Cyberwarfare's Impact: International Law And Elections At Risk

Cyberwarfare and its legality under international law is a complex issue. The UN Charter prohibits the use of force against the territorial integrity or political independence of any state, but the definition of force in the context of hacking is unclear. The Group of Governmental Experts (GGE) and the Open-Ended Working Group (OEWG) are two UN bodies that consider the rules and laws that could or should apply to cyberwarfare.

Determining whether cyber activities violate international law depends on two factors: first, whether the actions can be attributed to a state, and second, whether the act breaches an obligation owed to another state under international law.

Cyber activities that could be considered a violation of international law include interfering with a state's ability to conduct an election, such as causing a miscount or blocking e-voting, or targeting a candidate's campaign website or social media presence with denial-of-service attacks.

However, the line between permitted influence and prohibited coercion is not always clear, especially when it comes to information operations and disinformation campaigns. The legality of cyber activities also depends on the scale and effects of the operations, such as how widespread the impact is and how serious its effect on the election is.

The issue of attribution further complicates the matter, as it can be challenging to definitively link cyber activities to a specific state, especially when non-state actors are involved.

Overall, the applicability of international law to cyberwarfare, especially in the context of elections, remains a grey area, with ongoing debates and uncertainties surrounding key concepts and norms.

Does cyber warfare break international law?

The question of whether cyber warfare breaks international law is a highly complex and evolving issue. While there is no definitive answer, several principles and frameworks help guide the discussion.

Firstly, the United Nations (UN) Charter prohibits the "use of force against the territorial integrity or political independence" of any state. However, defining what constitutes "force" in the context of hacking and cyber operations is challenging. For instance, former US State Department Legal Adviser Harold Koh stated that "cyber activities that proximately result in death, injury, or significant destruction would likely be viewed as a use of force." This view is widely accepted by international legal experts.

The International Committee of the Red Cross (ICRC) has also published rules of engagement for civilian hackers active in wars. These rules are based on international humanitarian law and aim to minimise collateral damage caused by cyberattacks during conflicts. The rules forbid targeting civilian objects, deploying uncontrollable viruses, and threatening to terrorise citizens.

Additionally, the 2015 Group of Governmental Experts (GGE) affirmed that the UN Charter applies to state activity in cyberspace. They also concluded that state sovereignty and its corresponding norms and principles apply to cyberspace, and that states have jurisdiction over cyber infrastructure within their territory.

Despite these developments, ambiguity persists in the field of cyber warfare and international law. States often deliberately obscure their cyber activities, making it difficult to determine their legal obligations and responsibilities. Furthermore, the rapid evolution of cyber technologies poses a constant challenge for the law and policy governing cyberspace.

To address these complexities, international collaboration and robust legal frameworks are necessary to hold individuals and nations accountable for their cyber activities. The International Criminal Court (ICC), for example, has committed to investigating and prosecuting cybercrimes that violate existing international law, such as war crimes, crimes against humanity, and genocide.

In conclusion, while cyber warfare may not explicitly break international law, it operates in a legal grey area. As cyber capabilities advance and become more prevalent, states must prioritise developing effective defences, forming multilateral alliances, and continuously researching and implementing novel cybersecurity solutions to protect global peace and security.

What is 'force' in the context of hacking?)

The interpretation of "force" in the context of hacking is a complex and evolving issue. The UN Charter prohibits the "use of force against the territorial integrity or political independence" of any state, but the exact definition of "force" in relation to cyber activities is still being debated.

In 2012, then-State Department Legal Adviser Harold Koh stated that "cyber activities that proximately result in death, injury, or significant destruction would likely be viewed as a use of force." This view is widely accepted by international legal experts. However, Koh's remarks do not explicitly state that "death, injury, or significant destruction" are necessary conditions for a cyber act to constitute a use of force.

The International Court of Justice (ICJ) has also provided some insight on the matter. In a case between the United States and Nicaragua, the ICJ characterized "arming and training" rebels as "involving the use of force." This suggests that a use of force in the cyber context need not necessarily result in physical destruction or harm.

The complex nature of cyber activities and the rapidly evolving technological landscape present unique challenges in defining and interpreting "force" in this domain. The Group of Governmental Experts (GGE) and the Open-Ended Working Group (OEWG), two UN bodies, are currently examining these issues and working towards providing clarity and guidance on the application of international law to acts of cyber warfare.

In the context of hacking and cyber warfare, "force" can be understood as any cyber activity that results in significant physical or virtual destruction, disruption, or harm. This can include activities that compromise critical infrastructure, disrupt essential services, steal sensitive information, or result in financial loss or damage to a target.

It is important to note that the interpretation of "force" in the context of hacking is still evolving, and the actions that constitute a use of force may vary depending on the specific circumstances and the nature of the cyber activity involved.

Can cyber warfare be considered a war crime?

The question of whether cyberwarfare can be considered a war crime is a complex one, with no clear consensus among experts. While some argue that it does not meet the threshold of a war crime, others assert that it can cause significant harm and disruption, potentially violating international laws and norms.

Defining Cyberwarfare

Before delving into the question of whether cyberwarfare constitutes a war crime, it is essential to understand what cyberwarfare entails. Cyberwarfare refers to the use of cyber attacks against an enemy state, aiming to cause comparable harm to traditional warfare or disrupt vital computer systems. The outcomes of such attacks can include espionage, sabotage, propaganda, manipulation, or economic warfare. However, there is ongoing debate over the definition of cyberwarfare, and no widely agreed-upon definition exists.

International Laws and Norms

When considering whether cyberwarfare can be classified as a war crime, it is important to examine relevant international laws and norms. The UN Charter prohibits the "use of force against the territorial integrity or political independence" of any state. Additionally, international humanitarian law, including the Geneva Conventions, bans attacks on civilian targets. The interpretation of these laws in the context of cyberwarfare is subject to debate.

Arguments Against Cyberwarfare as a War Crime

One argument against considering cyberwarfare as a war crime is the notion that cyber attacks do not meet the threshold of "use of force" or "armed attack." This perspective holds that cyber operations must involve a significant use of force or result in death, injury, or significant destruction to be considered a war crime. Proponents of this view argue that cyber attacks primarily target data and computer systems, which does not constitute the same level of physical harm as traditional warfare.

Arguments For Cyberwarfare as a War Crime

On the other hand, supporters of classifying cyberwarfare as a war crime argue that it can have far-reaching consequences and cause significant harm. They contend that cyber attacks on medical facilities, power control systems, and other critical infrastructure can have a profound impact on civilians, potentially resulting in starvation, epidemics, and panic. Additionally, the widespread adoption of military cyber capabilities by states underscores the potential threat posed by cyber attacks.

Ambiguity and Challenges

The ambiguity surrounding the definition of cyberwarfare and the interpretation of international laws in this context presents challenges. The distributed nature of internet-based attacks makes it difficult to determine the motivation and identity of the attacking party, blurring the lines between cybercrime and cyberwarfare. Furthermore, the rapid evolution of cyber capabilities and the involvement of both state and non-state actors contribute to the complexity of the issue.

The Way Forward

Given the evolving nature of cyber threats and the potential impact on civilians, there is a growing recognition of the need to adapt international laws and norms to address cyberwarfare. Efforts such as the establishment of the Group of Governmental Experts (GGE) and the Open-Ended Working Group (OEWG) by the UN reflect the importance of clarifying and establishing guidelines for cyber operations.

In conclusion, while cyberwarfare may not fit the traditional definition of a war crime, the evolving nature of cyber threats and their potential impact on civilians cannot be understated. As cyber capabilities advance and states increasingly adopt them, the international community must work towards establishing clear guidelines and accountability mechanisms to address this complex issue.

How can international cooperation help address cyber threats?

International cooperation is key to addressing cyber threats and enhancing global cyber security. The borderless nature of cyber threats and the increasing sophistication of malicious cyber activities demand collaboration between states, international and regional organisations, and other entities.

Firstly, international cooperation can facilitate the development and implementation of international cyber norms and laws. For instance, the United Nations Group of Governmental Experts (UN GGE) has played a crucial role in establishing a common approach to how governments should behave in cyberspace, including recommending basic norms such as refraining from conducting or supporting cyber activities that intentionally damage critical infrastructure. However, challenges remain in reaching a consensus on the applicability of international law to cyber activities, and there is a need for continued dialogue and the establishment of cyber norms that are accepted and respected by all major powers.

Secondly, international cooperation can enhance information and intelligence sharing, mutual assistance, and coordination during cyber incidents. Strategic alliances and multilateral relations are essential in responding effectively to cyber crises. For instance, the North Atlantic Treaty Organization (NATO) Cooperative Cyber Defence Centre of Excellence (NATO CCD COE) focuses on improving practical cooperation and information sharing among its members, conducting exercises, and providing training to enhance cyber defence capabilities.

Thirdly, international cooperation can promote the adoption and implementation of national cybersecurity strategies. Many countries are recognising the importance of cybersecurity as a national security priority and are developing comprehensive strategies that involve a range of national stakeholders, including critical infrastructure providers, law enforcement agencies, and international organisations.

Additionally, international cooperation can foster capacity-building initiatives to enhance cybersecurity awareness, education, and training. For example, the International Telecommunication Union's (ITU) Global Cybersecurity Agenda includes a capacity-building pillar, with efforts such as public awareness campaigns, cybersecurity research and development, and national education programmes.

Finally, international cooperation can establish and strengthen public-private partnerships, information-sharing networks, and cooperative agreements. For instance, Australia's International Cyber Engagement Strategy aims to enhance public-private collaboration and collaboration between countries.

In conclusion, international cooperation is vital to addressing cyber threats effectively. By working together, states and organisations can develop and implement cyber norms and laws, enhance information sharing and mutual assistance, promote national cybersecurity strategies, build capacities, and establish partnerships. These efforts are essential to mitigate the growing cyber threats posed by both state and non-state actors and to protect the stability and resilience of the global digital economy.

What are the rules of engagement for civilian hackers in wars?

The International Committee of the Red Cross (ICRC) has outlined eight rules of engagement for civilian hackers involved in armed conflicts, also described as a "Geneva Code of cyber-war". These rules are not new but restate existing legal obligations.

Rules for Civilian Hackers

• Do not direct cyber attacks against civilian objects: This includes civilian infrastructure, public services, companies, private property, and arguably civilian data. Military objectives, on the other hand, comprise the physical and digital infrastructure of a warring party's military and may include civilian objects depending on their usage by the military.
• Do not use malware or other tools that spread automatically and damage military and civilian targets indiscriminately.
• When planning a cyber attack against a military target, do everything feasible to avoid or minimize the impact on civilians: For example, if disrupting electricity or transportation services used by the military, ensure that the operation does not unintentionally affect civilians.
• Do not conduct any cyber operation against medical and humanitarian facilities.
• Do not conduct any cyber attack against objects indispensable to the survival of the population or that can release dangerous forces: This includes dams, dykes, nuclear electrical generating stations, chemical plants, drinking water installations, and irrigation systems.
• Do not make threats of violence to spread terror among the civilian population: For example, hacking into communication systems to spread information designed to terrorize civilians is prohibited.
• Do not incite violations of international humanitarian law: Do not encourage or enable others to conduct cyber or other operations against civilians or civilian objects.
• Comply with these rules even if the enemy does not: Revenge or reciprocity are not valid excuses for violating international humanitarian law.

Obligations of States

The ICRC has also outlined four obligations for states to restrain civilian hackers:

• States should not encourage or tolerate civilian hackers conducting cyber operations in armed conflicts.
• If civilian hackers act under the instruction or control of a state, that state is legally responsible for any conduct that violates international law, including international humanitarian law.
• States must not encourage civilians or groups to act in violation of international humanitarian law.
• States have a due diligence obligation to prevent international humanitarian law violations by civilian hackers on their territory. This includes adopting and enforcing national laws that criminalize cyber operations amounting to war crimes and taking effective measures to stop other violations.

Frequently asked questions