Cyberthreats And International Law

This book revolves around the public international law aspects of the destructive use of cyberspace by state actors and non-state actors, encompassing cyberwar, cyberterrorism, and hacktivism, but excluding cybercrime. For the purpose of delimitation, the book also addresses cyberespionage and political activism in cyberspace. Starting with an overview of the technical background, the book explains the vulnerabilities of critical infrastructure. Then, it outlines notable cyberincidents that have occurred so far and analyzes pertinent state practices and policies. Turning to the legal analysis, the book primarily focuses on the contemporary jus ad bellum and jus in bello, exploring whether concepts like the use of force or self-defense are applicable to cyberattacks, despite their lack of physicality; or whether state responsibility and the principles of international humanitarian law are applicable to cyberspace, in particular in the light of an evident civilianization of battlespace in this area. Furthermore, the book encompasses destructive cyberterrorism and puts this into context with human rights aspects of political activism in cyberspace. The book also looks into jurisdictional pitfalls borne in cyberspace. After a brief summary of the research results, the final chapter is dedicated to providing recommendations to the international community, in order to address cyberthreats in a political process.

This revised and expanded edition of the Research Handbook on International Law and Cyberspace brings together leading scholars and practitioners to examine how international legal rules, concepts and principles apply to cyberspace and the activities occurring within it. In doing so, contributors highlight the difficulties in applying international law to cyberspace, assess the regulatory efficacy of these rules and, where necessary, suggest adjustments and revisions.

This book presents a novel framework to reconceptualize Internet governance and better manage cyber attacks. Specifically, it makes an original contribution by examining the potential of polycentric regulation to increase accountability through bottom-up action. It also provides a synthesis of the current state of cybersecurity research, bringing features of the cloak and dagger world of cyber attacks to light and comparing and contrasting the cyber threat to all relevant stakeholders. Throughout the book, cybersecurity is treated holistically, covering outstanding issues in law, science, economics, and politics. This interdisciplinary approach is an exemplar of how strategies from different disciplines as well as the private and public sectors may cross-pollinate to enhance cybersecurity. Case studies and examples illustrate what is at stake and identify best practices. The book discusses technical issues of Internet governance and cybersecurity while presenting the material in an informal, straightforward manner. The book is designed to inform readers about the interplay of Internet governance and cybersecurity and the potential of polycentric regulation to help foster cyber peace.

Examining the thematic intersection of law, technology and violence, this book explores cyber attacks against states and current international law on the use of force. The theory of information ethics is used to critique the law’s conception of violence and to develop an informational approach as an alternative way to think about cyber attacks. Cyber attacks against states constitute a new form of violence in the information age, and international law on the use of force is limited in its capacity to regulate them. This book draws on Luciano Floridi’s theory of information ethics to critique the narrow conception of violence embodied in the law and to develop an alternative way to think about cyber attacks, violence, and the state. The author uses three case studies – the 2007 cyber attacks against Estonia, the Stuxnet incident involving Iran that was discovered in 2010, and the cyber attacks used as part of the Russian interference in the 2016 US presidential election – to demonstrate that an informational approach offers a means to reimagine the state as an entity and cyber attacks as a form of violence against it. This interdisciplinary approach will appeal to an international audience of scholars in international law, international relations, security studies, cyber security, and anyone interested in the issues surrounding emerging technologies.

This book explores the extraordinary difficulties a nation-state’s law enforcement and military face in attempting to prevent cyber-attacks. In the wake of recent assaults including the denial of service attack on Estonia in 2007 and the widespread use of the Zeus Trojan Horse software, Susan W. Brenner explores how traditional categories and procedures inherent in law enforcement and military agencies can obstruct efforts to respond to cyberthreats. Brenner argues that the use of a territorially-based system of sovereignty to combat cyberthreats is ineffective, as cyberspace erodes the import of territory. This problem is compounded by the nature of cybercrime as a continually evolving phenomenon driven by rapid and complex technological change. Following an evaluation of the efficacy of the nation-state, the book goes on to explore how individuals and corporations could be integrated into a more decentralized, distributed system of cyberthreat control. Looking at initiatives in Estonia and Sweden which have attempted to incorporate civilians into their cyber-response efforts, Brenner suggests that civilian involvement may mediate the rigid hierarchies that exist among formal agencies and increase the flexibility of any response. This book will be of great interest to students and researchers of information technological law and security studies.

As new technologies develop, terrorist groups are developing new methods of attack by using the Internet, and by using cyberspace as a battlefield, it has become increasingly difficult to discover the identity of attackers and bring them to justice. The seemingly limitless boundaries of cyberspace has allowed virtually anyone to launch an attack from a remote and anonymous location. But once these attacks occur, it raises several important questions; who should respond, and how?; how should nation-states effectively deal with a cyber-attack?; and will the United States and other nation-states be able to survive in a world where virtual boundaries are limitless? In Cyberthreats: The Emerging Fault Lines of the Nation State Susan Brenner gives a thorough explanation of how military and law enforcement personnel respond to these attacks and why bringing cyber-terrorist to justice can be difficult and sometimes impossible.

This compact, highly engaging book examines the international legal regulation of both the conduct of States among themselves and conduct towards individuals, in relation to the use of cyberspace. Chapters introduce the perspectives of various stakeholders and the challenges for international law. The author discusses State responsibility and key cyberspace rights issues, and takes a detailed look at cyber warfare, espionage, crime and terrorism. The work also covers the situation of non-State actors and quasi-State actors (such as IS, or ISIS, or ISIL) and concludes with a consideration of future prospects for the international law of cyberspace. Readers may explore international rules in the areas of jurisdiction of States in cyberspace, responsibility of States for cyber activities, human rights in the cyber world, permissible responses to cyber attacks, and more. Other topics addressed include the rules of engagement in cyber warfare, suppression of cyber crimes, permissible limits of cyber espionage, and suppression of cyber-related terrorism. Chapters feature explanations of case law from various jurisdictions, against the background of real-life cyber-related incidents across the globe. Written by an internationally recognized practitioner in the field, the book objectively guides readers through on-going debates on cyber-related issues against the background of international law. This book is very accessibly written and is an enlightening read. It will appeal to a wide audience, from international lawyers to students of international law, military strategists, law enforcement officers, policy makers and the lay person.

The internet has changed the rules of many industries, and war is no exception. But can a computer virus be classed as an act of war? Does a Denial of Service attack count as an armed attack? And does a state have a right to self-defence when cyber attacked? With the range and sophistication of cyber attacks against states showing a dramatic increase in recent times, this book investigates the traditional concepts of 'use of force', 'armed attack', and 'armed conflict' and asks whether existing laws created for analogue technologies can be applied to new digital developments. The book provides a comprehensive analysis of primary documents and surrounding literature, to investigate whether and how existing rules on the use of force in international law apply to a relatively new phenomenon such as cyberspace operations. It assesses the rules of jus ad bellum and jus in bello, whether based on treaty or custom, and analyses why each rule applies or does not apply to cyber operations. Those rules which can be seen to apply are then discussed in the context of each specific type of cyber operation. The book addresses the key questions of whether a cyber operation amounts to the use of force and, if so, whether the victim state can exercise its right of self-defence; whether cyber operations trigger the application of international humanitarian law when they are not accompanied by traditional hostilities; what rules must be followed in the conduct of cyber hostilities; how neutrality is affected by cyber operations; whether those conducting cyber operations are combatants, civilians, or civilians taking direct part in hostilities. The book is essential reading for everyone wanting a better understanding of how international law regulates cyber combat.