SlideShare a Scribd company logo

Ames -- Memo (Cyber)

Download as DOCX, PDF
K
Kyle Ames
1 of 10
Ames, 1 Memorandum TO: Mr. Michael Zehner FROM: C1C Kyle Ames DATE: June 2010 RE: “Direct Participation in Hostilities” in Cyberspace Questions Presented What is the legal status of an individual conducting cyber operations? Can cyber operations fall under the “use of force” definition of Article 2(4) of the UN Charter and directly contribute in an armed conflict? Discussion With the creation of the Air Force’s cyber division under Air Force Space Command (AFSPC) and the appointment of General Keith Alexander as its director,1 the United States must adopt a policy, under International Humanitarian Law, before cyber warfare creates precedents ahead of policy. As a result, military leaders and policy makers must determine the thresholds that guide cyber warriors during cyber operations to eliminate violations of jus ad bellum and jus in bello under the UN Charter and international treaties. This memorandum will discuss possible implications of cyber attacks under the Law of War and how the international community should regulate the future of cyber warfare. DoD defines cyberspace as the “global domain within the information environment consisting of the interdependent network of information technology infrastructures, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers.”2 The Air Force recently converted their cyber operations into a numbered Air Force to defend the United States military from cyber attacks. Dr. Lani Kass of the Air Force Cyberspace Task Force stated, “[c]yberspace is neither a mission nor an operation…It is a strategic, operational and tactical warfighting domain…”3 So do attacks within cyberspace directly harm another entity and link a cyber operator to direct participation in hostilities? Cyber attacks have already entered the international scene with Russian attacks on Estonia’s computer networks.4 Estonia established the Cooperative Cyber Defence Centre of Excellence after a number of government websites, Estonian banks and media websites were brought down by a massive flood of artificial traffic, which infiltrated the system, bringing down a number of websites over the course of a few weeks. This new form of “attack” could implicate other nations, as Estonia is a member to NATO. Do NATO members have the obligation to invoke Article 55 of the NATO Charter, which establishes that an attack on a member is an attack on all NATO countries, and warrants a reciprocal attack on an unknown cyber entity? 1 Beaumont, Peter. (2010, May 23). US appoints first cyber warfare general. Retrieved from guardian.co.uk: http://www.guardian.co.uk/world/2010/may/23/us-appoints-cyber-warfare-general. 2 England, Gordon. (2008). The Definition of Cyberspace. 3 Solce, Natasha.(2008). The Battlefield of Cyberspace: The Inevitable New Military branch –The Cyber Force. Albany Law Journal of Science & Technology. 4Marwaha, A. (2009, June 24). What rules apply in cyber-wars? Retrieved from BBC: http://news.bbc.co.uk/2/hi/technology/811444.htm. 5 The North Atlantic Treaty. Washington,DC. 4 April 1949. Article 5.
Ames, 2 I. The “Use of Force” under the United Nations The principles governing the interaction of states consists of law dealing with threats during peacetime, law leading up to a conflict and the use of force (jus ad bellum), and law during a conflict consisting of armed attacks (jus in bello). Jus ad bellum should be applied to cyber operations because nation states and anonymous non-state actors have the ability to launch “attacks” against their targets. The unprecedented attacks of the technical domain do not fit the mold of post-WWII doctrine, and they challenge decision-makers to implement core legal principles that can be adapted to the modernization of warfare. The UN states its purpose in Article 1 of the Charter as “[t]o maintain international peace and security and to that end: to take effective collective measures for the prevention and removal of threats to the peace, and breaches of peace…”6 The UN serves as a preventative body to conflicts. Appropriately, under Article 2 of the treaty, “[a]ll members shall refrain in their international relations from the threat or use of force against the territorial integrity or political independence of any state.”7 Nowhere in the text do the Framers explain what the “use of force” represents. The use of force, as the text reads, is only permitted under two conditions: if the Security Council recommends the use of armed forces or in self-defense “if an armed attack occurs.”8 A. Use of Force in the Context of Treaties To better understand what the “use of force” clause means, the Vienna Convention on the Law of Treaties (VCLT) contends that “[a] treaty shall be interpreted in good faith in accordance with the ordinary meaning to be given to the terms of the treaty in their context in light of its object and scope.”9 Contextually, the UN ratified its charter near the resolution of World War II, which was a time of growing military technology and the beginning of the nuclear age. No alternatives to tangible munitions existed, and the presence of a heavy kinetic force influenced the UN’s policy. As to the object and purpose of the Charter, the preamble includes the prohibition that “armed force shall not be used.”10 The preamble reveals the Charter’s purpose and defines, contextually, the “use of force” to mean an armed attack. The Framers of the Charter emphasized the prevention of military coercion exclusively. Brazilian delegates at the San Francisco Conference submitted changes to the Dumbarton Oaks (original draft of the Charter) proposal that would extend Article 2(4)’s use of force to economic coercion.11 The analysis of the Charter’s text leads to the interpretation excluding economic coercion. To that end, the travaux and text preserve the meaning of the use of force to presume an armed attack and reject the notion of any coercion not under the direction of a state’s military. II. Direct Participation in Hostilities 6 Charter of the United Nations. San Francisco. June 26, 1945. Article 1(1). 7 Id at Article 2(4). 8 Id at Article 39; Article 51 respectively. 9 Vienna Convention on the Law of Treaties. United Nations. May 23, 1969. Article 31(1). 10 Supra note 8. Preamble to the Charter of the United Nations. 11 Schmitt, Michael N. (1999). Computer Network Attack and the Use of Force in International Law: Thoughts on Normative Framework. Columbia Journal of Transnational Law.
Ames, 3 The Geneva Convention treaties outline the law of armed conflict, termed jus in bello, which govern the “direct participation in hostilities.” Additional Protocol I to the Geneva Conventions defines a combatant as members of the armed forces who “have the right to participate directly in hostilities.”12 In order to determine the combative status of cyber operators, cyber acts must fit within the international community’s definition of aggression. The International Court of Justice (“ICJ”) to the United Nations creates a distinction in Nicaragua v. U.S. between the “use of force” under Article 2(4) of the Charter and an armed attack which urges the right to self defense under Article 51.13 In this case, the ICJ found that the United States government violated international law when it supported Contra guerrillas in a rebellion against the Nicaraguan government and by mining Nicaragua’s harbors. The Court determined that the arming and training of rebels was not an “armed attack,” but constituted as the use of force. Important to both sides with regard to the exercise of self-defense, the Court defined an armed attack to mean, “the sending by a State of armed bands on to the territory of another State, if such an operation, because of its scale and effects, would have been classified as an armed attack had it been carried out by regular armed forces.”14 Under this definition, five factors constitute an armed attack: (1) an attack (2) within the target nation’s borders, (3) by an armed force that (4) causes legitimate damages (5) for military advantage. When evaluating a cyber attack, usually the attack is from outside the target nation’s border and the attacker’s status is unknown. However, effects of a cyber attack can cause legitimate damage that will be evaluated later. In UN Resolution 3314 (XXIX) the General Assembly (“GA”) of the UN defines aggression as “the use of armed force by a State against the sovereignty, territorial integrity or political independence of another State, or in any manner inconsistent with the Charter of the United Nations.”15 This suggests that only acts, which result from an armed attack, or the use of physical, kinetic weapons by an armed force, would constitute an act of aggression. The resolution further lists potential acts of aggression as invasion of territory, bombardment, and blockade of ports.16 Each act listed precedes the phrase “by the armed forces.” This leaves out any consideration of individual attacks on a state and excludes the possibility of aggression caused as a result of cyber operations. The Framers of the UN Charter and the General Assembly at large sought to prohibit coercion by an armed force. This idea focuses on the means of attack rather than the actual result of an act of coercion. The International Committee of the Red Cross (ICRC) delineates direct participation in hostilities to mean when an individual carries out acts “which aim to support one party to the conflict by directly causing harm to another party, either directly inflicting death, injury or destruction, or by directly harming the enemy’s military operations or capacity.”17 Each member party to the Geneva Convention gives the ICRC a mandate “to protect the victims of international and internal armed conflicts.”18 The ICRC emphasizes the result of an action in 12 Protocol Additional (I) to the Geneva Conventions.Article 43(2). (June 8, 1949). 13 Military and Paramilitary Activities (Nicaragua. v. U.S.), 1986 I.C.J. 14, 118-19, para. 228 (June 27). The Court “does not consider that military maneuvers held by the United States near the Nicaraguan borders,or the supply of funds to the contras amounts to a use of force.” A “use of force” need not be armed. 14 Id. 15 United Nations General Assembly Resolution, 3314 (XXIX) (1974). 16 Id at Article 3. 17 International Committee of the Red Cross. Interpretive Guidance on the Notion of Direct Participation in Hostilities. May 2009. 18 "Discover the ICRC". 2007. http://www.icrc.org/Web/eng/siteeng0.nsf/html/p0790. Retrieved 2010-05-24. p.6.
Ames, 4 support of an armed conflict rather than the method used under the UN Charter’s definition when describing what it means to directly participate in hostilities. The guidance continues to list examples of acts that fall under this definition which include computer network attacks. III. “Harm” and the “Use of Force” There are three distinct schools of thought of how treaty law should be applied to cyber operations: A. Damage Inflicted The first school of thought concerning the use of force as outlined by the UN Charter stems from the ICRC’s explanation of direct participation and the UN’s purpose to ensure universal peace: The use of force as prohibited under article 2(4) of the Charter seeks to keep incidents below a certain threshold of violence and keep them from escalating into all out wars.19 This notion focuses on the damage done to a state rather than the mode of destruction. For instance, to take away an enemy’s train transportation, it is no longer necessary to bombard the track or the train cars using munitions. Instead, the computer network that controls the system can be attacked in order to produce the same effect. Cyber operations have an arsenal of cyber weapons, which have the potential to produce similar impacts to that of kinetic weapons. Cyber operations use various forms of attacks to disable the enemy. Denial of service (DoS) attacks completely interrupt a system by using a single computer or network of computers by flooding a computer system and rendering it completely useless. Malicious programs such as worms, Trojan horses, and viruses spread throughout computer network, which disrupt communication and ultimately give control of a network to the enemy.20 These methods could cause destruction on a state’s system of control: communication systems, electric power supply, transport systems, and other vital infrastructure. With damages to any of these areas of infrastructure, and an overall impact in an armed conflict, the means are not important. If cyber operations cannot be distinguished from kinetic attacks as far as their impacts, without physical presence on a battlefield, cyber operators directly participate in hostilities. B. Means of Destruction The second school of thought stems from the Framers who wrote the Charter. An armed attack constitutes the use of force, and “the means of destruction is the object of the policy.”21 This thought works under the presumption that political and economic coercion could never rise to the level of violence without the aid of an armed force or military intervention. At the time, military intervention consisted of destruction by thousand-pound bombs and various forms of kinetic weapons. The idea of destruction indirectly caused by computer network attacks is a new concept that should be considered when evaluating the true intentions of the Framers when they deliberated the definition of the use of force. 19 Wingfield, Thomas C. (2006). When is a Cyber Attack an “Armed Attack?” The Potomac Institute for Policy Studies. 20 Schapp, Arie J. (2009). Cyber Warfare Operations: Development and the Use Under International Law. The Air Force Law Review. 21 Id. at pg. 6.
Ames, 5 C. Schmitt Analaysis The final interpretation of the use of force urges a case-by-case analysis that considers both the qualitative and quantitative aspects of an operation.22 This analysis would create universal thresholds that would determine whether an operation uses force. These factors would include: severity, immediacy, directness, invasiveness, measurability, presumptive legitimacy:23 Factors Explained:24  Severity: If people are killed or there is extensive property damage, the action is probably military; the less damage, the less likely the action is a “use of force.”  Immediacy: When the effects are seen within seconds to minutes—such as when a bomb explodes—the operation is probably military; if the effects take weeks or months to appear, it is more likely diplomatic or economic.  Directness: If the action taken is the sole cause of the result, it is more likely to be viewed as a use of force; as the link between cause and effect attenuates, so does the military nature of the act.  Invasiveness: A violated border is still an indicator of military operations; actions that are mounted from outside a target nation’s borders are probably more diplomatic or economic.  Measurability: If the effect can be quantified immediately—such as photographing a “smoking hole” where the target used to be—the operation has a strong military characteristic; the more subjective the process of evaluating the damage, the more diplomatic or economic.  Presumptive Legitimacy: State actors have a monopoly on the legitimate use of kinetic force, while other non-kinetic actions—attacks through or in cyberspace— often are permissible in a wider set of circumstances; actions that have not been the sole province of nation-states are less likely to be viewed as military  Responsibility: If a state takes visible responsibility for any destructive act, it is more likely to be categorized as a traditional military operation; ambiguous responsibility militates for a non-military label. With a holistic approach, these factors would put an action above or below the “use of force” threshold with regard to a cyber, kinetic or hybrid operation. i. Kinetic Attack In order to understand this analysis, it should be applied to both a kinetic attack and cyber attack to distinguish a difference. The kinetic scenario will involve a group of terrorists within the borders of the United States, releasing sarin gas inside a New York subway train during rush hour: 22 Id at pg .6. 23 Supra note 13. 24 Id.
Ames, 6  Severity: There was no physical destruction to the subway, but 1,000 civilians were injured and 20 were killed.  Immediacy: The consequences from the chemical gas attack were seen within minutes of the release of the chemical.  Directness: The impacts of the actions were produced directly from the chemicals released by the terrorists.  Invasiveness: The terrorists mounted the attack from within the U.S.’ borders.  Measurability: The dead and injured can be counted and the monetary costs of both the physical damages and injuries can be assigned.  Presumptive Legitimacy: The chemical attack is illegal for all nation states; there is no presumptive legitimacy.  Responsibility: The United States will eventually figure out which organization was responsible for the action; the actors made no claim of national responsibility. In order to compare these results to a cyber attack, the analysis can produce quantitative results. When evaluating a scenario, the analyst may assign numbers from one to ten to each of the criteria (ten being the most forceful). These numbers come solely from the hypothetical descriptions for each factor above: Severity – 8; Immediacy – 8; Directness – 9; Invasiveness – 9; Measurability – 8; Presumptive Legitimacy – 6; Responsibility – 5. (Average – 7.7). ii. Cyber attack To complete the analysis, these same factors will be applied to a cyber attack in order to determine the level of force a cyber operation can produce. The scenario involves terrorists using a malicious code to strike the automatic train protection system of the subway. The attack was from outside the U.S. by using a DoS attack on computers used by the subway operators.  Severity: The disabling of the protection system caused two trains to collide head on. There was extensive physical destruction to the subway, and 300 civilians were injured and 50 there were killed. Many people experienced psychological effects. The damage of the trains amounted to long-term loss of the subway system.  Immediacy: The consequences of the attack resulted within 2 minutes of the computer system disruption; the crashes themselves were nearly instantaneous.  Directness: The impacts of the actions were produced directly from the terrorists’ attacks on the computer system.  Invasiveness: The terrorists mounted the attack inside the U.S. from an unknown area, but it could have been launched from anywhere in the world.  Measurability: The monetary damages can be assessed and the amount of casualties is known.  Presumptive Legitimacy: As with the first attack, no one can legally launch this kind of attack against civilians; there is no presumptive legitimacy.  Responsibility: There was no claim of national responsibility; all that is estimated is that the attack was from another party because the train collision would not occur unless a negligent party acted.
Ames, 7 Again, these factors will be quantitatively assessed to determine the differences of kinetic attacks and a cyber attack: Severity – 9; Immediacy – 9; Directness – 9; Invasiveness – 5; Measurability – 8; Presumptive Legitimacy – 5; Responsibility – 5. (Average – 7.1). The figures in these scenarios are conjectures. The cyber attack scenario produced a lower level of force; however, aside from the invasiveness of the attack, the results are indistinguishable from one method to the other. This analysis proves that under a case-by-case analysis, cyber attacks could produce similar levels of force as kinetic attacks. IV. Law of War The Law of War, also known as the Law of Armed Conflict, provides guiding principles for any military attack to predict whether a target is lawful. These same principles can be applied to a cyber attack without changing the purpose of the language: A. Principles of LOAC i. Military Necessity: This principle justifies those measures which are indispensible for attaining the complete submission of the enemy. Additional Protocol I provides that a military attack is lawful only against “those objects which by their nature, location, purpose or use make an effective contribution to military action and whose total or partial destruction, capture, or neutralization, in the circumstances ruling at the time, offers a definite military advantage.”25 ii. Distinction: Parties to an armed conflict must distinguish between the civilian population and combatants, and between the civilian objects and military objectives. Protocol I provides that “[t]he civilian population and individual civilians shall enjoy protection against dangers arising from military operations…The civilian population as well as individual citizens, shall not be the object of attack.”26 iii. Proportionality This principle prohibits the use of force that exceeds that needed to complete the military objective. The ultimate question is whether the collateral damage is excessive in relation to the military advantage gained. This does not mean that collateral damage equates to a violation of international law, but collateral damage must be proportional to the military advantage. Protocol I prohibits “an attack which may be expected to cause incidental loss of civilian life, injury to civilians, damage to civilian objects, or a combination thereof, which would be excessive in relation to the concrete and direct military advantage anticipated.”27 iv. Humanity 25 Supra note 11. Article 52(2). 26 Id Article 51(1)(2). 27 Id Article 51(5)(b).
Ames, 8 Hague Convention IV, Article 22, provides that “the rights of belligerents to adopt means of injuring the enemy is not unlimited.” 28 It also specifically prohibits the employment “of arms, projectiles, or materials calculated to cause unnecessary suffering.”29 v. Chivalry Perfidy involves injuring the enemy by using his adherence to the law of war against him. Protocol I states that “it is prohibited to kill, injure or capture an adversary by resort to perifidy” and “acts inviting the confidence of an adversary to lead him to believe that he is entitled to, or obliged to, or is obligated to accord, protection under the rules of international law applicable in armed conflict, with intent to betray that confidence, shall constitute perfidy.30 B. Application to cyber operations Cyber operations have the capability of being more effective during an armed conflict; some benefits include less physical destruction, less costs than traditional warfare, and the ability to still achieve the same results with less risk to military personnel.31 In order to determine the legality of cyber operations, the principles should be applied. A hypothetical cyber attack can show potential adherence to LOAC principles. The scenario involves the disruption or hacking of the electronic maintenance manuals of an adversary’s aircraft. Targeting a military aircraft satisfies the requirement of military necessity. Because it is a military object flying above land, the civilian population is out of reach, and no civilian objects, aside from civilian aircraft, interfere with the target. Potential problems that fall under the distinction principle are seen in computer network attacks. A cyber attack which attacks a military network using viruses, could potentially spread to civilian networks because of the indiscriminate effects of viruses. At the same time, taking out an enemy’s communication system, which could be linked to the civilian network, completes a military objective while creating an inconvenience for the civilian population and does not violate LOAC. However, the biggest issue with this attack falls under the proportionality principle. If the attack occurs during flight over civilian population, then the aircraft’s collateral damage could exceed the military advantage gained by terminating an aircraft and possibly its pilot. Article 57 to Protocol I, provides “when a choice is possible between several military objectives for obtaining similar military advantage, the objective to be selected shall be the attack on which may be expected to cause the least danger to civilian lives and to civilian objects.”32 Cyber attacks do not change the proportionality analysis as collateral damage results from every method of attack. Cyber operations could limit the amount of physical damage during an attack. For example, an enemy’s Air Defense System (“ADS”) that is placed among civilians could be disabled through means that do not involve bombardment and the use of munitions. This minimizes the amount of collateral damage using cyber methods. 28 Convention Respecting the Laws and Customs of War on Land and its Annex: Regulation Concerning the Laws and Customs of War on Land. The Hague, 18 October 1907. Article 22. 29 Id Article 23(e). 30 Supra note 26. Article 37(1). 31 Supra note 19. Pg. 13. 32 Supra note 19. Article 57.
Ames, 9 When executed within the scope of the proportionality principle, cyber attacks should never produce unnecessary suffering. For this to happen, the object of attack would have to violate other principles such as infiltrating a biochemical plant’s network and, through a computer malfunction, releasing illegal toxins. The enemy’s computer system receives the direct attack while indirect results should never escalate to inhumane attacks as seen in some modern munitions. If used properly, no projectiles or illegal materials will be employed as a result of cyber attacks. Perfidious acts may include a cyber operator using emails or websites that appear to be safe and protected to the enemy in order to release a malicious virus. In this scenario neither the principles of chivalry or humanity would be violated. Conclusion The UN Charter, which covers the domain of jus ad bellum, establishes three thresholds that are applicable to cyberspace regarding its legal implications before or during a conflict. Article 39 outlines the first threshold or level of aggression as a “threat to the peace, breach of the peace, or act of aggression.”33 The Security Council has the sole authority to identify such an act compliant in nature; however the anonymity and covert nature of cyber attacks nearly eliminates the likelihood of a cyber attack being identified at all, let alone being distinguished as a threat to the peace. The second threshold exists under Article 2(4) as the “use of force.” The Charter remains incoherent as far as the meaning of “force;” however, this force can be broken down into quantifiable factors that produce a more reliable determination of cyber attacks concerning an action’s contribution of direct harm. The Schmitt analysis reveals an approach that can be applied to attacks or threats under all components disregarding the dated policy, which links exclusively military actions to actions using force. Finally, the third threshold is that found under Article 51 as “armed attacks.” A state may act in lawful self-defense if they can prove: “necessity (exhausting all reasonable peaceful alternatives before resorting to force), proportionality (using only that amount of force required to end the immediate threat), and imminency (acting only when the aggressor has irrevocably committed itself to attack).”34 Concerning the attacks on Estonia, in order to lawfully retaliate, the state needed to be victim of an armed attack. An attack during an armed conflict “means acts of violence against the adversary, whether in offense or in defense” according to the Geneva Conventions.35 Compliant with this requirement, the meaning of attack does not focus on the means of violence but rather the result. As a result the qualitative and quantitative analysis applied to determine the identity of force can be applied to determine whether an attack has occurred. Cyber attacks can produce effects on a nation state analogous to effects produced by kinetic means. When looking solely at the destruction caused by cyber attacks, quantifiable analyses can determine its status as a “use of force” under the UN Charter. This opposes the object and scope of the Charter as the Framers installed alternate measures to prevent conflict. Concerning unconventional warfare within the cyber domain, changes should be made to policies that model the ICRC’s inclusion of computer network attacks under their definition of 33 Supra note 6. 34 Supra note 16 at pg. 6. 35 Supra note 11. Article 49(1).
Ames, 10 “direct participation in hostilities.” The definitions of the “use of force” and armed attacks should be inclusive of cyber attacks, which are under the direction of a military. The qualitative and quantitative assessment used to determine the legal status of cyber attacks will lay the groundwork for cyber intervention and help officials make policy for future cyber attacks. With these potential acts of force, the cyber warrior may participate directly in hostilities and could be considered a combatant. KYLE B. AMES, C1C USAF

Recommended

Ellen Amicus Piece
Ellen Amicus PieceEllen Amicus Piece
Ellen Amicus PieceEllen Tims
 
YR3_Paper_Legality of the use of force in Lybia under International Law
YR3_Paper_Legality of the use of force in Lybia under International LawYR3_Paper_Legality of the use of force in Lybia under International Law
YR3_Paper_Legality of the use of force in Lybia under International LawMatthew Chijioke Oliobi, LL.M EU GDPR (P)
 
International law and_the_use_of_force
International law and_the_use_of_forceInternational law and_the_use_of_force
International law and_the_use_of_forceStudsPlanet.com
 
2) international law and the use of force by states
2) international law and the use of force by states2) international law and the use of force by states
2) international law and the use of force by statesilyana iskandar
 
1.full
1.full1.full
1.fullMario Vitores
 
Legal regulation on the use of force
Legal regulation on the use of forceLegal regulation on the use of force
Legal regulation on the use of forceFAROUQ
 
International law and_the_use_of_force
International law and_the_use_of_forceInternational law and_the_use_of_force
International law and_the_use_of_forceStudsPlanet.com
 
Take home test il
Take home test ilTake home test il
Take home test ilFAROUQ
 

Recommended

Ellen Amicus Piece
Ellen Amicus PieceEllen Amicus Piece
Ellen Amicus PieceEllen Tims
 
YR3_Paper_Legality of the use of force in Lybia under International Law
YR3_Paper_Legality of the use of force in Lybia under International LawYR3_Paper_Legality of the use of force in Lybia under International Law
YR3_Paper_Legality of the use of force in Lybia under International LawMatthew Chijioke Oliobi, LL.M EU GDPR (P)
 
International law and_the_use_of_force
International law and_the_use_of_forceInternational law and_the_use_of_force
International law and_the_use_of_forceStudsPlanet.com
 
2) international law and the use of force by states
2) international law and the use of force by states2) international law and the use of force by states
2) international law and the use of force by statesilyana iskandar
 
1.full
1.full1.full
1.fullMario Vitores
 
Legal regulation on the use of force
Legal regulation on the use of forceLegal regulation on the use of force
Legal regulation on the use of forceFAROUQ
 
International law and_the_use_of_force
International law and_the_use_of_forceInternational law and_the_use_of_force
International law and_the_use_of_forceStudsPlanet.com
 
Take home test il
Take home test ilTake home test il
Take home test ilFAROUQ
 
Lwn158 seminar 6 2016
Lwn158 seminar 6 2016Lwn158 seminar 6 2016
Lwn158 seminar 6 2016hollyranae
 
NATO Intervention in Libya: Does Law Matters?
NATO Intervention in Libya: Does Law Matters?NATO Intervention in Libya: Does Law Matters?
NATO Intervention in Libya: Does Law Matters?Emmanuel Edward
 
Crimes Against Humanity
Crimes Against HumanityCrimes Against Humanity
Crimes Against HumanityFAROUQ
 
36 Rutgers L. Rec. 164
36 Rutgers L. Rec. 16436 Rutgers L. Rec. 164
36 Rutgers L. Rec. 164Politicaltheatrics
 
Self defence & Cyber Terrorism
Self defence & Cyber Terrorism Self defence & Cyber Terrorism
Self defence & Cyber Terrorism Pranav Gupta
 
Law of War
Law of WarLaw of War
Law of WarShaheera Hassan
 
International Humanitarian Law Lecture 11 - International Armed Conflict
International Humanitarian Law Lecture 11 - International Armed ConflictInternational Humanitarian Law Lecture 11 - International Armed Conflict
International Humanitarian Law Lecture 11 - International Armed ConflictNilendra Kumar
 
Lwn158 seminar 10
Lwn158 seminar 10 Lwn158 seminar 10
Lwn158 seminar 10 hollyranae
 
International Humanitarian Law, (Lecture 15)- Distinction between internation...
International Humanitarian Law, (Lecture 15)- Distinction between internation...International Humanitarian Law, (Lecture 15)- Distinction between internation...
International Humanitarian Law, (Lecture 15)- Distinction between internation...Nilendra Kumar
 
International Law-2
International Law-2International Law-2
International Law-2Erum Khatoon
 
Presentation 1 pil 2
Presentation 1 pil 2Presentation 1 pil 2
Presentation 1 pil 2Esther Akafia
 
International humanitarian law
International humanitarian lawInternational humanitarian law
International humanitarian lawAnjanileelarathna
 
International Humanitarian Law and Terrorism
International Humanitarian Law and TerrorismInternational Humanitarian Law and Terrorism
International Humanitarian Law and TerrorismKardoman Tumangger
 
International Humanitarian Law Lecture 13 - Some Contemporary Challenges in IHL
International Humanitarian Law Lecture 13 - Some Contemporary Challenges in IHLInternational Humanitarian Law Lecture 13 - Some Contemporary Challenges in IHL
International Humanitarian Law Lecture 13 - Some Contemporary Challenges in IHLNilendra Kumar
 
MIHA Module 2 Assignment
MIHA Module 2 AssignmentMIHA Module 2 Assignment
MIHA Module 2 AssignmentLawnsome Etum Akezi
 
International Humanitarian Law Debate Championship 2016
International Humanitarian Law Debate Championship 2016International Humanitarian Law Debate Championship 2016
International Humanitarian Law Debate Championship 2016Terence Aaron
 
Reparation for torture in International Law
Reparation for torture in International LawReparation for torture in International Law
Reparation for torture in International LawFAROUQ
 
International criminal-law
International criminal-lawInternational criminal-law
International criminal-lawMainan Ray
 
Republic act no. 9851 official gazette of the republic of the philippines
Republic act no. 9851 official gazette of the republic of the philippinesRepublic act no. 9851 official gazette of the republic of the philippines
Republic act no. 9851 official gazette of the republic of the philippinesgemrodflorano
 
Laws of war intro slideshow
Laws of war intro slideshowLaws of war intro slideshow
Laws of war intro slideshowmkp28
 
Boys' brigade (health) kenny, solomon, edison and lionel
Boys' brigade (health) kenny, solomon, edison and lionelBoys' brigade (health) kenny, solomon, edison and lionel
Boys' brigade (health) kenny, solomon, edison and lionelDing Solomon
 
Boys' brigade (health) kenny, solomon, edison and lionel
Boys' brigade (health) kenny, solomon, edison and lionelBoys' brigade (health) kenny, solomon, edison and lionel
Boys' brigade (health) kenny, solomon, edison and lionelDing Solomon
 

More Related Content

What's hot

Lwn158 seminar 6 2016
Lwn158 seminar 6 2016Lwn158 seminar 6 2016
Lwn158 seminar 6 2016hollyranae
 
NATO Intervention in Libya: Does Law Matters?
NATO Intervention in Libya: Does Law Matters?NATO Intervention in Libya: Does Law Matters?
NATO Intervention in Libya: Does Law Matters?Emmanuel Edward
 
Crimes Against Humanity
Crimes Against HumanityCrimes Against Humanity
Crimes Against HumanityFAROUQ
 
Self defence & Cyber Terrorism
Self defence & Cyber Terrorism Self defence & Cyber Terrorism
Self defence & Cyber Terrorism Pranav Gupta
 
International Humanitarian Law Lecture 11 - International Armed Conflict
International Humanitarian Law Lecture 11 - International Armed ConflictInternational Humanitarian Law Lecture 11 - International Armed Conflict
International Humanitarian Law Lecture 11 - International Armed ConflictNilendra Kumar
 
Lwn158 seminar 10
Lwn158 seminar 10 Lwn158 seminar 10
Lwn158 seminar 10 hollyranae
 
International Humanitarian Law, (Lecture 15)- Distinction between internation...
International Humanitarian Law, (Lecture 15)- Distinction between internation...International Humanitarian Law, (Lecture 15)- Distinction between internation...
International Humanitarian Law, (Lecture 15)- Distinction between internation...Nilendra Kumar
 
International Law-2
International Law-2International Law-2
International Law-2Erum Khatoon
 
Presentation 1 pil 2
Presentation 1 pil 2Presentation 1 pil 2
Presentation 1 pil 2Esther Akafia
 
International humanitarian law
International humanitarian lawInternational humanitarian law
International humanitarian lawAnjanileelarathna
 
International Humanitarian Law and Terrorism
International Humanitarian Law and TerrorismInternational Humanitarian Law and Terrorism
International Humanitarian Law and TerrorismKardoman Tumangger
 
International Humanitarian Law Lecture 13 - Some Contemporary Challenges in IHL
International Humanitarian Law Lecture 13 - Some Contemporary Challenges in IHLInternational Humanitarian Law Lecture 13 - Some Contemporary Challenges in IHL
International Humanitarian Law Lecture 13 - Some Contemporary Challenges in IHLNilendra Kumar
 
International Humanitarian Law Debate Championship 2016
International Humanitarian Law Debate Championship 2016International Humanitarian Law Debate Championship 2016
International Humanitarian Law Debate Championship 2016Terence Aaron
 
Reparation for torture in International Law
Reparation for torture in International LawReparation for torture in International Law
Reparation for torture in International LawFAROUQ
 
International criminal-law
International criminal-lawInternational criminal-law
International criminal-lawMainan Ray
 
Republic act no. 9851 official gazette of the republic of the philippines
Republic act no. 9851 official gazette of the republic of the philippinesRepublic act no. 9851 official gazette of the republic of the philippines
Republic act no. 9851 official gazette of the republic of the philippinesgemrodflorano
 
Laws of war intro slideshow
Laws of war intro slideshowLaws of war intro slideshow
Laws of war intro slideshowmkp28
 

What's hot (20)

Lwn158 seminar 6 2016
Lwn158 seminar 6 2016Lwn158 seminar 6 2016
Lwn158 seminar 6 2016
 
NATO Intervention in Libya: Does Law Matters?
NATO Intervention in Libya: Does Law Matters?NATO Intervention in Libya: Does Law Matters?
NATO Intervention in Libya: Does Law Matters?
 
Crimes Against Humanity
Crimes Against HumanityCrimes Against Humanity
Crimes Against Humanity
 
36 Rutgers L. Rec. 164
36 Rutgers L. Rec. 16436 Rutgers L. Rec. 164
36 Rutgers L. Rec. 164
 
Self defence & Cyber Terrorism
Self defence & Cyber Terrorism Self defence & Cyber Terrorism
Self defence & Cyber Terrorism
 
Law of War
Law of WarLaw of War
Law of War
 
International Humanitarian Law Lecture 11 - International Armed Conflict
International Humanitarian Law Lecture 11 - International Armed ConflictInternational Humanitarian Law Lecture 11 - International Armed Conflict
International Humanitarian Law Lecture 11 - International Armed Conflict
 
Lwn158 seminar 10
Lwn158 seminar 10 Lwn158 seminar 10
Lwn158 seminar 10
 
International Humanitarian Law, (Lecture 15)- Distinction between internation...
International Humanitarian Law, (Lecture 15)- Distinction between internation...International Humanitarian Law, (Lecture 15)- Distinction between internation...
International Humanitarian Law, (Lecture 15)- Distinction between internation...
 
International Law-2
International Law-2International Law-2
International Law-2
 
Presentation 1 pil 2
Presentation 1 pil 2Presentation 1 pil 2
Presentation 1 pil 2
 
International humanitarian law
International humanitarian lawInternational humanitarian law
International humanitarian law
 
International Humanitarian Law and Terrorism
International Humanitarian Law and TerrorismInternational Humanitarian Law and Terrorism
International Humanitarian Law and Terrorism
 
International Humanitarian Law Lecture 13 - Some Contemporary Challenges in IHL
International Humanitarian Law Lecture 13 - Some Contemporary Challenges in IHLInternational Humanitarian Law Lecture 13 - Some Contemporary Challenges in IHL
International Humanitarian Law Lecture 13 - Some Contemporary Challenges in IHL
 
MIHA Module 2 Assignment
MIHA Module 2 AssignmentMIHA Module 2 Assignment
MIHA Module 2 Assignment
 
International Humanitarian Law Debate Championship 2016
International Humanitarian Law Debate Championship 2016International Humanitarian Law Debate Championship 2016
International Humanitarian Law Debate Championship 2016
 
Reparation for torture in International Law
Reparation for torture in International LawReparation for torture in International Law
Reparation for torture in International Law
 
International criminal-law
International criminal-lawInternational criminal-law
International criminal-law
 
Republic act no. 9851 official gazette of the republic of the philippines
Republic act no. 9851 official gazette of the republic of the philippinesRepublic act no. 9851 official gazette of the republic of the philippines
Republic act no. 9851 official gazette of the republic of the philippines
 
Laws of war intro slideshow
Laws of war intro slideshowLaws of war intro slideshow
Laws of war intro slideshow
 

Viewers also liked

Boys' brigade (health) kenny, solomon, edison and lionel
Boys' brigade (health) kenny, solomon, edison and lionelBoys' brigade (health) kenny, solomon, edison and lionel
Boys' brigade (health) kenny, solomon, edison and lionelDing Solomon
 
Boys' brigade (health) kenny, solomon, edison and lionel
Boys' brigade (health) kenny, solomon, edison and lionelBoys' brigade (health) kenny, solomon, edison and lionel
Boys' brigade (health) kenny, solomon, edison and lionelDing Solomon
 
Learn Concept of Class and Object in C# Part 3
Learn Concept of Class and Object in C# Part 3Learn Concept of Class and Object in C# Part 3
Learn Concept of Class and Object in C# Part 3C# Learning Classes
 
EHS Presentation - Original
EHS Presentation - OriginalEHS Presentation - Original
EHS Presentation - OriginalAmr Sheweel
 
ingenierie de formation
ingenierie de formationingenierie de formation
ingenierie de formationEric ROGER
 
Module 4 navigation et homogénéisation des les applications web
Module 4 navigation et homogénéisation des les applications webModule 4 navigation et homogénéisation des les applications web
Module 4 navigation et homogénéisation des les applications webMohammed Amine Mostefai
 
La crédibilité n'est pas le fruit du hasard
La crédibilité n'est pas le fruit du hasardLa crédibilité n'est pas le fruit du hasard
La crédibilité n'est pas le fruit du hasardStephane Prud'homme
 

Viewers also liked (7)

Boys' brigade (health) kenny, solomon, edison and lionel
Boys' brigade (health) kenny, solomon, edison and lionelBoys' brigade (health) kenny, solomon, edison and lionel
Boys' brigade (health) kenny, solomon, edison and lionel
 
Boys' brigade (health) kenny, solomon, edison and lionel
Boys' brigade (health) kenny, solomon, edison and lionelBoys' brigade (health) kenny, solomon, edison and lionel
Boys' brigade (health) kenny, solomon, edison and lionel
 
Learn Concept of Class and Object in C# Part 3
Learn Concept of Class and Object in C# Part 3Learn Concept of Class and Object in C# Part 3
Learn Concept of Class and Object in C# Part 3
 
EHS Presentation - Original
EHS Presentation - OriginalEHS Presentation - Original
EHS Presentation - Original
 
ingenierie de formation
ingenierie de formationingenierie de formation
ingenierie de formation
 
Module 4 navigation et homogénéisation des les applications web
Module 4 navigation et homogénéisation des les applications webModule 4 navigation et homogénéisation des les applications web
Module 4 navigation et homogénéisation des les applications web
 
La crédibilité n'est pas le fruit du hasard
La crédibilité n'est pas le fruit du hasardLa crédibilité n'est pas le fruit du hasard
La crédibilité n'est pas le fruit du hasard
 

Similar to Ames -- Memo (Cyber)

A Critically Analysis of the Doctrine of Use of Force by States under Interna...
A Critically Analysis of the Doctrine of Use of Force by States under Interna...A Critically Analysis of the Doctrine of Use of Force by States under Interna...
A Critically Analysis of the Doctrine of Use of Force by States under Interna...Onyekachi Duru Esq
 
O connell fullremarksnov23
O connell fullremarksnov23O connell fullremarksnov23
O connell fullremarksnov23ALEXANDRASUWANN
 
Dondi West Defcon 18 Slides
Dondi West Defcon 18 SlidesDondi West Defcon 18 Slides
Dondi West Defcon 18 Slidesdondiw
 
KLL4334
KLL4334 KLL4334
KLL4334 KLIBEL
 
The Legal Mechanisms With Which to Cope With a Nuclear Attack
The Legal Mechanisms With Which to Cope With a Nuclear AttackThe Legal Mechanisms With Which to Cope With a Nuclear Attack
The Legal Mechanisms With Which to Cope With a Nuclear AttackBen Cook Jr.
 
INTRO-Lorenz-HRL+and+IAC+(DAY+1).pptx.pdf
INTRO-Lorenz-HRL+and+IAC+(DAY+1).pptx.pdfINTRO-Lorenz-HRL+and+IAC+(DAY+1).pptx.pdf
INTRO-Lorenz-HRL+and+IAC+(DAY+1).pptx.pdfSiranjanaRodrigo
 
Respect for human rights during the armed conflict in Ukraine
Respect for human rights during the armed conflict in Ukraine Respect for human rights during the armed conflict in Ukraine
Respect for human rights during the armed conflict in Ukraine DonbassFullAccess
 
Essay Timur Akhmetov Nuclear Weapon ICJ advisory opinion 1996
Essay Timur Akhmetov Nuclear Weapon ICJ advisory opinion 1996Essay Timur Akhmetov Nuclear Weapon ICJ advisory opinion 1996
Essay Timur Akhmetov Nuclear Weapon ICJ advisory opinion 1996Timur Akhmetov
 
War Crimes Lecture.ppt
War Crimes Lecture.pptWar Crimes Lecture.ppt
War Crimes Lecture.pptSabhaArshad
 
Couso indictment oct-11
Couso indictment oct-11Couso indictment oct-11
Couso indictment oct-11Pintiparada
 
A-Comprehensive-Inquiry-into-the-Tenets-of-the-Responsibility-to-Protect-R2P.pdf
A-Comprehensive-Inquiry-into-the-Tenets-of-the-Responsibility-to-Protect-R2P.pdfA-Comprehensive-Inquiry-into-the-Tenets-of-the-Responsibility-to-Protect-R2P.pdf
A-Comprehensive-Inquiry-into-the-Tenets-of-the-Responsibility-to-Protect-R2P.pdfsiddeshdasari
 
OUTLINE FOR INTERNATIONAL LAW
OUTLINE FOR INTERNATIONAL LAWOUTLINE FOR INTERNATIONAL LAW
OUTLINE FOR INTERNATIONAL LAWsuzi smith
 
International Legal protection of Human rights in armed conflicts.
International Legal protection of Human rights in armed conflicts.International Legal protection of Human rights in armed conflicts.
International Legal protection of Human rights in armed conflicts.Christina Parmionova
 
Morality VS International Law - A Brief Case Study of UN Interventions in Som...
Morality VS International Law - A Brief Case Study of UN Interventions in Som...Morality VS International Law - A Brief Case Study of UN Interventions in Som...
Morality VS International Law - A Brief Case Study of UN Interventions in Som...Jenny Lafaurie
 
International humanitarian law
International humanitarian lawInternational humanitarian law
International humanitarian lawAdi Kuntarto
 
2018 april - aba legal construct for understanding adversarial cyber activit...
2018 april - aba legal construct for understanding adversarial cyber activit...2018 april - aba legal construct for understanding adversarial cyber activit...
2018 april - aba legal construct for understanding adversarial cyber activit...Ethan S. Burger
 

Similar to Ames -- Memo (Cyber) (20)

A Critically Analysis of the Doctrine of Use of Force by States under Interna...
A Critically Analysis of the Doctrine of Use of Force by States under Interna...A Critically Analysis of the Doctrine of Use of Force by States under Interna...
A Critically Analysis of the Doctrine of Use of Force by States under Interna...
 
Villard WritingSample Cybersecurity and International Law
Villard WritingSample Cybersecurity and International LawVillard WritingSample Cybersecurity and International Law
Villard WritingSample Cybersecurity and International Law
 
O connell fullremarksnov23
O connell fullremarksnov23O connell fullremarksnov23
O connell fullremarksnov23
 
Dondi West Defcon 18 Slides
Dondi West Defcon 18 SlidesDondi West Defcon 18 Slides
Dondi West Defcon 18 Slides
 
KLL4334
KLL4334 KLL4334
KLL4334
 
D0333015024
D0333015024D0333015024
D0333015024
 
Are Suspect Terrorists Legitimate Targets of ‘Signature’ Drone Strikes_ Chall...
Are Suspect Terrorists Legitimate Targets of ‘Signature’ Drone Strikes_ Chall...Are Suspect Terrorists Legitimate Targets of ‘Signature’ Drone Strikes_ Chall...
Are Suspect Terrorists Legitimate Targets of ‘Signature’ Drone Strikes_ Chall...
 
The Legal Mechanisms With Which to Cope With a Nuclear Attack
The Legal Mechanisms With Which to Cope With a Nuclear AttackThe Legal Mechanisms With Which to Cope With a Nuclear Attack
The Legal Mechanisms With Which to Cope With a Nuclear Attack
 
ILAC Final 2
ILAC Final 2ILAC Final 2
ILAC Final 2
 
INTRO-Lorenz-HRL+and+IAC+(DAY+1).pptx.pdf
INTRO-Lorenz-HRL+and+IAC+(DAY+1).pptx.pdfINTRO-Lorenz-HRL+and+IAC+(DAY+1).pptx.pdf
INTRO-Lorenz-HRL+and+IAC+(DAY+1).pptx.pdf
 
Respect for human rights during the armed conflict in Ukraine
Respect for human rights during the armed conflict in Ukraine Respect for human rights during the armed conflict in Ukraine
Respect for human rights during the armed conflict in Ukraine
 
Essay Timur Akhmetov Nuclear Weapon ICJ advisory opinion 1996
Essay Timur Akhmetov Nuclear Weapon ICJ advisory opinion 1996Essay Timur Akhmetov Nuclear Weapon ICJ advisory opinion 1996
Essay Timur Akhmetov Nuclear Weapon ICJ advisory opinion 1996
 
War Crimes Lecture.ppt
War Crimes Lecture.pptWar Crimes Lecture.ppt
War Crimes Lecture.ppt
 
Couso indictment oct-11
Couso indictment oct-11Couso indictment oct-11
Couso indictment oct-11
 
A-Comprehensive-Inquiry-into-the-Tenets-of-the-Responsibility-to-Protect-R2P.pdf
A-Comprehensive-Inquiry-into-the-Tenets-of-the-Responsibility-to-Protect-R2P.pdfA-Comprehensive-Inquiry-into-the-Tenets-of-the-Responsibility-to-Protect-R2P.pdf
A-Comprehensive-Inquiry-into-the-Tenets-of-the-Responsibility-to-Protect-R2P.pdf
 
OUTLINE FOR INTERNATIONAL LAW
OUTLINE FOR INTERNATIONAL LAWOUTLINE FOR INTERNATIONAL LAW
OUTLINE FOR INTERNATIONAL LAW
 
International Legal protection of Human rights in armed conflicts.
International Legal protection of Human rights in armed conflicts.International Legal protection of Human rights in armed conflicts.
International Legal protection of Human rights in armed conflicts.
 
Morality VS International Law - A Brief Case Study of UN Interventions in Som...
Morality VS International Law - A Brief Case Study of UN Interventions in Som...Morality VS International Law - A Brief Case Study of UN Interventions in Som...
Morality VS International Law - A Brief Case Study of UN Interventions in Som...
 
International humanitarian law
International humanitarian lawInternational humanitarian law
International humanitarian law
 
2018 april - aba legal construct for understanding adversarial cyber activit...
2018 april - aba legal construct for understanding adversarial cyber activit...2018 april - aba legal construct for understanding adversarial cyber activit...
2018 april - aba legal construct for understanding adversarial cyber activit...
 

Ames -- Memo (Cyber)

  • 1. Ames, 1 Memorandum TO: Mr. Michael Zehner FROM: C1C Kyle Ames DATE: June 2010 RE: “Direct Participation in Hostilities” in Cyberspace Questions Presented What is the legal status of an individual conducting cyber operations? Can cyber operations fall under the “use of force” definition of Article 2(4) of the UN Charter and directly contribute in an armed conflict? Discussion With the creation of the Air Force’s cyber division under Air Force Space Command (AFSPC) and the appointment of General Keith Alexander as its director,1 the United States must adopt a policy, under International Humanitarian Law, before cyber warfare creates precedents ahead of policy. As a result, military leaders and policy makers must determine the thresholds that guide cyber warriors during cyber operations to eliminate violations of jus ad bellum and jus in bello under the UN Charter and international treaties. This memorandum will discuss possible implications of cyber attacks under the Law of War and how the international community should regulate the future of cyber warfare. DoD defines cyberspace as the “global domain within the information environment consisting of the interdependent network of information technology infrastructures, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers.”2 The Air Force recently converted their cyber operations into a numbered Air Force to defend the United States military from cyber attacks. Dr. Lani Kass of the Air Force Cyberspace Task Force stated, “[c]yberspace is neither a mission nor an operation…It is a strategic, operational and tactical warfighting domain…”3 So do attacks within cyberspace directly harm another entity and link a cyber operator to direct participation in hostilities? Cyber attacks have already entered the international scene with Russian attacks on Estonia’s computer networks.4 Estonia established the Cooperative Cyber Defence Centre of Excellence after a number of government websites, Estonian banks and media websites were brought down by a massive flood of artificial traffic, which infiltrated the system, bringing down a number of websites over the course of a few weeks. This new form of “attack” could implicate other nations, as Estonia is a member to NATO. Do NATO members have the obligation to invoke Article 55 of the NATO Charter, which establishes that an attack on a member is an attack on all NATO countries, and warrants a reciprocal attack on an unknown cyber entity? 1 Beaumont, Peter. (2010, May 23). US appoints first cyber warfare general. Retrieved from guardian.co.uk: http://www.guardian.co.uk/world/2010/may/23/us-appoints-cyber-warfare-general. 2 England, Gordon. (2008). The Definition of Cyberspace. 3 Solce, Natasha.(2008). The Battlefield of Cyberspace: The Inevitable New Military branch –The Cyber Force. Albany Law Journal of Science & Technology. 4Marwaha, A. (2009, June 24). What rules apply in cyber-wars? Retrieved from BBC: http://news.bbc.co.uk/2/hi/technology/811444.htm. 5 The North Atlantic Treaty. Washington,DC. 4 April 1949. Article 5.
  • 2. Ames, 2 I. The “Use of Force” under the United Nations The principles governing the interaction of states consists of law dealing with threats during peacetime, law leading up to a conflict and the use of force (jus ad bellum), and law during a conflict consisting of armed attacks (jus in bello). Jus ad bellum should be applied to cyber operations because nation states and anonymous non-state actors have the ability to launch “attacks” against their targets. The unprecedented attacks of the technical domain do not fit the mold of post-WWII doctrine, and they challenge decision-makers to implement core legal principles that can be adapted to the modernization of warfare. The UN states its purpose in Article 1 of the Charter as “[t]o maintain international peace and security and to that end: to take effective collective measures for the prevention and removal of threats to the peace, and breaches of peace…”6 The UN serves as a preventative body to conflicts. Appropriately, under Article 2 of the treaty, “[a]ll members shall refrain in their international relations from the threat or use of force against the territorial integrity or political independence of any state.”7 Nowhere in the text do the Framers explain what the “use of force” represents. The use of force, as the text reads, is only permitted under two conditions: if the Security Council recommends the use of armed forces or in self-defense “if an armed attack occurs.”8 A. Use of Force in the Context of Treaties To better understand what the “use of force” clause means, the Vienna Convention on the Law of Treaties (VCLT) contends that “[a] treaty shall be interpreted in good faith in accordance with the ordinary meaning to be given to the terms of the treaty in their context in light of its object and scope.”9 Contextually, the UN ratified its charter near the resolution of World War II, which was a time of growing military technology and the beginning of the nuclear age. No alternatives to tangible munitions existed, and the presence of a heavy kinetic force influenced the UN’s policy. As to the object and purpose of the Charter, the preamble includes the prohibition that “armed force shall not be used.”10 The preamble reveals the Charter’s purpose and defines, contextually, the “use of force” to mean an armed attack. The Framers of the Charter emphasized the prevention of military coercion exclusively. Brazilian delegates at the San Francisco Conference submitted changes to the Dumbarton Oaks (original draft of the Charter) proposal that would extend Article 2(4)’s use of force to economic coercion.11 The analysis of the Charter’s text leads to the interpretation excluding economic coercion. To that end, the travaux and text preserve the meaning of the use of force to presume an armed attack and reject the notion of any coercion not under the direction of a state’s military. II. Direct Participation in Hostilities 6 Charter of the United Nations. San Francisco. June 26, 1945. Article 1(1). 7 Id at Article 2(4). 8 Id at Article 39; Article 51 respectively. 9 Vienna Convention on the Law of Treaties. United Nations. May 23, 1969. Article 31(1). 10 Supra note 8. Preamble to the Charter of the United Nations. 11 Schmitt, Michael N. (1999). Computer Network Attack and the Use of Force in International Law: Thoughts on Normative Framework. Columbia Journal of Transnational Law.
  • 3. Ames, 3 The Geneva Convention treaties outline the law of armed conflict, termed jus in bello, which govern the “direct participation in hostilities.” Additional Protocol I to the Geneva Conventions defines a combatant as members of the armed forces who “have the right to participate directly in hostilities.”12 In order to determine the combative status of cyber operators, cyber acts must fit within the international community’s definition of aggression. The International Court of Justice (“ICJ”) to the United Nations creates a distinction in Nicaragua v. U.S. between the “use of force” under Article 2(4) of the Charter and an armed attack which urges the right to self defense under Article 51.13 In this case, the ICJ found that the United States government violated international law when it supported Contra guerrillas in a rebellion against the Nicaraguan government and by mining Nicaragua’s harbors. The Court determined that the arming and training of rebels was not an “armed attack,” but constituted as the use of force. Important to both sides with regard to the exercise of self-defense, the Court defined an armed attack to mean, “the sending by a State of armed bands on to the territory of another State, if such an operation, because of its scale and effects, would have been classified as an armed attack had it been carried out by regular armed forces.”14 Under this definition, five factors constitute an armed attack: (1) an attack (2) within the target nation’s borders, (3) by an armed force that (4) causes legitimate damages (5) for military advantage. When evaluating a cyber attack, usually the attack is from outside the target nation’s border and the attacker’s status is unknown. However, effects of a cyber attack can cause legitimate damage that will be evaluated later. In UN Resolution 3314 (XXIX) the General Assembly (“GA”) of the UN defines aggression as “the use of armed force by a State against the sovereignty, territorial integrity or political independence of another State, or in any manner inconsistent with the Charter of the United Nations.”15 This suggests that only acts, which result from an armed attack, or the use of physical, kinetic weapons by an armed force, would constitute an act of aggression. The resolution further lists potential acts of aggression as invasion of territory, bombardment, and blockade of ports.16 Each act listed precedes the phrase “by the armed forces.” This leaves out any consideration of individual attacks on a state and excludes the possibility of aggression caused as a result of cyber operations. The Framers of the UN Charter and the General Assembly at large sought to prohibit coercion by an armed force. This idea focuses on the means of attack rather than the actual result of an act of coercion. The International Committee of the Red Cross (ICRC) delineates direct participation in hostilities to mean when an individual carries out acts “which aim to support one party to the conflict by directly causing harm to another party, either directly inflicting death, injury or destruction, or by directly harming the enemy’s military operations or capacity.”17 Each member party to the Geneva Convention gives the ICRC a mandate “to protect the victims of international and internal armed conflicts.”18 The ICRC emphasizes the result of an action in 12 Protocol Additional (I) to the Geneva Conventions.Article 43(2). (June 8, 1949). 13 Military and Paramilitary Activities (Nicaragua. v. U.S.), 1986 I.C.J. 14, 118-19, para. 228 (June 27). The Court “does not consider that military maneuvers held by the United States near the Nicaraguan borders,or the supply of funds to the contras amounts to a use of force.” A “use of force” need not be armed. 14 Id. 15 United Nations General Assembly Resolution, 3314 (XXIX) (1974). 16 Id at Article 3. 17 International Committee of the Red Cross. Interpretive Guidance on the Notion of Direct Participation in Hostilities. May 2009. 18 "Discover the ICRC". 2007. http://www.icrc.org/Web/eng/siteeng0.nsf/html/p0790. Retrieved 2010-05-24. p.6.
  • 4. Ames, 4 support of an armed conflict rather than the method used under the UN Charter’s definition when describing what it means to directly participate in hostilities. The guidance continues to list examples of acts that fall under this definition which include computer network attacks. III. “Harm” and the “Use of Force” There are three distinct schools of thought of how treaty law should be applied to cyber operations: A. Damage Inflicted The first school of thought concerning the use of force as outlined by the UN Charter stems from the ICRC’s explanation of direct participation and the UN’s purpose to ensure universal peace: The use of force as prohibited under article 2(4) of the Charter seeks to keep incidents below a certain threshold of violence and keep them from escalating into all out wars.19 This notion focuses on the damage done to a state rather than the mode of destruction. For instance, to take away an enemy’s train transportation, it is no longer necessary to bombard the track or the train cars using munitions. Instead, the computer network that controls the system can be attacked in order to produce the same effect. Cyber operations have an arsenal of cyber weapons, which have the potential to produce similar impacts to that of kinetic weapons. Cyber operations use various forms of attacks to disable the enemy. Denial of service (DoS) attacks completely interrupt a system by using a single computer or network of computers by flooding a computer system and rendering it completely useless. Malicious programs such as worms, Trojan horses, and viruses spread throughout computer network, which disrupt communication and ultimately give control of a network to the enemy.20 These methods could cause destruction on a state’s system of control: communication systems, electric power supply, transport systems, and other vital infrastructure. With damages to any of these areas of infrastructure, and an overall impact in an armed conflict, the means are not important. If cyber operations cannot be distinguished from kinetic attacks as far as their impacts, without physical presence on a battlefield, cyber operators directly participate in hostilities. B. Means of Destruction The second school of thought stems from the Framers who wrote the Charter. An armed attack constitutes the use of force, and “the means of destruction is the object of the policy.”21 This thought works under the presumption that political and economic coercion could never rise to the level of violence without the aid of an armed force or military intervention. At the time, military intervention consisted of destruction by thousand-pound bombs and various forms of kinetic weapons. The idea of destruction indirectly caused by computer network attacks is a new concept that should be considered when evaluating the true intentions of the Framers when they deliberated the definition of the use of force. 19 Wingfield, Thomas C. (2006). When is a Cyber Attack an “Armed Attack?” The Potomac Institute for Policy Studies. 20 Schapp, Arie J. (2009). Cyber Warfare Operations: Development and the Use Under International Law. The Air Force Law Review. 21 Id. at pg. 6.
  • 5. Ames, 5 C. Schmitt Analaysis The final interpretation of the use of force urges a case-by-case analysis that considers both the qualitative and quantitative aspects of an operation.22 This analysis would create universal thresholds that would determine whether an operation uses force. These factors would include: severity, immediacy, directness, invasiveness, measurability, presumptive legitimacy:23 Factors Explained:24  Severity: If people are killed or there is extensive property damage, the action is probably military; the less damage, the less likely the action is a “use of force.”  Immediacy: When the effects are seen within seconds to minutes—such as when a bomb explodes—the operation is probably military; if the effects take weeks or months to appear, it is more likely diplomatic or economic.  Directness: If the action taken is the sole cause of the result, it is more likely to be viewed as a use of force; as the link between cause and effect attenuates, so does the military nature of the act.  Invasiveness: A violated border is still an indicator of military operations; actions that are mounted from outside a target nation’s borders are probably more diplomatic or economic.  Measurability: If the effect can be quantified immediately—such as photographing a “smoking hole” where the target used to be—the operation has a strong military characteristic; the more subjective the process of evaluating the damage, the more diplomatic or economic.  Presumptive Legitimacy: State actors have a monopoly on the legitimate use of kinetic force, while other non-kinetic actions—attacks through or in cyberspace— often are permissible in a wider set of circumstances; actions that have not been the sole province of nation-states are less likely to be viewed as military  Responsibility: If a state takes visible responsibility for any destructive act, it is more likely to be categorized as a traditional military operation; ambiguous responsibility militates for a non-military label. With a holistic approach, these factors would put an action above or below the “use of force” threshold with regard to a cyber, kinetic or hybrid operation. i. Kinetic Attack In order to understand this analysis, it should be applied to both a kinetic attack and cyber attack to distinguish a difference. The kinetic scenario will involve a group of terrorists within the borders of the United States, releasing sarin gas inside a New York subway train during rush hour: 22 Id at pg .6. 23 Supra note 13. 24 Id.
  • 6. Ames, 6  Severity: There was no physical destruction to the subway, but 1,000 civilians were injured and 20 were killed.  Immediacy: The consequences from the chemical gas attack were seen within minutes of the release of the chemical.  Directness: The impacts of the actions were produced directly from the chemicals released by the terrorists.  Invasiveness: The terrorists mounted the attack from within the U.S.’ borders.  Measurability: The dead and injured can be counted and the monetary costs of both the physical damages and injuries can be assigned.  Presumptive Legitimacy: The chemical attack is illegal for all nation states; there is no presumptive legitimacy.  Responsibility: The United States will eventually figure out which organization was responsible for the action; the actors made no claim of national responsibility. In order to compare these results to a cyber attack, the analysis can produce quantitative results. When evaluating a scenario, the analyst may assign numbers from one to ten to each of the criteria (ten being the most forceful). These numbers come solely from the hypothetical descriptions for each factor above: Severity – 8; Immediacy – 8; Directness – 9; Invasiveness – 9; Measurability – 8; Presumptive Legitimacy – 6; Responsibility – 5. (Average – 7.7). ii. Cyber attack To complete the analysis, these same factors will be applied to a cyber attack in order to determine the level of force a cyber operation can produce. The scenario involves terrorists using a malicious code to strike the automatic train protection system of the subway. The attack was from outside the U.S. by using a DoS attack on computers used by the subway operators.  Severity: The disabling of the protection system caused two trains to collide head on. There was extensive physical destruction to the subway, and 300 civilians were injured and 50 there were killed. Many people experienced psychological effects. The damage of the trains amounted to long-term loss of the subway system.  Immediacy: The consequences of the attack resulted within 2 minutes of the computer system disruption; the crashes themselves were nearly instantaneous.  Directness: The impacts of the actions were produced directly from the terrorists’ attacks on the computer system.  Invasiveness: The terrorists mounted the attack inside the U.S. from an unknown area, but it could have been launched from anywhere in the world.  Measurability: The monetary damages can be assessed and the amount of casualties is known.  Presumptive Legitimacy: As with the first attack, no one can legally launch this kind of attack against civilians; there is no presumptive legitimacy.  Responsibility: There was no claim of national responsibility; all that is estimated is that the attack was from another party because the train collision would not occur unless a negligent party acted.
  • 7. Ames, 7 Again, these factors will be quantitatively assessed to determine the differences of kinetic attacks and a cyber attack: Severity – 9; Immediacy – 9; Directness – 9; Invasiveness – 5; Measurability – 8; Presumptive Legitimacy – 5; Responsibility – 5. (Average – 7.1). The figures in these scenarios are conjectures. The cyber attack scenario produced a lower level of force; however, aside from the invasiveness of the attack, the results are indistinguishable from one method to the other. This analysis proves that under a case-by-case analysis, cyber attacks could produce similar levels of force as kinetic attacks. IV. Law of War The Law of War, also known as the Law of Armed Conflict, provides guiding principles for any military attack to predict whether a target is lawful. These same principles can be applied to a cyber attack without changing the purpose of the language: A. Principles of LOAC i. Military Necessity: This principle justifies those measures which are indispensible for attaining the complete submission of the enemy. Additional Protocol I provides that a military attack is lawful only against “those objects which by their nature, location, purpose or use make an effective contribution to military action and whose total or partial destruction, capture, or neutralization, in the circumstances ruling at the time, offers a definite military advantage.”25 ii. Distinction: Parties to an armed conflict must distinguish between the civilian population and combatants, and between the civilian objects and military objectives. Protocol I provides that “[t]he civilian population and individual civilians shall enjoy protection against dangers arising from military operations…The civilian population as well as individual citizens, shall not be the object of attack.”26 iii. Proportionality This principle prohibits the use of force that exceeds that needed to complete the military objective. The ultimate question is whether the collateral damage is excessive in relation to the military advantage gained. This does not mean that collateral damage equates to a violation of international law, but collateral damage must be proportional to the military advantage. Protocol I prohibits “an attack which may be expected to cause incidental loss of civilian life, injury to civilians, damage to civilian objects, or a combination thereof, which would be excessive in relation to the concrete and direct military advantage anticipated.”27 iv. Humanity 25 Supra note 11. Article 52(2). 26 Id Article 51(1)(2). 27 Id Article 51(5)(b).
  • 8. Ames, 8 Hague Convention IV, Article 22, provides that “the rights of belligerents to adopt means of injuring the enemy is not unlimited.” 28 It also specifically prohibits the employment “of arms, projectiles, or materials calculated to cause unnecessary suffering.”29 v. Chivalry Perfidy involves injuring the enemy by using his adherence to the law of war against him. Protocol I states that “it is prohibited to kill, injure or capture an adversary by resort to perifidy” and “acts inviting the confidence of an adversary to lead him to believe that he is entitled to, or obliged to, or is obligated to accord, protection under the rules of international law applicable in armed conflict, with intent to betray that confidence, shall constitute perfidy.30 B. Application to cyber operations Cyber operations have the capability of being more effective during an armed conflict; some benefits include less physical destruction, less costs than traditional warfare, and the ability to still achieve the same results with less risk to military personnel.31 In order to determine the legality of cyber operations, the principles should be applied. A hypothetical cyber attack can show potential adherence to LOAC principles. The scenario involves the disruption or hacking of the electronic maintenance manuals of an adversary’s aircraft. Targeting a military aircraft satisfies the requirement of military necessity. Because it is a military object flying above land, the civilian population is out of reach, and no civilian objects, aside from civilian aircraft, interfere with the target. Potential problems that fall under the distinction principle are seen in computer network attacks. A cyber attack which attacks a military network using viruses, could potentially spread to civilian networks because of the indiscriminate effects of viruses. At the same time, taking out an enemy’s communication system, which could be linked to the civilian network, completes a military objective while creating an inconvenience for the civilian population and does not violate LOAC. However, the biggest issue with this attack falls under the proportionality principle. If the attack occurs during flight over civilian population, then the aircraft’s collateral damage could exceed the military advantage gained by terminating an aircraft and possibly its pilot. Article 57 to Protocol I, provides “when a choice is possible between several military objectives for obtaining similar military advantage, the objective to be selected shall be the attack on which may be expected to cause the least danger to civilian lives and to civilian objects.”32 Cyber attacks do not change the proportionality analysis as collateral damage results from every method of attack. Cyber operations could limit the amount of physical damage during an attack. For example, an enemy’s Air Defense System (“ADS”) that is placed among civilians could be disabled through means that do not involve bombardment and the use of munitions. This minimizes the amount of collateral damage using cyber methods. 28 Convention Respecting the Laws and Customs of War on Land and its Annex: Regulation Concerning the Laws and Customs of War on Land. The Hague, 18 October 1907. Article 22. 29 Id Article 23(e). 30 Supra note 26. Article 37(1). 31 Supra note 19. Pg. 13. 32 Supra note 19. Article 57.
  • 9. Ames, 9 When executed within the scope of the proportionality principle, cyber attacks should never produce unnecessary suffering. For this to happen, the object of attack would have to violate other principles such as infiltrating a biochemical plant’s network and, through a computer malfunction, releasing illegal toxins. The enemy’s computer system receives the direct attack while indirect results should never escalate to inhumane attacks as seen in some modern munitions. If used properly, no projectiles or illegal materials will be employed as a result of cyber attacks. Perfidious acts may include a cyber operator using emails or websites that appear to be safe and protected to the enemy in order to release a malicious virus. In this scenario neither the principles of chivalry or humanity would be violated. Conclusion The UN Charter, which covers the domain of jus ad bellum, establishes three thresholds that are applicable to cyberspace regarding its legal implications before or during a conflict. Article 39 outlines the first threshold or level of aggression as a “threat to the peace, breach of the peace, or act of aggression.”33 The Security Council has the sole authority to identify such an act compliant in nature; however the anonymity and covert nature of cyber attacks nearly eliminates the likelihood of a cyber attack being identified at all, let alone being distinguished as a threat to the peace. The second threshold exists under Article 2(4) as the “use of force.” The Charter remains incoherent as far as the meaning of “force;” however, this force can be broken down into quantifiable factors that produce a more reliable determination of cyber attacks concerning an action’s contribution of direct harm. The Schmitt analysis reveals an approach that can be applied to attacks or threats under all components disregarding the dated policy, which links exclusively military actions to actions using force. Finally, the third threshold is that found under Article 51 as “armed attacks.” A state may act in lawful self-defense if they can prove: “necessity (exhausting all reasonable peaceful alternatives before resorting to force), proportionality (using only that amount of force required to end the immediate threat), and imminency (acting only when the aggressor has irrevocably committed itself to attack).”34 Concerning the attacks on Estonia, in order to lawfully retaliate, the state needed to be victim of an armed attack. An attack during an armed conflict “means acts of violence against the adversary, whether in offense or in defense” according to the Geneva Conventions.35 Compliant with this requirement, the meaning of attack does not focus on the means of violence but rather the result. As a result the qualitative and quantitative analysis applied to determine the identity of force can be applied to determine whether an attack has occurred. Cyber attacks can produce effects on a nation state analogous to effects produced by kinetic means. When looking solely at the destruction caused by cyber attacks, quantifiable analyses can determine its status as a “use of force” under the UN Charter. This opposes the object and scope of the Charter as the Framers installed alternate measures to prevent conflict. Concerning unconventional warfare within the cyber domain, changes should be made to policies that model the ICRC’s inclusion of computer network attacks under their definition of 33 Supra note 6. 34 Supra note 16 at pg. 6. 35 Supra note 11. Article 49(1).
  • 10. Ames, 10 “direct participation in hostilities.” The definitions of the “use of force” and armed attacks should be inclusive of cyber attacks, which are under the direction of a military. The qualitative and quantitative assessment used to determine the legal status of cyber attacks will lay the groundwork for cyber intervention and help officials make policy for future cyber attacks. With these potential acts of force, the cyber warrior may participate directly in hostilities and could be considered a combatant. KYLE B. AMES, C1C USAF