Applicability Of International Humanitarian Law On Cyber Warfare
INTRODUCTION
Jus in bello, conjointly called the law of war, the law of armed conflict (LoAC) or international humanitarian law (IHL)[1] is the section of law of nations handling the protection of persons who are not any longer collaborating within the hostilities which restricts the means and strategies of warfare. It includes written agreement law and customary law, because the latter has been crystallized throughout history.[2] Treaty law consists primarily of 2 sets of treaties: that is Geneva Convention and Hague Convention. The first one, Geneva Convention concentrates on the protection of civilians, prisoners of war, wounded and sick toward land and bemused, comprising of the four 1949 Geneva Conventions (supplementary to earlier Conventions of 1846, 1906 and 1929).[3] It’s more complemented by the two further Protocols of 1977, regarding the protection of victims of international and non-international armed conflicts.[4] Further Protocol III was added in 2005 regarding the Adoption of a further Distinctive Emblem.[5] The second one, Hague Convention deals with sensible military aspects of the conduct of hostilities, consisting of city rules of 1899 and 1907, plus numerous other conventions and agreements prohibiting the employment of sure weapons and military tactics.
International law is a body of rules and regulations governing the relation between various states and International Humanitarian law is just a part of it, which applies to armed conflict. It covers two areas:
· The protection of those who are not a part or not a party to conflict.
· Restrictions on the means of warfare – in particular weapons and the methods of warfare, like military tactics.
International Humanitarian Law protects those who are not taking part in the fighting, like civilians and medical and religious military personnel. International Humanitarian Law prohibits all means and methods of warfare which fails to discriminate between those taking part in the fighting and those, such as civilians, the purpose being protecting the civilian population, individual civilians and civilian property;
· Cause injury which results into unnecessary sufferings;
· Cause severe and permanent damage to the environment.
This section trot out the attainable application of the law of war in international cyber conflicts, and additional notably, with the appliance of the final principles of LoAC in cyber-attacks, since the law of war should apply to all or any military operations and thus the cyber warfare operations should not be an exception.
CAN IHL BE APPLIED ON CYBER WARFARE
The International Humanitarian law has banned the use of many weapons, which includes exploding bullets, chemicaland biological weapons, blinding laser weapons and anti-personnelmines. An International CriminalCourt,with the objective ofrepressing inter alia war crimes, wascreated by the 1998 Rome Statute to try cases relating to IHL. Twenty-first century is the Era where several new military warfare concepts have emerged. The concept of Cyber warfare is one of them. Where computer networks are used for cyber-attacks instead of conventional weapons; and satellites are used for providing images far more detailed than human spies and reconnaissance units have ever offered. Cyber warfare has been explained as any hostile measure taken against an enemy designed “to discover, destroy, disrupt, alter, destroy, disrupt or transfer data kept in a computer, which is manipulated through a computer or transmitted through a computer network.” [6] Examples of hostile use which includes computer attacks on air traffic control systems, on oil pipeline flow systems, controlling the activities of a particular network, edit or alter the crucial information in a network and nuclear plants. It is an attack based on networks which is adopted by many countries to reduce their frustration and also to avoid the real war situation. Chinese attack on US, Chinese attack on Google, attack by Ghost net spyware network upon confidential information of more than 100 countries are the examples which introduces the concepts of cyber warfare. Facebook has taught us that someone is always watching our activities, but it is always acceptable when it is not a big boss. The main issue that is to be taken care of is whether the basic principles of International Humanitarian Law that is military necessity, distinction and proportionality are flexible enough to accommodate twenty first –century, modern method of warfare that is cyber warfare?
Contemporary armed conflicts is to be controlled by a body of law which is to be created by and large in the second half of the 20th century and which have not yet become adaptable to contemporary legal and as well as practical challenges introduced by robots and robotic devices which replaced foot soldiers, the deployment of drone instead of manned aircrafts, and by using computer networks for cyber-attacks rather than use of conventional weapons. Though one may argue that cyber warfare is not specifically a warfare technique, any illegal act done by anyone can be culminated using networks, which need not be delved into the warfare arena. Cyber operations are in fact used in crimes committed in everyday situations that have nothing to do with warfare. A large proportion of operations popularly termed as “cyber-attacks” are in fact network disruptive attacks carried out for gathering illicit information and it usually occurs outside the arena of armed conflicts. But in the situation of armed conflict, IHL is applicable when the parties resort to techniques of warfare based upon cyber operations.
Cordula Droege, a legal expert of International community for Red Cross(ICRC) , explains that the existing legal framework is applicable and must be respected even in the cyber realm[7]. According to a study conducted Mr. Anton Camen (Expert from International Committee of the Red Cross) surveyed the main areas in which new technologies challenges the existing principles of IHL: cyber-warfare, automated systems (robotics), and new kinetic weapons. [8]His conclusion was that the traditional principles of IHL are, as a rule, flexible enough to meet the new challenge. Thus,it is clear that the rules of IHL is applicable in cyber warfare .[9] As it did not incorporate itself as pigeon hole legislation but as an inductive piece which is flexible enough to accommodate changes as per changing circumstances. In fact, it is the role of ICRC to look into the valid developments that need to be incorporated in IHL. There are several examples were new developments were adopted. Few of them are:-
· The Protocol about glary optical maser weapons, adopted at the capital of Austria Diplomatic Conference in Oct 1995, prohibits each the employment and transfer of optical maser weapons, one in every of whose specific combat functions is to cause permanent visual impairment.
· Within the case of mines, the sphere of application of Protocol II to the 1980 Convention (see p. 10) was extended by the adoption; in Geneva on three could 1996, of associate amended version of the Protocol on prohibitions or restrictions on the employment of mines, booby traps and alternative devices. The Convention on the prohibition of the employment, reposition, production and transfer of anti-personnel mines and on their destruction, signed by 121 countries in Ottawa on 3-4 Gregorian calendar month 1997, entirely prohibits anti-personnel mines issues.
· In 1994, because of irrelevance of the prevailing rules inspired by the world organisation General Assembly and with the assistance of specialists within the matter, the ICRC written pointers for military manuals and directions on the protection of the atmosphere in times of armed conflict.
· A more development was the adoption of the Statute of the International court on seventeen Gregorian calendar month 1998. The Statute is a very important step towards reducing exemption and guaranteeing bigger respect for humanitarian law.
· In Gregorian calendar month 2001, the scope of the 1980 world organisation Convention on prohibitions or restrictions on the employment of sure standard weapons was extended.
Even though IHL doesn’t specifically mention cyber warfare, the Martens clause, that is associated with accepted principle in IHL, says that whenever a state of affairs isn’t coated by a global agreement, “civilians and combatants stay below the protection and authority of the principles of jurisprudence derived from established custom, from the principles of humanity, and from the dictates of public conscience”. New technologies of all types area unit being developed all the time and IHL is sufficiently broad to accommodate these developments. IHL prohibits or limits the employment of sure weapons specifically (for instance, chemical or biological weapons, or anti-personnel mines). However it additionally regulates, through its general rules, all means that and strategies of warfare, as well as the employment of all weapons. specifically, Article 36 of I protocol to the Geneva Conventions provides that, “in the study, development, acquisition or adoption of a brand new weapon, means that or methodology of warfare, a High getting Party is below associate obligation to see whether or not its employment would, in some or all circumstances, be prohibited by this Protocol or by the other rule of jurisprudence applicable to the High Contracting Party.”[10].” on the far side the precise obligation it imposes on States parties, this rule shows that general IHL rules apply to new technology.
PROBLEMS ASSOCIATED WITH CYBER WARFARE IN APPLICATION OF IHL:-
· GENERALISATION OF THE OBJECTIVE OF THE ATTACK:-
The basic rule of the law of war (IHL) is enshrined in Additional Protocol I article 48, according which,
“In order to ensure respect for and protection of the civilian population and civilian objects, the Parties to the conflict shall at all times distinguish between the civilian population and combatants and between civilian objects and military objectives and accordingly shall direct their operations only against military objectives.”
This is the most serious concern of cyber warfare, that it generalises the target or target of attack. As per IHL rules some principles ought to be followed just in case of a warfare. It may be a general rule that attacks ought to be used just for weakening the enemy or military forces and not for inflicting hurt to anyone. So it states that civilians ought to be protected and separated from military networks and warfare arena. This can be referred to as the principle of ‘Distinction’.[11] The principle of distinction states that parties to a conflict distinguish the least bit times between civilians and combatants and between civilian objects and military objects. Attacks could solely be directed against combatants or military objectives. Indiscriminate attacks, that’s attacks that don’t seem to be or cannot be directed at a selected military objective or whose effects cannot be restricted as needed by IHL, are prohibited. [12] Similarly, attacks against military objectives or combatants are prohibited if they will be expected to cause incidental civilian casualties or harm which might be excessive in regard to the concrete and direct military advantage anticipated (so-called disproportionate attacks). Cyber-attacks have eliminated the boundaries between civilians and military. Cyber operations will raise humanitarian issues, specifically once their result is not restricted to the information of the targeted system or PC. Indeed, they are typically supposed to have an impact within the “real world.” For example, by change of state with the supporting PC systems, one will manipulate associate enemy’s traffic management systems, pipeline flow systems or nuclear plants. The potential humanitarian impact of some cyber operations is so monumental. Cyber-attacks which are recorded till date, as an example in Republic of Estonia, Georgia and Asian nation, don’t seem to have had serious consequences for the civilian population.
In 2007 the Government of Estonia, the ‘most wired country in Europe’[13] decides to relocate a disputable Soviet War memorial [14] off from the Tallin centre. The very next day and over the course of the subsequent 3 weeks, devastating cyber-attacks, hosted by Russian state laptop servers, target and cripple parliament and ministries’ websites, government communications, on-line banking systems and websites of leading news organizations. The events lead to talks concerning ‘Web War I’[15] and in NATO establishing a Tallinn-based Cooperative Cyber Defence Centre of Excellence the following year.
However, it appears that it is technically possible to interfere with airfield management systems, alternative transportation systems, dams or atomic power plants via cyber area. Probably ruinous eventualities, like collisions between craft, the discharge of poisons from chemical plants, or the disruption of significant infrastructure and services like electricity or water networks, so cannot be pink-slipped. Most victims of such operations would possibly be civilians. It is actually attainable that cyber operations may have fatal consequences for civilians. This suggests that, in coming up with and winding up cyber operations, the sole targets permissible below IHL is military objectives, like PC or computer systems employed in support of military infrastructure or of infrastructure used specifically for military functions. It follows that attacks via cyber area might not be directed against, as an example, PC systems employed in medical facilities, schools, and alternative strictly civilian installations. The problem of humanitarian concern during this respect is that cyber area is characterised by interconnectivity. It consists of innumerable interconnected PC systems across the planet. Military PC systems seem to usually be interconnected with industrial, civilian systems and to accept them in whole or partially. Thus, it would preferably be not possible to launch a cyber-attack only on military infrastructure and limit the consequences to only on to that of military objective. For example, the employment of a worm that replicates itself and cannot be controlled, and may so cause huge harm to civilian infrastructure, would be a violation of IHL. All IHL rules governing the conduct of hostilities area unit are probably applicable throughout armed conflict; however whether or not they are relevant in such a context, and the way they might be applied in, are real and apparent issues.
The principle of military necessity presents a less thorny issue. Simply stated, the intended target must have military value and receive only enough force to ensure its destruction. From a targeting standpoint, the information warrior like any other military commander can easily avoid war crimes charges if he or she refrains from choosing purely civilian objectives: Stock exchanges, banking systems, universities, and similar civilian infrastructures may not be attacked simply because a belligerent has the ability to do so.’[16]
The Additional Protocol I of the 1949 Geneva Conventions[17] provides in article 43 that the armed forces consists of all organised armed forces, which is under a control responsible to that party for the conduct of its subordinate. However, if one turns to states’ observe on a world level, it’ll be evident that cyber forces , commencing to represent a separate branch of each technologically advanced state’s army, has set the instance with the recent inauguration of people Cyber Command (USCYBERCOM) as Associate in Nursing militia sub-unified command, subordinate to the Department of Defence, followed by Great Britain, that launched a Cyber Security Operations Centre [18] in check of the cupboard workplace.[19] Thus, if taken without any consideration that a cyber-force will represent a part of a state’s militia, it is terribly straightforward for cyber-attacks to fall among the legal scope. As for cyber-attacks area unit perpetrated by hackers, United Nations agency may be thought of as ‘mercenaries’, forward that a state hires them to wage targeted cyber-attacks.
What ought to be done
The party answerable for associate attack should take measures, to the most extent possible, to avoid or minimize incidental harm to civilian infrastructure or hurt to civilians. It can be required to validate the character of the systems the area unit of which being attacked and also the attainable harm which may prove from associate attack. It additionally means once it becomes apparent that associate attack can cause excessive incidental civilian harm or casualties, it should be turned off.
Also, parties to conflicts have associate obligation to require necessary precautions against the consequences of attacks. It might so be wise for them, so as to guard the civilian population against incidental effects of attacks, to assess whether or not military PC systems area unit sufficiently break free civilian ones. The reliance of military PC systems and connections on civilian systems contractors that are used for civilian functions may well be a cause for concern.
On the opposite hand, analysis and development ought to be promoted for development of such technology that may facilitate in edging out violation of IHL by exempting civilians in an exceedingly cyber warfare. Hackers ought to be appointed to an excellent extent to avoid such things and to guard civilians. Information technology may additionally serve to limit incidental harm to civilians or civilian infrastructure. For example, it would be less damaging to disrupt the services used for military and civilian functions than to destroy infrastructure utterly. In such cases, the principle of precaution arguably imposes associate obligation on States to decide on the less harmful means that to attain their military aim.[20]
· CONCEPT OF ANONYMITY
IHL has largely supported the idea of acceptableness of responsibility on the attackers. One side of cyber area that might appear to cause difficulties is the namelessness of communications. Within the cyber operations that occur on associate everyday basis, namelessness is the rule instead of the exception. It seems to be not possible in some instances to trace the mastermind. Since all law is predicated on the allocation of responsibility (in IHL to a celebration to a conflict or to associate individual), major difficulties arise. Specifically, if the offender of a given operation associated so the link of the operation to an armed conflict cannot be known, it is extraordinarily tough to see whether or not IHL is even applicable to the operation. Several of the cyber-crime tools that are getting used were created by Yankee corporations, that sell not solely to the U.S. however additionally to alternative (less friendly) governments. Thus, this market must be regulated to chop out the centre man i.e. the software package corporations. Software package engineers ought to shell their product on to the U.S. so as to confirm that these tools do not find themselves within the hands of hostile governments and, ultimately, hackers or perhaps terrorists.
Certainly, public-private (i.e. government-company) sharing may be a drawback, however in all probability the most effective factor that may be done to deal with this issue is that Non-public corporations start sharing information of those vulnerabilities with one another. As a matter of fact, several corporations vie supported the cyber security systems that they provide as a product. Thus, this cooperation is unlikely to happen in absence of legislation. As far as State attribution is concerned, it’s terribly tough to see the origin of “cyber-attacks.” Thus, it is tough to attribute “cyber-attacks” to a selected State. As far as privacy is concerned, because the systems presently exist, there’s no such factor as privacy. The Government do will what it desires, and orders corporations (such as Facebook and Google) to supply it with the data it desires. State security can continuously trump individual privacy. As for State attribution, the military is not thus involved in attribution of cyber-attacks to an individual or a State. It is involved regarding attribution to a machine. If the military will finish off the machine, then the attack stops. As for privacy, wherever is that the personal responsibility? If one leaves the PC on all night, and somebody hacks into it and uses it for villainous functions, the owner of the PC is somewhat answerable for propagating the matter (although the person is not possibly liable).
· STATE ATTRIBUTABILITY:-
Another issue that emerges is building upon the identity of a cyber-attack to a particular state. It’s extremely unlikely that interstate cyber-attacks will be perpetrated by the heads-of-state themselves, on condition that a high degree of experience in computer technology is required. So, since a bunch of hackers are going to be the one ‘hired’ by a government to wage the attack, can the group’s actions be attributed to the
particular state?[21] It’s notably tough not solely to prove that a cyber-attack has taken place but conjointly to trace the culprit of associate degree attack, including seeking out the specified nexus between
the hacker and therefore the responsible state so as to attribute the acts to the actual state. In reality, however, if a black hat hacker with malicious intentions is knowledgeable in camouflaging, or maybe in fully concealing the traces that may result in him, there is another hacker, a white hat hacker, equally knowledgeable in tracing him. For the needs of this study, it will be taken with a pinch of salt that the hackers will so be geographically copied, in order to proceed to a legal analysis of however their actions will be attributed to the responsible state.[22] Further to the present, notwithstanding the attack is geographically copied, the scope of state attribution of the acts of a bunch of hackers stumbles upon the contentious issue of behaviour in the Net.[23] Retired General Michael Hayden, former director of the U.S. National Security Agency recently declared in associate degree completely flamboyant manner that one answer being discussed in government is to easily ignore (trying associate degree attempting) to work out if the supply of an attack is state-sponsored and hold nations to blame for malicious activity coming back from their Net.[24]
In the heart of the jurisprudence of state responsibility lay the 2001 Draft Articles on Responsibility of States for Internationally Wrongful Acts, statute by the International Law Commission.[25] Chapter II of the Draft Articles posits that attribution of a conduct to a state is effectuated during a embarrassment of ways: entomb alia, through the conduct of the De facto or De jure organs of a state [26] (even in instances wherever they exceed their authority or contravene their instructions, [27] through the conduct of persons or entities travail elements of governmental authority, [28] and through the conduct of someone or cluster of persons acting below the directions of or below the directions or management of that State.[29] The half of the latter type of ‘immutability’ is that the most arguable one. The degree of management that should be exercised by the state so as for the conduct to be attributable to it had been a key issue in different cases of the international jurisprudence.[30] If a future cyber-attack is so waged by a bunch of hackers acting below the instructions, directions or management of a state, a specific issue can arise if the mutually contradictory dicta by the two world organisation tribunals square measure taken into thought.
The International Court of Justice held within the landmark 2007 Nicaragua Case that associate degree
“effective control” check is required for the state attribution to be achieved, whereas the International Criminal assembly for the previous Yugoslavia[31] set within the famed Tadić Case that a looser, “overall control” check is satisfactory enough. The latter was harshly criticised by the ICJ in its landmark 2007 putting to death the Case as being unconvincing and unsuitable, because it ‘has the most important downside of broadening the scope of State responsibility well on the far side the elemental principle governing the law of international responsibility’. Thus, within the case that a future controversial cyber-attack is submitted to the International Court of Justice, it remains to be seen whether or not the standards used are tight or not
and whether or not international responsibility of the perpetrator state are effectively engaged. Praiseworthy is the proposal by Shackelford, UN agency moves any and suggests that ‘using the putting to death Convention is a vehicle to carry responsible culprit nations that have putting to death, results in an enormous and deadly state-sponsored information warfare campaign.’
CONCLUSION
Thus we are able to conclude that the absence in IHL of specific references to cyber operations doesn’t mean that such operations don’t seem to be subject to the foundations of IHL. If the means and strategies of cyber warfare manufacture identical effects within the world as standard weapons (such as destruction, disruption, damage, injury or death), they’re ruled by identical rules as standard weapons. Since the foundations of IHL area unit versatile enough to adopt the new technologies so the problems connected in cyber warfare may be eliminated by countering the new technologies with other technologies. The technological limitations may be crossed through other technologies just for that analysis and development ought to be promoted and additionally ability of rising space is the need of the hour. Cyber-warfare may be a real and apparent threat to world security. If world leaders decide that a global written agreement on cyber-warfare may be a productive step for guaranteeing peace between nations, then they’ll have to be compelled to notice compromises on variety of key problems. The initial problems are those of enforceability, responsibility, privacy, and skill to tell apart between nation-states and criminals.
This could be achieved by making a cyber “license”. Very much like a license is required to drive; a cyber “license” can permit a personal access to the data. Those obeying web and Net laws are left alone, whereas people or organizations that interact in ill-gotten behaviours are corrected or punished more severely.[32] This idea aligns with the principles of the National Strategy for Trusted Identity in Cyberspace (NS-TIC). TNS-TIC may be a government-sponsored, non-public sector initiative that may give incentives for web users to buy a cyber “license” so as to access sure components of the net, like on-line bank accounts, social networking sites, and government[33]. This could greatly scale back cyber-crime and facilitate to tell apart nation-state activity from that of people, however can face a fierce political domestic dialogue in democratic countries. Efforts in cyber-defence technology ought to be accelerated Public-private partnerships on national cyber-security initiatives, combined with public cyber-security awareness campaigns will immensely improve national security against cyber-attacks. Non-public corporations ought to be needed to confirm software package assurance, preventing major weaknesses in merchandise that would be used against national interests. Whereas a global written agreement together with technical and regulative advances has the potential to limit cyber-warfare, this approach features a range of limitations that ought to be the topic of more analysis. the first concern is that the ability to force countries to stick to the written agreement. Within the 2007 cyber-attacks on Republic of Estonia, Russia was defendant of launching the attacks. European enforcement officers requested that Russia permit them to look for the supply of the attacks, citing a global law that Russia had sanctioned requiring that action. Russia refused and neither the supply nor the extent of state involvement of the attacks may well be evidenced. Robust international sanctions should be related to any written agreement to confirm compliance of major powers that will renegade on sure guarantees or commitments. [34]
Submitted by:
Apoorva sharma and Manisha Navlan
Sem 5th ,Institute of Law,Nirma University
[1] See generally, The Law of Armed Conflict: Constraints on the Contemporary Use of Military Force By Howard M. Hensel; The Law of Armed Conflict: International Humanitarian Law in War By Gary D. Solis; International law and armed conflict: exploring the faultlines: By Michael N. Schmitt, Jelena Pejic, Yoram Dinsṭein.; The conduct of hostilities under the law of international armed conflict By Yoram Dinstein; The contemporary law of armed conflict By Leslie Green; The law of war By Ingrid Detter
Delupis, 2nd edn CUP 2000
[2] ICRC has contributed with a recent customary IHL database published with the results of research on customary humanitarian law conducted in 2005, available at http://www.icrc.org/customary-ihl/.
[3] Convention for the Amelioration of the Condition of the Wounded and Sick in Armed Forces in the Field, Aug. 12, 1949 [GC I]; Convention for the Amelioration of the Condition of the Wounded, Sick and Shipwrecked Members of Armed Forces at Sea, Aug. 12, 1949 [GC II]; Geneva Convention Relative to the Treatment of Prisoners of War, Aug. 12, 1949 [GC III]; Geneva Convention Relative to the Protection of Civilian Persons in Time of War, Aug. 12, 1949 [GC IV].
[4] Protocol Additional to the Geneva Conventions of 12 August 1949, and Relating to the Protection of Victims of International Armed Conflicts, June 8, 1977 [AP I]; Protocol Additional to the Geneva Conventions of 12 August 1949, and Relating to the Protection of Victims of Non-International Armed Conflicts, June 8, 1977 [AP II].
[5] Protocol additional to the Geneva Conventions of 12 August 1949, and relating to the Adoption of an
Additional Distinctive Emblem, December 8 2005 [AP III].
[6] Legal Vacuum in Cyber Space, International Committee of the Red Cross, available at http://www.icrc.org/eng/resources/documents/interview/2011/cyber-warfare-interview-2011-08-16.htm, visited on 26 December 2012
[7]Codula droega, ,’’Elective affinities? Human rights and humanitarian law”, 30-09-2008 Article, International Review of the Red Cross, No. 871, published on 30-09-2008
[8] Anton canon, Anton’s weekly digest of International scholarship, Vol.3,Nos 21, published on 24 May 2012
[10] Article 61, International Humanitarian Law – Treaties & Documents,
Protocol Additional to the Geneva Conventions of 12 August 1949, and relating to the Protection of Victims of International Armed Conflicts (Protocol I), available at http://www.icrc.org/ihl.nsf/WebList?ReadForm&id=470&t=art, visited on 28th December 2012
[11] Jean- marie Henkaerts & Louise doswald-beck, principle of distinction, principle difference between civilian object and military object, section A, practice relating to Rule 7, Customary International Humanitarian Law, volume 1
[12] Article 48, Additional protocol I
[13] Also known as E-Stonia, as the Parliament has declared internet access to be a basic human right. 95% of
daily transactions are conducted online, with state services being offered such as eBusiness, eState,
ePolice, eBanking and even eVoting.
[14] For more on the so-called Bronze Soldier, and the tempestuous events that came to be known as the Bronze Night, see further e.g. A Sinisalu, ‘Propaganda, Information War and the Estonian-Russian Treaty Relations: Some Aspects of International Law’, 2008 XV Juridica International, 154-162, available at http://www.juridicainternational.eu/index.php?id=12741.
[15] http://www.defensenews.com/story.php?i=4699902
[16] SW Brenner, MD Goodman, ‘In Defense of Cyberterrorism: An Argument for Anticipating Cyber- Attacks, Journal of Law, Technology & Policy, Vol. 2002, Issue 1 (Spring 2002)’, pp. 1-58, at 14
[17] Protocol Additional to the Geneva Conventions of 12 August 1949, and relating to the Protection of
Victims of International Armed Conflicts (Protocol I), 8 June 1977.
[18] http://www.cabinetoffice.gov.uk/media/216620/css0906.pdf http://news.bbc.co.uk/2/hi/uk_news/politics/8118348.stm
http://news.bbc.co.uk/2/hi/uk_news/politics/8573152.stm
19 For developments in China, Russia and North Korea, see the examination by Shaap, 132
20Cordula droega, no legal vacuum in cyber space, ICRC, available at http://www.icrc.org/eng/resources/documents/interview/2011/cyber-warfare-interview-2011-08-16.htm, visited on 28 december 2012
[21] International legal literature has not addressed yet effectively the subject. See Shackelford nuclear 233. Dinstein in MN Schmitt, Computer Network Attack and the Use of Force in International Law :Thoughts on Normative Framework – [s.l.] : US Air Force Academy, 1999, at 103; Barkham supra note 18, at 97; Graham 92 and 95. also Todd, but dealing mainly with cyber espionage.
[22] Eg, Adkins 16 describes a ‘law enforcement diagnostic tool’, the ‘Carnivore’, used by the FBI to locate and identify hackers who ‘weave and loop’ through various computers in order to hide their actual location.
[23] For an analysis on territoriality and jurisdiction in cyberspace, see Van de Bogart
[24] ‘Former NSA Director: Countries Spewing Cyber attacks Should Be Held Responsible’, July 29, 2010, available at wired.com, an online periodical on technology issues, http://www.wired.com/threatlevel/2010/07/hayden-at-blackhat
[25] Responsibility of States for Internationally Wrongful Acts, Yearbook of the International Law Commission, 2001, vol. II (Part II), Reproduced in the annex to General Assembly Resolution 56/83 of 12 December 2001, and corrected by document A/56/49 (Vol. I)/Corr.4.
[26] Article 4.
[27] Article 7.
[28] Article 5.
[29] Article 8.
[30] Case Concerning Military and Paramilitary Activities in and against Nicaragua Case (Nicaragua v United States of America), 1984, ICJ Reports 392 June 27, 1986; Prosecutor v. Duško Tadić aka Dule, Sentencing Judgement, Case No. IT-94-1-T, ICTY, 14 July 2007; Case Concerning the Application of the Convention on the Prevention and Punishment of the Crime of Genocide (Bosnia and Herzegovina v. Serbia and Montenegro), ICJ General List No. 91, Judgment of February 26, 2007
[31] International Tribunal for the Prosecution of Persons Responsible for Serious Violations of International Humanitarian Law Committed in the Territory of the Former Yugoslavia since 1991
[32] Sharp Sr., “The Past, Present, and Future of Cybersecurity.”
[33] National Strategy for Trusted Identities in Cyberspace.” The White House. April 2011.
[34] Max Blumenthal, International humanitarian law for cyber warfare