Published on 1st June 2025
Authored By: Raj Sanjay Mitra,
University of Delhi
INTRODUCTION
For both military and civilian uses, the majority of countries—especially developed ones—are becoming more and more reliant on data and information technology. This gives enemies the chance to attack at little cost, from a distance, and with minimal danger. As a result, both governments and non-state actors are increasingly using the internet to wage war. Similar to the issues mentioned in respect to individuals operating drones, cyberwarfare raises a variety of ethical and moral questions because it enables combatants to battle from great distances. The battlefield is far away from online criminals. Because they are not exposed to the atrocities of war, cybercriminals run the risk of losing empathy for the consequences of their actions, which raises the potential for needless pain, harm, and collateral damage.[1]
Artificial intelligence and cyberspace warfare are being openly deployed in international conflicts without any kind of oversight. From 2009 to 2018, there was a 44% increase in cyberattacks. Although the deployment of Stuxnet (2007) in Iran’s nuclear facilities is thought to have been the first instance of the use of cyber weapons, current events such as the conflict between Russia and Ukraine have elevated the issue of cybersecurity to the forefront of international law and security. In the context of cyberwarfare, experts have been examining international law and attempting to apply the rules that now govern international wars. Jus ad bellum, or laws guiding the onset of war, and jus in bello, or laws governing the conduct of parties in a war, are the two main categories of international law governing wars. While some nations, such as China, Russia, Cuba, and Iran, disagree to the application of international law in cyberspace, the majority of nations support it. They contend that such an application will cause cyberspace to become needlessly militarised.[2]
THE MEANING OF CYBER WARFARE
For the purposes of this discussion, “cyberwarfare” is defined as warfare executed within cyberspace using digital techniques and strategies. While “warfare” is typically understood to involve military actions during armed conflicts, “cyberspace” refers to a worldwide network of digital information and communication systems, encompassing the Internet, telecommunications networks, computer systems, and the data contained within them. For instance, if a hostile entity were to infect an opponent’s computer network with a harmful virus, this would be classified as an act of cyberwarfare. In contrast, an aerial attack on a military cyber command centre would not fall under this category. It is important to note that cyberwarfare, although conducted in the digital realm, can lead to physical or other non-digital consequences beyond the cyber domain, and attackers may deliberately aim for such outcomes. For example, cyberwarfare targets may include individuals whose lives or the operation of critical systems rely on computer technology, such as certain power plants, transportation systems, or individuals connected to various medical, military, or professional life-support systems. When interpreting and applying current international law to the realm of cyberwarfare, it is essential to take into account the unique features of cyberspace. Notably, cyberspace is the only domain that is entirely artificial, created, maintained, owned, and operated collaboratively by both public and private entities worldwide. It is in a state of constant evolution, driven by technological advancements. Unlike traditional domains, cyberspace is not constrained by geopolitical or natural borders; information and electronic payloads can be transmitted instantaneously from any point of origin to any destination connected via the electromagnetic spectrum. These transmissions occur as numerous digital fragments that navigate through unpredictable pathways before being reassembled at their intended location.[3]
CYBER-ATTACKS AND CYBER EXPLOITATION
The nature of cyberattacks is destructive. Erasure by a computer virus that lives on the hard drive of any infected computer is an example of such a hostile behaviour. The term “cyber-attack” in this context refers to the use of intentional operations and actions, possibly spread over a long period, to change, interfere with, deceive, deteriorate, or destroy adversary computer systems or networks, as well as the data and (or) programs stored on or transmitted by these systems or networks. Entities connected to or dependent on adversary systems and networks may also experience indirect repercussions from these effects. The goal of a cyberattack is to render the adversary’s computer networks and systems unreliable or unusable, hence decreasing their usefulness.
Cyber exploitation is non-destructive in contrast. As an illustration, consider a computer virus that scans the hard drive of any compromised system and emails to the adversary any files that contain a credit card number or other private data. The use of operations and activities, possibly over a long period of time, to get information that would otherwise be kept confidential and that is stored on or travelling via an adversary’s computer systems or networks is referred to as “cyber exploitation.” Cyber exploitations are typically carried out covertly and with the least amount of intervention necessary to obtain the desired information. [4]
From the perspective of the user, they do not aim to interfere with a computer system’s or network’s regular operation, and the most effective cyber exploitation is one that the user is unaware of. Cyber exploitation is a contemporary form of espionage that aims to gain information from a computer network without the user’s awareness. The majority of countries’ local laws prohibit espionage, while international law does not.
CYBER WARFARE IN THE REALM OF INTERNATIONAL LAW
Jus ad bellum refers to the legal framework that regulates the use of force by states in their international interactions. Currently, the primary source of jus ad bellum is the UN Charter. However, certain elements of this law, such as the specific conditions under which force may be employed in self-defence, are not explicitly addressed in the UN Charter and must instead be inferred from customary law, as evidenced by state practices and opinio-juris, as well as from international legal precedents. In this regard, it is essential to analyze the conditions under which cyber operations may constitute
(1) an internationally wrongful threat or use of “force,”
(2) an “armed attack” that justifies the use of necessary and proportionate force in self-defence, or
(3) a “threat to the peace,” “breach of the peace,” or “act of aggression”, [5]
that warrants intervention by the UN Security Council. The first inquiry is significant because state-sponsored cyber operations that qualify as a use of “force” against another state would not only violate the general prohibition outlined in Article 2(4) of the UN Charter but would also typically initiate an international armed conflict. Conversely, cyber operations that do not meet the threshold of “force,” even if they contravene the customary principle of non-intervention, may still be considered lawful countermeasures in response to internationally wrongful acts that do not rise to the level of an “armed attack” by another state. The second inquiry is pertinent because if cyber operations are deemed to constitute an “armed attack,” the affected state is entitled to exercise its inherent right to self-defence, potentially employing means that would otherwise be prohibited by the Charter, including the use of force. Finally, regardless of whether the cyber operations in question qualify as “force” or “armed attack” under articles 2(4) and 51 of the UN Charter, the UN Security Council may use forcible measures, including military force, to maintain or restore international peace and security if it is determined that they constitute a “threat to the peace,” “breach of the peace,” or “act of aggression.” [6]
International Humanitarian Law (IHL), also known as jus in bello, is primarily established in the 1949 Geneva Conventions and their Additional Protocols from 1977 and 2005, along with certain customary international law principles. Experts generally agree that cyber warfare conducted during an ‘international armed conflict’ will be governed by IHL, similar to other modern warfare methods. This consensus is supported by the ICRC Report 2020, the UN Group of Governmental Experts (GGE) reports, UN General Assembly resolutions on cyber law, and the final UN Open-Ended Working Group (OEWG) report from 2021, all of which affirm the relevance of international law, including the UN Charter, to cyber warfare. However, the application of IHL to cyber warfare presents complexities and ambiguities, primarily due to the absence of a shared vocabulary and a clear understanding of cyber operations within international law. This lack of clarity makes it difficult to apply IHL to various cyberattacks that could adversely affect civilians. There is no established framework for categorizing these cyberattacks as ‘international armed conflicts,’ and there is uncertainty regarding the attribution of such attacks to specific State(s). Currently, IHL is applicable during ‘international armed conflict,’ which arises when State(s) deploy ‘armed forces’ to ‘attack’ or ‘interfere’ within the ‘territory’ of another State(s). Therefore, for IHL to be applicable, the following conditions must be met: 1) the cyberattacks must qualify as armed conflict under international law, 2) there must be criteria that define the level of cyber operations necessary for them to be deemed ‘interference’ under IHL, 3) a clear delineation of sovereign territory in cyberspace must exist to confirm that the attack occurred within another State’s territory, and 4) the entity responsible for the cyberattacks must be a State or its agencies, rather than Cyber Non-State Actors (CNSA), as the latter do not fall under the armed forces of State(s).[7]
Even when it is evident that cyberattacks are executed by official state entities amidst an international armed conflict, the enforcement of current International Humanitarian Law (IHL) in the context of cyber warfare could endanger civilian safety. Article 51(3) of Additional Protocol I of the Geneva Conventions stipulates that a civilian forfeits the general protection from attacks provided by Article 51(1) if they directly engage in hostilities. In numerous cases, nations have employed civilian cyber operators from the private sector to conduct cyberattacks. The protection afforded to civilians ceases when they become integrated into the state’s cyber forces (Rule 96). Consequently, these civilian cyber operators may also lose protection for their personal civilian cyber infrastructure. Experts have cautioned nations about the risks associated with the merging of military and civilian roles in cyber warfare and the potential repercussions. Once civilian cyberinfrastructure loses its immunity from attacks, enemy cyber operations may inflict indiscriminate damage on various interconnected civilian systems.
CONCLUSION
“Cyber warfare” has fundamentally altered the way wars are waged. While there are many potential benefits to creating a framework of “international law” for “cyber warfare,” it is imperative to address the challenges of identifying the attacker, addressing the issue of state culpability, and guaranteeing international compliance.
By enhancing security, placing obligations on states to act responsibly in cyberspace, lowering the threshold at which cyberattacks breach the prohibition on the “use of force,” enabling states to firmly retaliate against specific non-destructive cyber operations, and strengthening the security of cyberinfrastructure, data, and actions during arms-related conflicts, the legal framework is likely to evolve to reflect the growing significance of cyber activities in modern societies. These modifications could be costly, affect the right to privacy, involve kinetic activities, and deprive battle commanders of options that were previously available. In order to ascertain whether new weapons and strategies employed in “cyberwarfare” are compliant with current “IHL,” nations must take into account their moral and legal commitments to future generations. Law, however, demonstrates national interests.
Establishing a “international legal system” for “cyber warfare” activities has a number of benefits, such as ensuring the safety of more vulnerable states, creating a set of humanitarian guidelines to be adhered to during an armed conflict, and acknowledging the common goal of preventing terrorists and non-state actors. It is necessary to overcome the challenges of identifying the attacker, attributing the activities of non-state actors to states, and requiring adherence from a nation.
REFERENCES
[1] Gervais, M. (2012). Cyber-Attacks and the Laws of War. Berkeley Journal of International Law, 30, 525-531.
https://doi.org/10.2139/ssrn.1939615
[2] Smriti Jaiswal, International Humanitarian Law: Is Cyber Warfare Fair? [Part I] (2023) <https://jindalforinteconlaws.in/2023/10/15/international-humanitarian-law-is-cyber-warfare-fair-part-i-smriti-jaiswal/> last visited 9 April 2025
[3] Nils Melzer, ‘Cyberwarfare and International Law 2011’ (UNIDIR Resources,2 November 2011) <https://unidir.org/sites/default/files/publication/pdfs//cyberwarfare-and-international-law-382.pdf> last visited 9 April 2025
[4] Roscini, M. (2010). World Wide Warfare-Jus Ad Bellum and the Use of Cyber Force. Max Planck Yearbook of United Nations Law, 14, 85-130.
https://doi.org/10.1163/18757413-90000050
[5] Supra 3
[6] Schmitt, M. N. (1999). Computer Network Attack and the Use of Force in International Law: Thoughts on a Normative Framework. Columbia Journal of Transnational Law, 37, 885-937.
[7] Supra 2
