Cyber-attacks — efforts to alter, disrupt, or destroy computer systems, networks, or the information or programs on them — pose difficult interpretive issues with respect to the U.N. Charter, including when, if ever, such activities constitute prohibited “force” or an “armed attack” justifying military force in self-defense. In exploring these issues, and by drawing on lessons from Cold War legal debates about the U.N. Charter, this Article makes two overarching arguments. First, strategy is a major driver of legal evolution. Whereas most scholarship and commentary on cyber-attacks has focused on how international law might be interpreted or amended to take account of new technologies and threats, this Article focuses on the dynamic interplay of law and strategy — strategy generates reappraisal and revision of law, while law itself shapes strategy — and the moves and countermoves among actors with varying interests, capabilities, and vulnerabilities. Second, this Article argues that it will be difficult to achieve international agreement on legal interpretation and to enforce it with respect to cyber-attacks. The current trajectory of U.S. interpretation — which emphasizes the effects of cyber-attacks in analyzing whether they cross the U.N. Charter’s legal thresholds — is a reasonable effort to overcome translation problems of a Charter built for a different era of conflict. However, certain features of cyber-activities make international legal regulation very difficult, and major actors have divergent strategic interests that will pull their preferred doctrinal interpretations and aspirations in different directions, impeding formation of a stable international consensus. The prescription is not to abandon interpretive or multilateral legal efforts to regulate cyber-attacks, but to recognize the likely limits of these efforts and to consider the implications of legal proposals or negotiations in the context of broader security strategy.
[1]
Robin A. Gandhi,et al.
Dimensions of Cyber-Attacks: Cultural, Social, Economic, and Political
,
2011,
IEEE Technology and Society Magazine.
[2]
Y. Dinstein.
Computer Network Attacks and Self-Defense
,
2002
.
[3]
J. Hargrove.
The Nicaragua Judgment and the Future of the Law of Force and Self-Defense
,
1987,
American Journal of International Law.
[4]
John Arquilla,et al.
Cyberwar is coming
,
1993
.
[5]
David Galula,et al.
Counterinsurgency Warfare: Theory and Practice
,
1964
.
[6]
Walter Laqueur.
Guerrilla: A Historical And Critical Study
,
1976
.
[7]
William J. Lynn,et al.
Defending a New Domain: The Pentagon's Cyberstrategy
,
2010
.
[8]
Sally Adee,et al.
The Hunt For The Kill Switch
,
2008,
IEEE Spectrum.
[9]
L. Henkin.
The Reports of the Death of Article 2(4) Are Greatly Exaggerated
,
1971
.
[10]
The Terror Fringe
,
2009
.
[11]
Jose Nazario,et al.
Politically Motivated Denial of Service Attacks
,
2009
.
[12]
S. Murphy.
The Doctrine of Preemptive Self-Defense
,
2005
.
[13]
Gibbs Jp.
Deterrence theory and research.
,
1985
.
[14]
Rain Ottis,et al.
FROM PITCHFORKS TO LAPTOPS: VOLUNTEERS IN CYBER CONFLICTS
,
2010
.