Although cyber warfare has been around for a decade or so, it still has not been well defined. As of this writing, there is no international treaty in place that establishes a legal definition for an act of cyber aggression. In fact, the entire field of international cyber law is still murky.
The NATO Cooperative Cyber Defense Centre of Excellence (CCDCOE) published a paper on the subject in November 2008 entitled “Cyber Attacks Against Georgia: Legal Lessons Identified.” In it, the authors discuss possible applicability of the Law of Armed Conflict (LOAC) to the cyber attacks that occurred during the Russian Georgia War of August 2008.
LOAC, also known as the International Humanitarian Law, relies on two primary rule groups: jus ad bellum and jus ad bello, which is Latin for “justice to war” and “justice in war,” respectively. In other words, there are rules for how a country proceeds to a state of war and, once there, for how it conducts its war effort.
On May 8, 2009, the head of the U.S. Strategic Command, U.S. Air Force General Kevin P. Chilton, was quoted in Stars and Stripes as saying “[t]he Law of Armed Conflict will apply to this domain.” It is still unclear how many other nations will adopt that same approach, particularly the Russian Federation and the People’s Republic of China.
Amit Sharma, deputy director of India’s Ministry of Defense—Defense Research and Development Organization, prefers a different approach, one styled after ...