Digital Battlefield: Cyber Space Threats and International Laws

Published On: 26th March, 2024

Authored By: Harmannat Kour
The Law School, University of Jammu

ABSTRACT

This article explores the critical role of military and intelligence actions in cyberspace for safeguarding national security in the modern era. Cyberspace presents unique challenges due to its borderless nature, rapid technological advancements, and vulnerabilities in critical infrastructure. Military operations in cyberspace encompass offensive capabilities, defensive strategies, and legal/ethical considerations, while intelligence agencies play a crucial role in gathering information and countering cyber threats. The cyber threat landscape includes state-sponsored attacks, non-state actors, and various cyber threats, necessitating international cooperation and collaborative efforts in cyber defense. Through case studies like Stuxnet and Russian interference in elections, the article examines real-world examples of cyber warfare and their implications. Future trends and challenges, including emerging technologies and hybrid threats, are also discussed. Ultimately, the article emphasizes the importance of proactive measures to secure cyberspace and ensure national security in the digital age.

KEYWORDS: Cyberspace, Cyber espionage, New Warfield, International Laws

  1. INTRODUCTION:

In today’s interconnected world, the rise of cyberspace as an arena of combat has brought with it a new set of security issues and dangers. From state-sponsored cyber attacks on key infrastructure to the spread of cybercrime and cyber terrorism, the digital domain has become a battleground where governments vie for strategic advantage and bad actors attempt to exploit weaknesses for personal gain. In response to these dangers, military rules and regulations shape governments’ strategies and methods for defending against cyber assaults and ensuring digital security.

At its core, cyberspace encompasses a vast array of interconnected networks, devices, and data repositories that facilitate the exchange of information and the provision of services across the internet. From social media platforms and online banking systems to government databases and industrial control systems, cyberspace underpins the functioning of modern societies and economies. In the annals of warfare, a new frontier has emerged—one that knows no borders operates in the shadows, and wields the power of technology with unparalleled precision. This frontier is known as cyberwar, where battles are fought not with bullets and bombs, but with lines of code and keystrokes.

In this context, understanding the dynamics of cyberspace and developing effective strategies for managing its risks have become paramount for individuals, organizations, and governments alike. By exploring the intricacies of cyberspace, we can better grasp the challenges and opportunities it presents and work towards creating a safer and more secure digital environment for all.

  1. DEFINITIONS AND UNIQUE CHALLENGES POSED BY CYBERSPACE:

According to the National Institute of Standards and Technology, the following are the definitions of Cyberspace:[1]

A worldwide domain inside the information environment consists of the interconnected network of information systems infrastructures including the Internet, telecommunications networks, computer systems, and embedded processors and controllers. [2]

Information technology infrastructures are interconnected networks that comprise computer systems, embedded processors and controllers in critical industries, telecommunications networks, and the Internet.[3]

The interconnected network of information technology infrastructures that includes the Internet, telecommunications networks, computer systems, and embedded processors and controllers in vital sectors..[4]
The complex environment is the consequence of interactions between people, software, and services on the Internet, which use technological devices and networks that do not exist in physical form.[5]

One of the challenges faced in cyberspace is supply chain attacks. A supply chain attack happens when someone jeopardizes your digital infrastructure by leveraging an external supplier or partner who has access to your information and systems.[6] Another challenge is of Ransomware. Ransomware is malicious software that prevents access to data by locking the device or encrypting the files stored on it. Furthermore, ransomware has been known to propagate from one system to another to infiltrate a bigger network, as evidenced by the Wannacry attack on the UK National Health Service in May 2017. The perpetrators of ransomware attacks typically demand money before unlocking your computer or restoring access to your data. This is frequently done through anonymous emails or websites that need payment in cryptocurrencies. Unfortunately, paying the ransom does not always guarantee access, and victims risk losing not only their money but also any sensitive information saved on their devices.[7] Due to its borderless nature, anyone from anywhere can access the data through illegal means.

  1. CYBER ESPIONAGE:

Espionage between nations is not a new occurrence, but in the last several decades, the globe has entered a whole new arena of spying: cyber espionage. This new type of espionage is influencing the economic and political connections between nations, as well as transforming the face of modern combat. As a result, while contemporary technology has given many benefits, it has also created a whole new set of issues. This study will give some context for cyber espionage, such as what it is, how it works, how it is utilized, and who is doing it.

Modern nation-state cyber espionage is characterized by two significant developments that have altered not just the cyberspace landscape but also public perceptions of cyber espionage and conflict. The first of them is that cyber espionage is getting more sophisticated, efficient, and professional. This is understandable as our world grows more reliant on computers, but it is equally frightening to see crime and espionage shifting to the digital realm. The level of sophistication connected with current cyber operations makes it clear that these operations could only have been carried out by huge, powerful groups, namely a few particular countries with the strength and resources to commit to developing such tools.[8] The discovery of the Stuxnet virus in 2010 was one example of this tendency and a watershed moment in cyber espionage history. This shows that cyber espionage is not science fiction. On the contrary, it has already been established as a proven and true procedure.

This leads to the second development in nation-state cyber espionage: cyber espionage is increasingly acceptable, if not welcomed, as a tool of warfare. That is not to imply that cyber espionage will eventually replace traditional forms of warfare, but it is already changing the essence of nation-state combat. It argues that this transition began during the Cold War, when the United States and Russia prioritized clandestine intelligence collection above direct fighting. Because all-out conflict between major international powers has grown less acceptable in the contemporary era, it is understandable that a desire for more covert techniques has persisted into the twenty-first century. As technology has improved in recent decades, cyber espionage techniques have become increasingly important to current military operations.

  1. CASE STUDIES

A. Stuxnet: The first known cyber weapon.

Stuxnet is a potent computer worm intended by US and Israeli intelligence to disrupt a critical component of Iran’s nuclear program. It was intended for an air-gapped facility but unexpectedly expanded to other computer systems, raising concerns about its design and purpose. Stuxnet took advantage of several previously undiscovered Windows zero-day vulnerabilities. That claim should make it clear that nation-states used Stuxnet as a component of a high-level sabotage operation against their adversaries. It is now commonly recognized that Stuxnet was manufactured by US and Israeli spy services. Stuxnet was originally discovered by the infosec community in 2010, but research likely began around 2005. The United States and Israel wanted Stuxnet to disrupt, or at least postpone Iran’s nuclear weapons development program. The Bush and Obama governments felt that if Iran was about to obtain nuclear weapons, Israel would conduct attacks on Iranian nuclear facilities, perhaps sparking a regional conflict. Operation Olympic Games was viewed as a peaceful alternative. Although it was unclear if such an assault on physical infrastructure was even conceivable, a dramatic discussion in the White House Situation Room late in Bush’s administration occurred during which fragments of a wrecked test centrifuge were laid out on a conference table. At that moment, the United States granted the go-ahead to release the malware. The clandestine program to produce the worm was codenamed “Operation Olympic Games” and began under President George W. Bush and proceeded under President Barack Obama. While neither country has ever publicly acknowledged inventing Stuxnet, a 2011 film commemorating the retirement of Israeli Defense Forces chief Gabi Ashkenazi cited it as one of his accomplishments.[9]

Though it was hard to determine if the Stuxnet worm was to blame for the issues, cybersecurity experts concluded that Iran had been attacked by what might have been the most sophisticated piece of malware ever produced. Stuxnet was a real offensive cyber weapon, taking over and disrupting industrial operations in a large sector of a sovereign state, and it marked a considerable increase in governments’ and state-sponsored groups’ capabilities and willingness to participate in cyber war.[10]

B. Russian cyber interference in elections:

On July 13, 2018, a federal grand jury in the District of Columbia indicted 12 Russian military intelligence personnel for allegedly meddling in the 2016 US elections.[11] When it was revealed that the Russian government meddled in the 2016 U.S. presidential election by hacking into the Democratic National Committee’s email system and exposing its contents, international lawyers disagreed on whether the cyber-attack broke international law. President Obama appeared to go out of his way to define the cyber-attack as a simple infringement of “established international norms of behavior,” even though some international attorneys were more inclined to call it a violation of international law. However, determining the specific legal rule that was violated proves to be more difficult than it would appear. To the layperson, the Russian hacking represented an illegal (and maybe alarming) meddling in the American political process—an intervention that non-lawyers would not hesitate to identify a “violation of sovereignty” as that phrase is used in political or diplomatic language.

The challenge occurs when attempting to put such common-sense perception into legal language. At this stage, the translation effort fails for a number of reasons. The issue stems from the fact that none of the conventional rubrics for understanding unlawful interventions apply plainly and unequivocally to the facts at hand. That being said, it would be a mistake to dismiss our common-sense suspicions about the illegality of Russian hacking during the election. The absence of fit with the fundamental requirements for an illegal interference against another state’s sovereignty simply indicates that the concepts of “sovereignty” and “intervention”—though central to contemporary public international law doctrine—are unsuitable for analyzing the legality of the conduct in this case. A considerably better framework for assessing the conduct is self-determination, a legal concept that encompasses a people’s freedom to select for themselves both their political arrangements and their future fate.[12]

C. WannaCry ransomware attack:

WannaCry is a ransomware outbreak that quickly spread throughout computer networks in May of 2017. After infecting a Windows machine, it encrypts files on the hard drive, rendering them inaccessible, and then demands a Bitcoin ransom payment to unlock them. Several factors made the initial spread of WannaCry particularly notable: it struck several important and high-profile systems, including many in Britain’s National Health Service; it exploited a Windows vulnerability that was suspected to have been discovered by the United States National Security Agency; and it was cautiously linked by Symantec and other security researchers to the Lazarus Group, a cybercrime organization that may be connected to the North Korean government.[13] The WannaCry attackers encrypted Windows systems throughout the world and demanded a $300 Bitcoin ransom, which was eventually increased to $600. It infected an estimated 230,000 machines in 150 countries in 24 hours. After quickly spreading throughout the world, security researcher Marcus Hutchins uncovered a kill switch that dramatically halted the spread of the malware. [14]

  1. INTERNATIONAL LAWS REGARDING CYBERSPACE

The law governing the use of force between states (jus ad bellum) requires determining whether cyber operations constitute an internationally wrongful threat or use of “force,” a “armed attack” justifying the use of necessary and proportionate force in self-defense, or a “threat to international peace and security” or “breach of the peace” that requires UN Security Council intervention.

The law of neutrality raises questions about the legality of belligerents using neutral states’ telecommunications infrastructure for cyberattacks, as well as the responsibilities of “neutral” states towards non-state belligerents attacking their territory or infrastructure.

Under the law of armed conflict (jus in bello), sometimes known as international humanitarian law (IHL), “cyber warfare” must be separated from phenomena that are not necessarily covered by IHL, such as “cyber criminality” and “cyberterrorism”. Where IHL applies, it must be determined to what degree its norms and principles, which control traditional means and techniques of combat, may be applied to cyber warfare. In doing so, the emphasis will be on the norms and principles of IHL controlling the conduct of hostilities rather than those governing the protection and treatment of individuals in the hands of a party to an armed conflict, which are less applicable to cyber warfare.[15]

  1. CONCLUSION:

In the ever-changing environment of global security, the rise of cyberspace as a realm of battle has resulted in a slew of dangers that call into question traditional ideas of conflict and defense. As discussed in this article, cyberspace threats include a wide spectrum of harmful action. In response to these challenges, military rules and regulations have become increasingly crucial in establishing nations’ cyber defense strategies and tactics, as well as maintaining digital security. Nonetheless, the creation of international norms and agreements, as well as the strengthening of local laws and regulations, can assist in reducing these issues and create more international collaboration in the fight against cyber dangers.

To summarize, the emergence of cyberspace threats offers substantial challenges to global security, forcing countries to reconsider their methods of defense and conflict in the digital era. Military rules play an important role in tackling these difficulties by establishing a legal framework for conducting cyber operations, deterring hostile actors, and protecting key infrastructure and national security. Moving forward, legislators, legal experts, and military commanders must work together to modify and reinforce cyberspace military rules in response to changing threats and technology.

Reference(s):

[1] cyberspace. (n.d.)., ://csrc.nist.gov/glossary/term/cyberspace

[2] NIST SP 800-30 Rev. 1 under Cyberspace from CNSSI 4009
NIST SP 800-39 under Cyberspace from CNSSI 4009

[3] CNSSI 4009-2015 from NSPD-54/HSPD-23

[4] NIST SP 800-160 Vol. 2 Rev. 1 from CNSSI 4009-2015, NSPD-54/HSPD-23
NIST SP 800-53 Rev. 5 from CNSSI 4009-2015

[5] NISTIR 8074 Vol. 2 under Cyberspace

[6] What is Cyber Security and Its Importance? (n.d.), https://www.knowledgehut.com/blog/security/cyber-security-challenges

[7] https://sprinto.com/blog/challenges-of-cyber-security/

[8] D Rubenstein, Washington University in St. Louis https://www.cse.wustl.edu/~jain/cse571-14/ftp/cyber_espionage/

[9] Stuxnet Explained: The First Known Cyberweapon, 2022, August 31, Https://Www.Csoonline.Com/Article/562691/Stuxnet-Explained-The-First-Known-Cyberweapon.Html#:~:Text=Who%20created%20stuxnet%3f,It%20probably%20began%20in%202005

[10] Britannica, T. Editors Of Encyclopaedia. “Stuxnet.” Encyclopedia Britannica, January 15, 2024. Https://Www.Britannica.Com/Technology/Stuxnet

[11] Russian Interference In 2016 U.S. Elections. (N.D.). Fbi Gov, From Https://Www.Fbi.Gov/Wanted/Cyber/Russian-Interference-In-2016-U-S-Elections

[12] Ohlin, Jens David, “Did Russian Cyber Interference In The 2016 Election Violate International Law?,” 95 Texas Law Review 1579 (2017), Https://Scholarship.Law.Cornell.Edu/Facpub/1498/

[13] WannaCry explained: A perfect ransomware storm, 2022, August 24, https://www.csoonline.com/article/563017/wannacry-explained-a-perfect-ransomware-storm.html

[14] What was the WannaCry ransomware attack, 2024, https://www.malwarebytes.com/wannacry

[15] https://unidir.org/files/publication/pdfs/cyberwarfare-and-international-law-382.pdf

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top