135 research outputs found

    Nicole Perlroth (2021) This is How They Tell Me the World Ends: The Cyberweapons Arms Race. New York: Bloomsbury Publishing (Book review)

    No full text
    Samuli Haataja reviews This Is How They Tell Me the World Ends: The Cyberweapons Arms Race by Nicole Perlroth.Full Tex

    Cyber Attacks and International Law on the Use of Force The Turn to Information Ethics

    No full text
    Examining the thematic intersection of law, technology and violence, this book explores cyber attacks against states and current international law on the use of force. The theory of information ethics is used to critique the law’s conception of violence and to develop an informational approach as an alternative way to think about cyber attacks. Cyber attacks against states constitute a new form of violence in the information age, and international law on the use of force is limited in its capacity to regulate them. This book draws on Luciano Floridi’s theory of information ethics to critique the narrow conception of violence embodied in the law and to develop an alternative way to think about cyber attacks, violence, and the state. The author uses three case studies - the 2007 cyber attacks against Estonia, the Stuxnet incident involving Iran that was discovered in 2010, and the cyber attacks used as part of the Russian interference in the 2016 US presidential election - to demonstrate that an informational approach offers a means to reimagine the state as an entity and cyber attacks as a form of violence against it. This interdisciplinary approach will appeal to an international audience of scholars in international law, international relations, security studies, cyber security, and anyone interested in the issues surrounding emerging technologies.Full Tex

    Cyber operations against critical infrastructure under norms of responsible state behaviour and international law

    No full text
    Abstract There has been agreement at the United Nations level about a set of norms of responsible state behaviour in cyberspace, including norm (f) which prohibits cyber operations that cause intentional damage or impairment to critical infrastructure (CI). This article examines norm (f) in light of existing international law prohibiting malicious cyber operations against CI. It argues that norm (f) introduces complexity to the application of the law in this context that is counterproductive to developing clarity about the cyber operations against CI that are prohibited by international law. This is due to the subjectivity of the concept of CI, the contradictory legal status of norm (f), and due to existing uncertainties in how international law applies to state conduct in cyberspace which are compounded by norm (f). The article concludes that states need to develop more clarity about the relationship between international law and the norms of responsible state behaviour in cyberspace, and about how international law applies to cyber operations, particularly where CI is targeted.</jats:p

    Complicity in Unlawful Offensive Cyber Operations Under International Law on State Responsibility

    No full text
    States are increasingly engaging in cybersecurity cooperation activities and providing support to other states in offensive cyber operations. While international cooperation is generally encouraged and many cybersecurity cooperation activities are lawful, there is also a risk of being complicit in the internationally wrongful acts of other states. This paper examines the risk of complicity in offensive cyber operations under international law on aiding or assisting. It argues that, while international law in this context applies to cyber operations by states, existing uncertainties and limitations around the key components of the law on aiding or assisting are compounded by competing interpretations about how international law generally applies to state conduct in cyberspace. The paper consists of four sections. Following the introduction in section one, section two outlines some of the ways in which states are cooperating in relation to cybersecurity and offensive cyber operations. Section three examines the key elements of international law on aiding or assisting as contained within article 16 of the International Law Commission’s Articles on the Responsibility of States for Internationally Wrongful Acts, and the extent to which these apply or are problematised in relation cyber operations. It demonstrates that article 16 adopts a broad approach to what constitutes ‘aiding or assisting’ and this captures various types of activities in support of cyber operations provided the aid or assistance contributes significantly to a wrongful act of another state, the accomplice state has knowledge of the factual circumstances and the illegality of the act by the principal state, and where the accomplice state and principal state are bound by the same legal obligation. Section four concludes by outlining the limits of cooperation in the cyber context and how states can mitigate the risk of complicity in violations of international law.Full Tex

    Learning and Teaching International Law Mooting: Between Substance and Technique

    No full text
    Learning and teaching in law often oscillates between the substance of the law and the relevant techniques or skills required of lawyers in practice. The two are not mutually exclusive – for example, when drafting a contract, you need to have an understanding about the substance of contract law as well as the writing skills to draft the provisions in a particular way. But when learning and teaching law, striking an appropriate balance between substance and technique involves broader questions about the purpose of legal education. The Philip C. Jessup International Law Moot Court Competition (“Jessup”) is a unique course that necessitates students to excel in both substance and technique. At its core, Jessup requires a group of students to build a deep understanding of the relevant substantive areas of law, and present clear and logical arguments to panels of judges, legal practitioners, and academics that are often experts in those areas of law. As such, it requires students to finesse their legal research, writing, teamwork, problem solving, and oral advocacy skills. As an early career academic whose research and teaching is in public international law, I have been involved in coaching my institution’s Jessup team in the last two annual competitions. This has been to mixed results. The first year our team did well in the oral rounds and received a best memorial prize, however, the following year we placed last in the oral rounds and claimed no prizes. As I have learned through my involvement in the last two competitions, Jessup can be demanding and at times disappointing, but also hugely rewarding for both the students and the educators involved. In this editorial I intend to offer some reflections on the challenges of Jessup from the perspective of a novice coach.Full Tex

    Cyber Operations and Automatic Hack Backs Under International Law on Necessity

    No full text
    This article examines the use of automatic hack backs under international law on necessity. Hack backs are a form of active defence measure adopted in response to cybersecurity threats that involve effects outside the victim's systems or networks designed to mitigate or prevent the cybersecurity threat. Automatic hack backs are systems that, once activated, are capable of performing these functions without direct human control. The plea of necessity under international law on State responsibility provides a basis on which States can adopt measures that would otherwise be unlawful in order to respond to cyber operations that constitute a grave and imminent against their essential interests. This article argues that the use of automatic hack backs can be justified on the basis of necessity, however, the system would need to be capable of making a range of complex assessments to ensure it meets the strict criteria required by international law. The complexity of systems capable of making these assessments carries a risk unintended effects and escalation of conflict at machine speed.Full Tex

    Cyber Operations and Collective Countermeasures under International Law

    No full text
    This article examines international law on the use of countermeasures against peacetime cyber operations that fall below the armed attack threshold. It focuses on collective countermeasures - ie, measures taken by states which have not been affected by the cyber operation but which have been requested to assist by the state victim to these operations. While a general right for non-injured states to take countermeasures has not been recognised in international law, this article demonstrates that there is some support for this right in circumstances where the injured state requests assistance from a non-injured state. It argues that a limited right of collective countermeasures should be recognised in the cyber context. This is warranted as it expands the remedies available to states subject to cyber operations and offers a way for less technologically advanced states to obtain assistance when subject to malicious cyber operations from their adversaries.Full Tex

    Autonomous Cyber Capabilities and Attribution in the Law of State Responsibility

    No full text
    This chapter considers attribution in the law of State responsibility for conduct involving the use of autonomous cyber capabilities (ACCs). It consist of four sections. The first section provides an overview of ACCs and the concerns they raise when used by States in cyber operations. The second section outlines the general rules on State responsibility as detailed in the in the International Law Commission’s Articles on the Responsibility of States for Internationally Wrongful Acts, and in the Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations. Section three then examines the rules surrounding attribution and their application to conduct involving the use of ACCs, and the extent to which autonomy problematizes these rules. Finally, section four considers the application of these rules in a possible future scenario where States have given software entities a degree of legal personality, and it examines the extent to which this status can be used to avoid responsibility for the actions of ACCs. This chapter concludes that, while there are challenges to attributing cyber operations generally, the technical autonomy of ACCs ultimately does not change how the law applies and imposes obligations on the State and its human agents in their use of ACCs. Further, even where software agents were given a degree of legal personality, the link between these entities and the human beings responsible for their creation is sufficient to establish attribution under the law on State responsibility.No Full Tex

    Cyberspace and National Security

    No full text
    As more and more of our societal functions migrate online, the importance of the role that cyberspace, and more specifically cybersecurity, plays in the context of national security is constantly increasing. This trend is unlikely to be reversed. Indeed, it can be expected to continue, and new vulnerabilities are continuously created as new technologies, and technology-uses, evolve. Complicating matters further, as noted by Austin and Khaniejo, for example, there is a ‘blurring of boundaries between competition, crisis and war in cyberspace.’1 This must affect how Australia approaches the relationship between cyberspace and national security. For example, it points to the need for an ‘always on’ ‘whole-of-society’ approach.No Full Tex

    Volunteer Cyber Forces to Strengthen Australia’s Defence

    No full text
    In this Report, we seek to equip the Department of Defence with unique high quality research informing the development of Australia’s defence policy and strategy regarding (1) what roles could volunteer cyber forces fulfil for Australia, (2) how such volunteer cyber forces might be structured, (3) what are the risks involved in Australia establishing volunteer cyber forces, (4) what are the legal constraints and considerations involved, and (5) what can Australia learn from measures taken in this context by States leading the way in the adoption of volunteer cyber forces? Specifically, the Report draws upon the valuable experiences of Estonia, Finland, Sweden, Taiwan, Ukraine, and the United States.Full Tex
    corecore