Cyber warfare and autonomous self-defence

Grimal, Francis and Sundaram, Jae (2017) Cyber warfare and autonomous self-defence. Journal on the Use of Force and International Law. pp. 312-343. ISSN 2053-1702

Preview

Text Grimal Sundaram BEAR Submission (002).pdf - Accepted Version Download (528kB) | Preview

Abstract

The last two decades have witnessed increased activity by states within the ‘fifth dimension’ (cyberspace) to conduct both civilian and military operations. It is now over two decades since Arquilla and Ronfeldt warned about the advent of cyber warfare in the foreseeable future, and cyberspace has now become a primary battlefield. Prevailing at the forefront of academic scrutiny within the jus ad bellum context is the extent to which cyber operations fall within the paradigm of Article 2(4) of the United Nations Charter. A traditional and restrictive interpretation of the cornerstone prohibition contained in Article 2(4) would conclude that the type of force (either threatened or actual) would need to be military / kinetic, thus potentially excluding the possibility of cyber activities. Naturally, some states would contest that it is the consequence suffered rather than the modality of attack. In turn, this raises issues as to whether or not the injury suffered by a state subjected to a cyber attack would be sufficient to invoke its inherent right of self-defence. The scope of this article is to consider the natural technological trajectory of self-defence in cyber operations by examining the very real possibility that computer networks may be enabled to eventually seek to automatically defend themselves against more aggressive cyber intrusions—‘automated cyber self-defence’. This would therefore necessitate an examination of the way and extent to which such actions would fall within the existing framework regulating a defensive response. More controversially, the article will also assert that the temporal parameters of self-defence in response to a cyber attack may need re-calibration—issues of detection (particularly against dormant malware etc.) and attribution would prevent a state from responding in a more conventional timeframe. Would self-defence therefore be permissible or indeed desirable several months after an attack has occurred if it is only then attribution becomes clear?

Actions (login required)

View Item