents set in international law to rely on, they were nothing more than speculation about how states might react if attacked in cyberspace.
- So, let’s assume that there is a cyber attack on a state and that the attacked party responds with military force – how would we know if this was “justified” or not? What laws would apply to such a situation? The answer: none. There are no international bodies which regulate cyber warfare and no existing international law which specifically defines what constitutes an act of war in cyberspace.
- In addition, there is currently no way for states to prove their innocence after being accused of launching a cyber attack. If one state launched a counter-strike at another state based solely on accusations by its enemy, it would be impossible to prove whether those accusations were true or false. This lack of transparency also makes it difficult for states to determine which group or individual is responsible for any given cyber attack.
- Therefore, without international standards to abide by and because of the difficulty in determining who attacked whom first, it’s no surprise that diplomats are concerned about the prospect of miscommunication leading to war explains William D King. The current legal system simply doesn’t give us adequate means to handle incidents involving attacks on territories or people through cyber means.
So how do we go about fixing this problem?
- Currently, there are two very different approaches being pursued: one focuses on developing new laws. While the other seeks to improve existing systems that already exist. While neither strategy offers a quick fix for our security problems, each has its own benefits.
- The development of new international norms has not been high on the agenda. At past meetings because of the highly contentious nature of such a project. The most pressing issue is whether cyber war is even an “international” topic – is it more like espionage. Which involves only states and thus largely falls under their own jurisdiction? Or can we classify cyber attacks as falling into an entirely new category. Like attacks on the environment (which is regulated under UNCLOS)?
- Conversely, some scholars have taken the position that existing laws about war are adequate to encompass cyberspace. Graham Allison, for example, argues that states should respond to all cyber attacks as they would nuclear strikes. By launching full-scale counterstrikes against those responsible. He bases his argument on what he feels are similar objectives. In traditional warfare and online conflict: both seek to destroy the enemy says William D King. One problem with this approach is that it may lead to a cyber arms race. Do we really want an environment where states are stockpiling their own arsenals of digital weapons?
- It’s clear at this point that neither strategy offers a perfect solution. To our current crises, but both have merit and should be pursue simultaneously. In fact, one could argue that there needs to be greater dialogue between legal scholars. And military strategists if either party hopes to achieve its objectives.
As stated by Roelof Uytenbogaardt:
“In order for international law on cyberspace to take shape, two different cultures need to converge. The culture of diplomacy and the culture thereof must converge with the culture of war.”
Who needs to start doing what, and where do we go from here?
It would seem that the first step should be took by legal scholars. They need to take a more active role in publicizing this issue and working. With diplomats so as to provide them with effective solutions. In return, diplomats would have to begin including cyber attacks as part of the current framework for war.