Cyber Warfare: A Review of Theories, Law, Policies, Actual Incidents – and the Dilemma of Anonymity
AbstractIn this paper, the authors undertake a study of cyber warfare reviewing theories, law, policies, actual incidents - and the dilemma of anonymity. Starting with the United Kingdom perspective on cyber warfare, the authors then consider United States' views including the perspective of its military on the law of war and its general inapplicability to cyber conflict. Consideration is then given to the work of the United Nations' group of cyber security specialists and diplomats who as of July 2010 have agreed upon a set of recommendations to the United Nations Secretary General for negotiations on an international computer security treaty. An examination of the use of a nation's cybercrime law to prosecute violations that occur over the Internet indicates the inherent limits caused by the jurisdictional limits of domestic law to address cross-border cybercrime scenarios. Actual incidents from Estonia (2007), Georgia (2008), Republic of Korea (2009), Japan (2010), ongoing attacks on the United States as well as other incidents and reports on ongoing attacks are considered as well. Despite the increasing sophistication of such cyber attacks, it is evident that these attacks were met with a limited use of law and policy to combat them that can be only be characterised as a response posture defined by restraint. Recommendations are then examined for overcoming the attribution problem. The paper then considers when do cyber attacks rise to the level of an act of war by reference to the work of scholars such as Schmitt and Wingfield. Further evaluation of the special impact that non-state actors may have and some theories on how to deal with the problem of asymmetric players are considered. Discussion and possible solutions are offered. A conclusion is offered drawing some guidance from the writings of the Chinese philosopher Sun Tzu. Finally, an appendix providing a technical overview of the problem of attribution and the dilemma of anonymity in cyberspace is provided.
EJLT is an open access journal, aiming to disseminate academic work and perspectives as widely as possible to the benefit of the author and the author’s readers. It is the assumption of the EJLT that authors who publish in the journal wish their work to be available as freely and as widely as possible through the open access publishing channel.
Authors who publish with EJLT will retain copyright and moral rights in the underlying work but will grant all users the rights to copy, store and print for non-commercial use copies of their work. Commercial mirroring may also be carried out with the consent of the journal. The work must remain as published – without redaction or editing – and must clearly state the identity of the author and the originating EJLT url of the article. Any commercial use of the author’s work - apart from mirroring - requires the permission of the author and any aspects of the article which are the property of EJLT (e.g. typographical format) requires permission from EJLT.
Authors can sometimes become no longer contactable (through, for example, death or retirement). If this occurs, any rights in the work will pass to the European Journal of Law and Technology which will continue to make the work available in as wide a manner as possible to achieve the aims of open access and ensuring that an author's work continues to be available. An author - or their estate - can recover these rights from EJLT by providing contact information.
The European Journal of Law and Technology holds rights in format, publication and dissemination.
EJLT, as a non-commercial organisation - which receives donations to allow it to continue publishing – must retain information on reader access to journal articles. This means that we will not give permission to mirror the journal unless we can be provided with full details as to reader access to each and every journal article. We prefer and encourage deep linking rather than mirroring. Encouragement is thus given for all users – commercial and non-commercial – to provide indexes and links to articles in the EJLT where the index or link points to the location of the article on the EJLT server, rather than to stored copies on other servers.
Please contact the European Journal of Law and Technology if you are in any doubt as to what this statement of use covers.