Cyberconflict and warfare
Cyberattacks can have origin in international relations or bring about consequences that could escalate to a political and diplomatic level. An increasing number of states are developing their own cyber tools for the defence, offence, and intelligence related to cyber conflict.
The use of cyberweapons by states – and, more generally, the behaviour of states in cyberspace in relation to maintaining international peace and security – has moved itself to the top of the international agenda.
Dealing with cyber conflicts as a policy issue is a growing topic for both the inter-state negotiations within the UN Open-Ended Working Group (OEWG) and the academic and policy discussions (e.g. the ICRC). The rapid use of ICTs in the context of armed conflicts and inter-state conflicts, along with the ongoing development and publication of some of the national positions and views on the applicability of international law and international humanitarian law (IHL), continuously adds more substance to this global issue and, at the same time, makes the global agenda more diverse, highlighting new nuances.
The complex nature of cyber conflict
The traditional forms of war are well known. The established international law regulates the conduct of armed conflict and seeks to limit its effects, as is the case with the existence of the Geneva Convention, which protects those not a part of the fighting. The rules of war, however, are different in case of the possible event of interstate cyber conflicts, which are still not well defined.
One of the major characteristics of the cyber conflict is the almost-impossible attribution of an attack even to specific users, let alone to sponsorship by any state, due to the complex and sophisticated weapons used, which are able to work through several proxy layers (including botnets). Another difference between a conventional war and a possible cyberwar or hybrid war (with actions taking place both on ground and in the cyber sphere), however, exists in scale: cyber incidents do not take place between two nations while other countries simply silently watch. The internet is a global resource and cyberweapons, such as botnets, will employ the computing resources of other nations, thus making cyberwarfare effectively global. The role of private actors owning and/or managing ICT infrastructure in inter-state conflicts add further complexity to the issue by highlighting the existing blurred lines between the military and the civilian objects, as well as the risks of spillover effects. The relatively easy ‘entry’ of civilians into the conflicts with the use of ICTs (e.g. smartphones) reasonably highlights the issues of cyber conflicts and cyberwarfare and internet governance, as well as that cybersecurity topics are all intertwined.
Responsible state behaviour in cyberspace and cyber conflicts: open issues
In 2013, the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) prepared the Tallinn Manual elaborating on the implementation of the existing international humanitarian law on entering and conducting a war (jus ad bellum and jus in bello) in cyberspace. In 2017, the 2.0 version was published to provide further detail, while in 2021, the CCDCOE launched the Tallinn Manual 3.0 Project – a five-year process to revise existing chapters, explore new topics, and thus keep up with the state practice in cyberspace.
This draft recommends the establishment of an international body named the Agency for Information Infrastructure Protection (AIIP). The UN Governmental Group of Experts in its latest 2021 report, as well as all UN Member States with the adoption of the 2021 UN Open-ended working group (OEWG) report. confirmed that the existing international law and international humanitarian law applies to cyberspace, but what remains to be discussed is how it applies in practice. The OSCE has also developed the Confidence Building Measures to enhance cooperation and prevent cyber conflicts.
In context: The state of offensive cyber capabilities
Incidents of cyber sabotage or cyberespionage have accelerated cyber armament. Some countries have declared ‘cyber’ the fifth military domain (after land, sea, air, and space). Many countries have established significant budgets for building military cyber capabilities – both offensive and defensive. Mapping publicly available documents, such as national strategies, military doctrines, official statements, and credible media reports, presents evidence and indication that offensive cyber capabilities (OCCs) exist or are being built in almost 50 states.