Cyberoperations and international humanitarian law: A review of obstacles in applying international law rules in cyber warfare

The increasing number of cyber attacks has transformed the “cyberspace” into a “battlefield”, bringing out “cyber warfare” as the “fifth dimension of war” and emphasizing the States’ need to effectively protect themselves against these attacks. The existing legal framework seem inadequate to deal effectively with cyber operations and, from a strictly legal standpoint, it indicates that addressing cyber attacks does not fall within the jurisdiction of just one legal branch. This is mainly because of the fact that the concept of cyber warfare itself is open to many different interpretations, ranging from cyber operations performed by the States within the context of armed conflict, under International Humanitarian Law, to illicit activities of all kinds performed by non-State actors including cybercriminals and terrorist groups. The paper initially presents major cyber-attack incidents and their impact on the States. On this basis, it examines the existing legal framework at the European and international levels. Furthermore, it approaches “cyber warfare” from the perspective of international law and focuses on two major issues relating to cyber operations, i.e. “jurisdiction” and “attribution”. The multi-layered process of attribution in combination with a variety of jurisdictional bases in international law makes the successful tackling of cyber attacks difficult. The paper aims to identify technical, legal and, last but not least, political difficulties and emphasize the complexity in applying international law rules in cyber operations.

The paper focuses on the globalization of the “cyber warfare phenomenon” by observing its evolutionary process from the early stages of its appearance until today. It examines the scope, duration and intensity of major cyber-attacks throughout the years in relation to the reactions of the States that were the victims. Having this as the base of discussion, it expands further by exemplifying “cyber warfare” from the perspective of the existing European and International legal framework. The main aim of this part is to identify and analyze major obstacles that arise, for instance in terms of “jurisdiction” and “attribution” in applying international law rules to “cyber warfare”.

The absence of a widely accepted legal framework to regulate jurisdictional issues of cyber warfare and the technical difficulties in identifying, with absolute certainty, the perpetrators of an attack, make the successful tackling of cyber attacks difficult.

The paper fulfills the need to identify difficulties in applying international law rules in cyber warfare and constitutes the basis for the creation of a method that will attempt to categorize and rank cyber operations in terms of their intensity and seriousness.