You will be redirected to the page you want to view in  seconds.

U.S.: Laws Of War Apply To Cyber Attacks

Sep. 18, 2012 - 08:01PM   |  
By ARAM ROSTON   |   Comments
  • Filed Under

The U.S. government believes that cyber attacks can amount to armed attacks, and are subject to international humanitarian law and rules of war, the top State Department lawyer said Sept. 18.

Harold Koh, the State Department’s chief legal adviser, unveiled the U.S. government’s position on the rules of cyberwar at a conference hosted by U.S. Cyber Command at Fort Meade, Md.

Koh announced that it was U.S. government policy that certain cyber attacks may constitute a “use of force,” a legal term defined by the UN Charter. Functionally, such cyber attacks are only legal if a military engagement is authorized by the United Nations, or if the attacks are launched in self defense.

Koh also introduced a series of 10 legal principles about cyberwar. The first is the general rule that international law does indeed “apply to activities in cyberspace.”

Some cyber attacks, Koh said, can “amount to an armed attack or imminent threat thereof” and could trigger a nation’s right of self-defense. Presumably, that means that if a country is attacked with a cyber weapon, it can fight back, either with conventional military force or a cyber weapon in return.

Koh said that to constitute a “use of force” under international law, a cyber attack would probably have to “proximately result in death, injury or significant destruction.”

Cyberwar was until just years ago little more then futuristic fantasy, but capabilities have developed so quickly that deploying cyber weapons now requires legal oversight. Koh’s announcement is an important development because the DOD has been grappling with the issue.

Indeed, shortly before Koh spoke, the CYBERCOM chief of staff Rear Adm. Margaret Klein had complained that there was “a lack of clear legal guidance” about what laws applied to the use of cyber as a weapon.

CYBERCOM oversees the Defense Department’s offensive and defensive cyber operations, and is led by Gen. Keith Alexander, who also runs the National Security Agency.

Koh emphasized that in using any cyber weapon, a country had to “distinguish military objectives from civilian objectives,” and had to avoid targeting civilian infrastructure.

Michael Schmitt, head of the international law department at the Naval War College, said the announcement came at an important time.

“The problem,” he said, is that people were wringing their hands in despair: ‘Oh my God, does international law apply?’ Non-lawyers seemed captivated by the idea that these weapons operated in a legal void.”

“It is significant,” he said, “that the legal advisor comes out and says unambiguously that international law applies.”

Schmitt headed a group of experts sponsored by the NATO Cooperative Cyber Defence Centre of Excellence in Tallinn, Estonia, which prepared a draft manual on international law in cyberwar.

The United States is one of the few governments believed to have engaged in cyberwarfare, in particular the Stuxnet attack against Iran’s nuclear centrifuge infrastructure. Koh’s announcement of a legal doctrine on cyberwar comes just months after new reports surfaced about the Obama administration’s alleged central role in deploying the Stuxnet worm.

More In World News

Start your day with a roundup of top defense news.

More Headlines from North America



Login to This Week's Digital Edition

Subscribe for Print or Digital delivery today!

Exclusive Events Coverage

In-depth news and multimedia coverage of industry trade shows and conferences.



Defensenews TV

  • Sign-up to receive weekly email updates about Vago's guests and the topics they will discuss.