U.S. cyberwar law

Harold Koh, U.S. State Department chief legal adviser, yesterday unveiled the government’s position on the rules of cyberwar. A series of 10 legal principles on cyberwar were presented, together with the general rule that international law does indeed “apply to activities in cyberspace.”

Cyber attacks could fully represent armed attacks and therefore be subjected to international humanitarian law and rules of war. Under international law, cyber attacks are only legal as a self defence measure or if authorised by the United Nations.

The U.S. now believe that certain cyber attacks may constitute a “use of force”. Under international law and as defined by the UN Charter, a cyber attack would have to “proximately result in death, injury or significant destruction” to constitute a “use of force”, Koh explained. Some cyber attacks can, "amount to an armed attack or imminent threat thereof,” and could cause a nation to retaliate either with conventional or cyber weapons for reasons of self defence, he added.

Koh also pointed out the need to, “distinguish military objectives from civilian objectives,” in order to avoid targeting civilian infrastructure.

Koh’s announcement comes at a time when the need for legal oversight of cyber weapons is at the top of the agenda for the U.S., which was recently alleged to have engaged in cyber warfare when the Stuxnet worm attacked Iran’s nuclear infrastructures.

Michael Schmitt, Head of the International Law Department at the Naval War College and drafter of the NATO Cooperative Cyber Defence Centre sponsored “Tallin Manual” on international law in cyberwar, also commented on the importance of such a statement: “It is significant that the legal adviser comes out and says unambiguously that international law applies,” he said.

http://www.securitydefenceagenda.org/Contentnavigation/Library/Libraryoverview/tabid/1299/articleType/ArticleView/articleId/3240/categoryId/64/US-cyberwar-law.aspx