CYBER LAW PROJECT

Cyber Operations and Cyber Attacks as

Countermeasures in Public International Law

Submitted by:
Monisha Purwar (150101082)
VII Semester, B.A. LL.B. (Hons.)

Submitted to:
Amandeep Singh
 ACKNOWLEDGMENTS
Firstly, I would like to thank Prof. Amandeep for his constant guidance in the making of this
project. Also a special thanks to all faculties who have always been a constant inspiration.
Secondly, I am grateful to the Dr. Madhu Limaye Library and the resources that aided in the
completion of the project.
I have given it a fair bit of effort, I hope it’s worthwhile.

2
CONTENTS

Statement of Problem .............................................................................................................. 4

Scope of the Project ................................................................................................................. 5

Research Questions .................................................................................................................. 6

Countermeasures in International Law ................................................................................. 7

Customary International Law regarding Countermeasures ............................................... 9

Key Terminology .................................................................................................................... 14

Cyber Attack and the Right to Self Defense ........................................................................ 18

Cyber Attacks and Countermeasures .................................................................................. 20

Conclusion .............................................................................................................................. 22

Bibliography ........................................................................................................................... 23

3
STATEMENT OF PROBLEM

With the passage of time, International Law has made various strides along with the
invention and widespread usage of the Internet. The consequent advent of cyber warfare and
breaches into a country’s technological security mechanisms in cyber space have made
situations worse for a country’s intelligence and other critical infrastructures. Most of the
literature and research that exists with regard to responses to the cyber warfares revolves
around how a cyber attack may constitute the use of force, and how the right to self defense
under Article 51 of the United Nations Charter may be invoked. This has been observed in
the rise in popularity of the Tallinn Manual as the authoritative text on a State’s response to
cyber attacks.
What this project shall attempt to do is examine the suitability of resorting to
countermeasures under the Articles of State Responsibility as a method of reprisal against a
cyber breach. This may curtail the need for States to resort to armed attacks in a cyber
context, which wreaks havoc on the critical infrastructure of a country.

4
SCOPE OF THE PROJECT

This project shall begin with an analysis of countermeasures in general, where the
wrongfulness of certain acts as per international law is precluded on the basis of facts,
circumstances and legal preconditions [Part I]. It shall go on to enumerate all the Articles in
the Draft Articles on State Responsibility that regulate countermeasures [Part II]. After this,
the project shall discuss cyber attacks as a manifestation of the use of force, and responses to
the same with armed attacks [Part III]. The fourth part of the project shall analyse how
countermeasures are the ideal method of reprisal against cyber attacks [Part IV].

5
RESEARCH QUESTIONS

1. What are the general legal requirements for an internationally wrongful act to be
considered a lawful countermeasure, and thereby precluded from wrongfulness?
2. What is the difference between a cyber crime, a cyber attack and cyber warfare?
3. Why countermeasures are a preferable reaction to cyber attacks than the use of force,
justified by self defense under Article 51 of the UN Charter?

6
COUNTERMEASURES IN INTERNATIONAL LAW
Countermeasures can be defined as actions, or reprisals, taken to respond to a prior negative
action that would violate international law but for the prior wrong. The term
‘countermeasures’ is now the preferred term for reprisals not involving the use of force. 1
More recently, the term “reprisals” has been limited to action taken in time of international
armed conflict; i.e. it has been taken as equivalent to belligerent reprisals. The term
“countermeasures” covers that part of the subject of reprisals not associated with armed
conflict.2
Retorsions: Countermeasures are to be contrasted with retorsion, i.e. “unfriendly” conduct
which is not inconsistent with any international obligation of the State engaging in it even
though it may be a response to an internationally wrongful act. Acts of retorsion may include
the prohibition of or limitations upon normal diplomatic relations or other contacts,
embargoes of various kinds or withdrawal of voluntary aid programmes. Whatever their
motivation, so long as such acts are not incompatible with the international obligations of the
States taking them towards the target State, they do not involve countermeasures and they fall
outside the scope of the present articles.3
Countermeasures are a feature of a decentralized system by which injured States may seek to
vindicate their rights and to restore the legal relationship with the responsible State which has
been ruptured by the internationally wrongful act.4

Circumstances Precluding Wrongfulness of an Act under International Law

There are six circumstances precluding the wrongfulness of conduct that would otherwise not
be in conformity with the international obligations of the State concerned. The existence in a
given case of a circumstance precluding wrongfulness in accordance with this chapter
provides a shield against an otherwise well-founded claim for the breach of an international
obligation. The six circumstances are:
1. Consent (Article 20); 2. Self-defence (Article 21);

1
Air Services Agreement case (France v. United States), 18 R.I.A.A. 416 (1978).
2
E. ZOLLER, PEACETIME UNILATERAL REMEDIES: AN ANALYSIS OF COUNTERMEASURES 179–189 (Dobbs Ferry
Ed., New York: Transnational, 1984).
3
Commentary on the Draft Articles on the Responsibility of States for Internationally Wrongful Acts, Report of
the International Law Commission on the work of its Fifty-third Session, UN. Doc. A/56/10, p. 76.
4
MALCOLM N. SHAW, INTERNATIONAL LAW (6th Edn., Cambridge University Press: Cambridge, 2008).

7
3. Countermeasures (Article 22); 4. Force majeure (Article 23);
5. Distress (Article 24); 6. Necessity (Article 25).

Unless otherwise provided, they apply to any internationally wrongful act whether it involves
the breach by a State of an obligation arising under a rule of general international law, a
treaty, a unilateral act or from any other source. They do not annul or terminate the
obligation; rather they provide a justification or excuse for non-performance while the
circumstance in question subsists. This was emphasized by ICJ in the Gabčíkovo-Nagymaros
Project case.
Where countermeasures are taken in accordance with Article 22, the underlying obligation is
not suspended, still less terminated; the wrongfulness of the conduct in question is precluded
for the time being by reason of its character as a countermeasure, but only provided that and
for so long as the necessary conditions for taking countermeasures are satisfied. These
conditions are set out in Part Three, chapter II, to which article 22 refers. An act directed
against a third State would not fit this definition and could not be justified as a
countermeasure. On the other hand, indirect or consequential effects of countermeasures on
third parties, which do not involve an independent breach of any obligation to those third
parties, will not take a countermeasure outside the scope of Article 22.5
The ICJ in the Gabčíkovo-Nagymaros Project case remarked that, for a countermeasure to be
justifiable, it must meet the conditions below:
 “The act constituting countermeasure must be taken in response to a previous intentional
wrongful act of another state and must be directed against that state.
 The injured state must have already called upon the state committing the wrongful act to
discontinue its wrongful conduct or to make reparation, but the request was refused.
 The countermeasure must be commensurate with the injury suffered, taking into account
the rights in question.
 The purpose behind evoking the countermeasure is to induce the wrongdoing state to
comply with its obligations under international law. Therefore, the measure must be
reversible.”

5
Bruno Simma, Countermeasures and Dispute Settlement: A Plea for a Different Balance, 5 EUROPEAN
JOURNAL OF INTERNATIONAL LAW 102, 103 (1994).
8
CUSTOMARY INTERNATIONAL LAW REGARDING COUNTERMEASURES
The following Articles of the Draft Articles on State Responsibility lay out the pre-conditions
and thresholds that an international act must meet in order to be considered a lawful
countermeasure, thereby allowing for a preclusion of the inherent wrongfulness of the act in
itself.
“Article 49. Object and limits of countermeasures
1. An injured State may only take countermeasures against a State, which is responsible for an inter-
nationally wrongful act in order to induce that State to comply with its obligations under Part Two.
2. Countermeasures are limited to the non-performance for the time being of international obligations
of the State taking the measures towards the responsible State.
3. Countermeasures shall, as far as possible, be taken in such a way as to permit the resumption of
performance of the obligations in question.”

Paragraph 1 of article 49 presupposes an objective standard for the taking of

countermeasures, and in particular requires that the countermeasure be taken against a State
which is responsible for an internationally wrongful act in order to induce that State to
comply with its obligations of cessation and reparation. A State taking countermeasures acts
at its peril, if its view of the question of wrongfulness turns out not to be well founded. A
State which resorts to countermeasures based on its unilateral assessment of the situation
does so at its own risk and may incur responsibility for its own wrongful conduct in the event
of an incorrect assessment. In this respect, there is no difference between countermeasures
and other circumstances precluding wrongfulness.6

“Article 50. Obligations not affected by countermeasures

1. Countermeasures shall not affect:
a. the obligation to refrain from the threat or use of force as embodied in the Charter of the
United Nations;
b. obligations for the protection of fundamental human rights;
c. obligations of a humanitarian character prohibiting reprisals;
d. other obligations under peremptory norms of general international law.

2. A State taking countermeasures is not relieved from fulfilling its obligations:

a. under any dispute settlement procedure applicable between it and the responsible State;

6
Supra note 3.

9
 b. to respect the inviolability of diplomatic or consular agents, premises, archives and
documents.”
The obligations dealt with in article 50 fall into two basic categories. Paragraph 1 deals with
certain obligations, which by reason of their character, must not be the subject of
countermeasures at all. Paragraph 2 deals with certain obligations relating in particular to the
maintenance of channels of communication between the two States concerned, including
machinery for the resolution of their disputes.7

“Article 51. Proportionality

Countermeasures must be commensurate with the injury suffered, taking into account the gravity of
the internationally wrongful act and the rights in question.”

Proportionality in countermeasures sometimes forms the corpus of the law surrounding

countermeasures in international law. Therefore, it merits extensive discussion in this project
as well. Even under the broad topic of reprisals in general, the Naulilaa case specifically laid
down that a reprisal must definitely be proportional to the wrongful act that it is reactionary
to, along with a request for reparations before conduct of the said reprisal.8 Proportionality
represents a key element for controlling the exercise of the decentralized power conferred on
states to react individually to internationally wrongful acts. There is always a question of the
appropriateness of the means chosen for the furtherance of the aim of the injured state, but in
the legal field of countermeasures, there is also the question of the appropriateness of the aim
chosen.9 This does not in any way mean that a state cannot chose its own method of self-
redressal or the aim of its action in self- redress but the presence of the notion of
proportionality curtails the otherwise unbounded discretion of the state to pursue any which
action it so deems fit by requiring that the aim pursued is not manifestly inappropriate to the
situation considering the structure, content of the breached rule and the magnitude of the
breach. 10 Therefore keeping in mind the multifarious functions that proportionality has to
perform in terms of its application to countermeasures, Prof. Cannizaro in his article The

7
Supra note 3.
8
JAMES CRAWFORD, STATE RESPONSIBILITY 647 (2nd Edn., Oxford University Press: Oxford, 2008).
9
Thomas M. Franck, On Proportionality of Countermeasures in International Law, 102(4) AMERICAN JOURNAL
OF INTERNATIONAL LAW 715, 727 (2008).
10
Enzo Cannizaro, The Role of Proportionality in the Law of International Countermeasures, 26 EUROPEAN
JOURNAL OF INTERNATIONAL LAW 24, 43 (2000).
10
Role of Proportionality in the Law of International Countermeasures categorises
proportionality into two kinds on the basis of ends and the means to that end. Internal
proportionality therefore being the name attributed to the operation that consists in appraising
the appropriateness of the content of the measures adopted in relation to the result that they
seek to achieve. And external proportionality being term which conveys the idea that what is
required by proportionality is not only that the means chosen are appropriate to the subjective
aim of the respondent state, but also, more so primarily, that the aim in itself is reasonable
and appropriate in the context of the breached norm and of the legal consequences deriving
from the breach.11
Countermeasures but obviously therefore are of different kinds. The first kind is Normative
Countermeasures, which work best in case of bilateral structures, and they are those which
are aimed at reproducing the legal balance that has been breached. In a bilateral structure the
obligations of one party are counterbalanced by the performance of those obligations by the
other party and vice- versa. Hence proportionality is in a way parallel to reciprocity. This
kind of proportionality is usually applied to international trade agreement breaches.12
In cases of unilateral obligations, where the breach of such an obligation calls for retributive
measures with the aim of putting the cost of action on the wrong-doer and preventing it from
benefitting from its own conduct, proportionality is measured by a comparison of equivalence
between the injurious effects of both the breach and the response. The countermeasures
applied here are called retributive countermeasures and usually work with the basic aim of
inducing the wrongdoer to comply with its obligation, accept responsibility and offer
reparation. Retribution hence assumes a coercive garb in such cases and usually the
countermeasures applied are reversible in nature.13
When the function of the response is not to make the wrongdoer pay compensation for the
harm caused but make the wrongdoer state reverse its course of action and abide by the
obligation, we apply what are known as coercive countermeasures. 14 Such countermeasures
are permissible for the protection of the interests of the international community and
enforcement of essential interests. Proportionality in these cases is also the relation between

11
Id.
12
Supra note 12.
13
David J. Bederman, Counterintuiting Countermeasures, 96 AMERICAN JOURNAL OF INTERNATIONAL LAW
817, 820 (2002).
14
Supra note 3.

11
breach and response, however it is not a measure of equivalence but rather a relation of
appropriateness between the wrongful conduct and the need to restore a pre-existing legal
balance.15
The last and final kind of countermeasures would be executive countermeasures, which are
like the extreme form of conceived countermeasures, whereby the injury causing state is not
made to fulfill its obligation, but simply substituted with some other state or the function is
then performed by the injured state itself, by the breach of a different obligation. The
proportionality of these measures is measured against the idea that such a step taken is
necessary for securing the protection afforded by the breached rule.16

“Article 52. Conditions relating to resort to countermeasures

1. Before taking countermeasures, an injured State shall:
a. call upon the responsible State, in accordance with article 43, to fulfil its obligations under
Part Two;
b. notify the responsible State of any decision to take countermeasures and offer to negotiate with
that State.
2. Notwithstanding paragraph 1 (b), the injured State may take such urgent countermeasures as are
necessary to preserve its rights.
3. Countermeasures may not be taken, and if already taken must be suspended without undue delay if:
a. the internationally wrongful act has ceased; and
b. the dispute is pending before a court or tribunal which has the authority to make decisions
binding on the parties.
4. Paragraph 3 does not apply if the responsible State fails to implement the dispute settlement
procedures in good faith.”

Overall, article 52 seeks to establish reasonable procedural conditions for the taking of
countermeasures in a context where compulsory third party settlement of disputes may not be
available, immediately or at all. At the same time, it needs to take into account the possibility
that there may be an international court or tribunal with authority to make decisions binding
on the parties in relation to the dispute.17 Countermeasures are a form of self-help, which
responds to the position of the injured State in an international system in which the impartial

15
Supra note 13.
16
Id.
17
Supra note 3.
12
settlement of disputes through due process of law is not yet guaranteed. Where a third party
procedure exists and has been invoked by either party to the dispute, the requirements of that
procedure, e.g. as to interim measures of protection, should substitute as far as possible for
countermeasures. On the other hand, even where an international court or tribunal has
jurisdiction over a dispute and authority to indicate interim measures of protection, it may be
that the responsible State is not cooperating in that process. In such cases the remedy of
countermeasures necessarily revives.18

“Article 53. Termination of countermeasures

Countermeasures shall be terminated as soon as the responsible State has complied with its
obligations under Part Two in relation to the internationally wrongful act.”

Article 53 deals with the situation where the responsible State has complied with its
obligations of cessation and reparation under Part Two in response to countermeasures taken
by the injured State. Once the responsible State has complied with its obligations under Part
Two, no ground is left for maintaining countermeasures, and they must be terminated
forthwith. The notion that countermeasures must be terminated as soon as the conditions,
which justified them, have ceased is implicit in the other articles in this chapter. In view of its
importance, however, article 53 makes this clear. It underlines the specific character of
countermeasures under article 49.

18
PETER MALANCZUK, AKEHURST’S MODERN INTRODUCTION TO INTERNATIONAL LAW (7th Edn., Oxford
University Press: Oxford, 1997)

13
KEY TERMINOLOGY
In this project, we adopt a narrow definition of cyber-attack, one meant to focus attention on
the unique threat posed by cyber-technologies: “A cyber-attack consists of any action taken
to undermine the functions of a computer network for a political or national security
purpose.”19 Implicit in this term is the requirement that the conduct must be active: either
offense or active defense. Active defense includes “electronic countermeasures designed to
strike attacking computer systems and shut down cyber-attacks midstream.”20 Governments
are likely to employ both active and passive defenses—and the two are often designed to
work in tandem—but the passive defense cannot on its own amount to a cyber-attack.

In order to understand cyber-attack, it is important to appreciate the distinctions between

cyber-attack and cyber-crime. Cyber-crime is a broad concept analytically distinct from
cyber-attack. While, as with the concept of cyber-attack, there is no universally recognized
definition of cyber-crime,21 there are aspects of cyber-crime that are broadly recognized. In
particular, cyber-crime is generally understood as the use of a computer-based means to
commit an illegal act. One typical definition describes cyber-crime as “any crime that is
facilitated or committed using a computer, network, or hardware device.” 22 Cyber-crime,
unlike the definition of cyber-attack proposed in this Article, is thus often defined by its
means—that is, a computer system or network. As such, cyber-crime encompasses a very
broad range of illicit activity. Among the priorities of the Department of Justice and FBI units
addressing cyber-crime are fraudulent practices on the Internet, online piracy, storage and
sharing of child pornography on a computer, and computer intrusions.23 Unlike cyber-attacks,
cyber-crimes need not undermine the target computer network (though in some cases they
may do so), and most do not have a political or national security purpose. Finally, like all

19
Oona Hathaway, Rebecca Crootof, William Perdue and Philip Levitz, The Law of Cyber-Attack, 100
CALIFORNIA LAW REVIEW 817, 822 (2012).
20
JEFFREY CARR, INSIDE CYBER WARFARE 46 (2010).
21
Sarah Gordon & Richard Ford, On the Definition and Classification of Cybercrime, 2 JOURNAL OF COMPUTER
VIROLOGY 13, 13 (2006)
22
DEBRA LITTLEJOHN SHINDER, SCENE OF THE CYBERCRIME: COMPUTER FORENSICS HANDBOOK 16 (Ed Tittel
Ed., 2002)
23
U.S. DEPARTMENT OF JUSTICE, COMPUTER CRIME AND INTELLECTUAL PROPERTY SECTION, CRIMINAL
DIVISION, PROSECUTING COMPUTER CRIMES (2nd edn., 2010)
14
crimes, but unlike cyber-attacks, cyber-crimes are generally understood to be committed by
individuals, not states. While the distinction between cyber-crime and cyberattack is
important, we acknowledge that it often will not be readily apparent at the moment of the
cyber-event whether it is one or the other (or both)—in part because the identity and purpose
of the actor may not be apparent. Such uncertainty counsels in favor of an immediate
response that would be appropriate to either cyber-crime or a cyber-attack. Most cyber-
crimes do not also constitute cyber-attack or cyber-warfare. An act is only a cyber-crime
when a non–state actor commits an act that is criminalized under domestic or international
law.
Consider the following three scenarios, each of which includes a cyber-crime that is not a
cyber-attack:
First, a non–state actor commits an illegal act for a political or national security purpose by
means of a computer network but does not undermine that network. For example, an
individual might commit a cyber-crime by expressing political dissent over the Internet
where that dissent is illegal under domestic law. Similarly, an individual might commit a
cyber-crime by hacking into a major bank’s records with a national security or political
purpose but without undermining the bank’s system in the process.
Second, a non–state actor commits an illegal act by means of a computer network—and
undermines a computer network—but not for a political or national security purpose. Again
consider the bank data hacker, who now manages to undermine the bank’s online account
system but whose only purpose is economic gain. This, too, would constitute a cyber-crime,
but not a cyber-attack or cyber-warfare.
Third, a non–state actor is engaged in illicit activity using a computer or network but does not
undermine the function of a computer network and does not operate with a political or
national security purpose. A person who transfers child pornography, for example, would
commit a cyber-crime but not a cyberattack, both because the actions do not undermine the
function of a computer network and because he or she is not motivated by a political or
national security purpose.
Just as some cyber-crimes are neither cyber-attacks nor cyber-warfare, some cyber-attacks
are neither cyber-crimes nor cyberwarfare. Two scenarios fall into this cyber-attack-only
category. The first includes attacks carried out by a state actor, outside the context of an
armed conflict, provided its effects do not rise to the level of an armed attack. An example is

15
the attack by the Chinese government on the Falun Gong website in 2011.24 Note that such
attacks must still satisfy all elements of the cyber-attack definition, including undermining
the function of a computer network for a political or national security purpose. As noted
above, however, any act by a state actor automatically satisfies the political or national
security purpose requirement.
The second cyber-attack-only scenario includes attacks by non–state actors that do not rise to
the level of an armed attack and which do not constitute a cyber-crime, either because they
have not been criminalized under national or international law or because they do not use
computer-based means. Practically speaking, it is unlikely for a private actor to purposefully
undermine the function of a computer network without also violating the law, but such gaps
in the criminal law are conceptually possible. It is furthermore worth noting that a large
majority of cyber-attacks would likely involve computer-based means, though such means
are not necessary to cyber-attack under the definition proposed here. 25
While cyber-activity may constitute only cyber-crime or only cyberattack, a substantial
proportion of cyber-crimes are also cyber-attacks. The overlapping area between cyber-crime
and cyber-attack seen in Figure 1 occurs when a non–state actor commits an illegal act by
means of a computer network, undermines a computer network, and has a political or
national security purpose. The consequences of this act would not rise to the level of an
armed attack, or the activity would also constitute cyber-warfare. Note also that a state
committing this very same act would not fall within this overlap, since only a non–state actor
can commit a cyber-crime. Take, for example, a hypothetical group of individuals who
hacked into the U.S. State Department’s server and shut it down out of disdain for the U.S.
government. This instance would fall within the overlap between cyber-crimes and cyber-
attacks given that a non– state actor committed the act, for a political or national security
purpose, and it undermined a computer network.26
Cyber-warfare is distinctive among the three cyber-categories considered here in that cyber-
warfare must also constitute a cyber-attack. The overlapping area between cyber-attack and
cyber-warfare (but not cyber-crimes) includes two types of attacks. The first type includes
attacks carried out by any actor in the context of an armed conflict, provided those actions

24
Ellen Nakashima & William Wan, China’s Denials on Cyberattacks Undercut, THE WASHINGTON POST
(August 24, 2011).
25
Supra note 22, at 832.
26
Id.
16
could not be considered cyber-crimes, either because they do not constitute war crimes, or do
not employ computer-based means, or both. The second type includes attacks carried out by a
state actor, which produce effects equivalent to those of a conventional armed attack. Note
that this use of force may be either lawful or unlawful; because the actor is a state actor, even
unlawful actions do not necessarily constitute “cyber-crime.”27
Cyber-warfare can also constitute both cyber-attack and cyber-crime. The area of intersection
between all three includes two types of attacks carried out by a non–state actor. First, it
includes attacks in the context of an existing armed conflict that undermine the function of a
computer network for a political or national security purpose, violate the criminal law (for
example, war crimes), and were committed by means of a computer system or network.
Second, it includes attacks that produce effects equivalent to those of a conventional armed
attack, undermine the function of a computer network for a political or national security
purpose, and are violations of the criminal law committed by means of a computer system or
network.
Therefore, a cyber-attack may be carried out by state or non–state actors, must involve active
conduct, must aim to undermine the function of a computer network, and must have a
political or national security purpose. Some cyber-attacks are also cyber-crimes, but not all

27
Jeffrey T.G. Kelsey, Hacking into International Humanitarian Law: The Principles of Distinction and
Neutrality in the Age of Cyber Warfare, 106 MICHIGAN LAW REVIEW, 1427, 1429 (2008).

17
CYBER ATTACK AND THE RIGHT TO SELF DEFENSE

Considering that the laws governing cyber-attacks conducted on an international scenario are
not very extensive, very often, the laws of war are applied to it. The general definition that is
applied to a cyber attack is that a cyber attack is a cyber operation, whether offensive or
defensive, that is reasonably expected to cause injury or death to a person, or damage or
destruction to objects.28 Although this definition is limited to operations against individuals
or physical objects, the limitation should not be understood as excluding cyber operations
against date from the ambit of the term attack.29
The use of force against the territorial integrity and sovereignty of a nation has been declared
a violation of the UN Charter, 30 and international customary law. The concept extends to
armed conflict alone. This is established in Article 51, 31 which specifically uses the
terminology “armed attack” when referring to self-defense against a use of force. Similarly,
the Declaration on Principles of International Law Concerning Friendly Relations and Co-
operation Among States in Accordance with the Charter of the United Nations, 32 the UN
Charter’s main interpretative guidelines clearly state that when speaking of the use of force,
this article cannot be construed as enlarging or diminishing in any way the scope of the
provisions of the Charter concerning cases in which the use of force. Furthermore, none of
the requirements of the Nicaragua33 judgment about the use of force are met. Furthermore,
following the strict liability approach, it is deemed in many treaties that a cyber attack must
damage the critical infrastructure of a nation in order to constitute a use of force. 34

28
MICHAEL N. SCHMITT (ED.), TALLINN MANUAL ON THE INTERNATIONAL LAW APPLICABLE TO CYBER
WARFARE (2013), at Rule 30.
29
Id.
30
UN Charter, Art. 2(4).
31
UN Charter, Art. 51
32
Declaration on Principles of International Law Concerning Friendly Relations and Co-operation Among
States in Accordance with the Charter of the United Nations, G.A. Res. 85/8028, U.N. GA-Legal, 25th Sess., at
85, U.N. Doc. A/RES/25/2625 (1970).
33
Case Concerning Military and Paramilitary Activities in and Against Nicaragua (Nicaragua v. United States
of America), 1986 I.C.J. 1986.
34
WALTER GARY SHARP SR., CYBERSPACE AND THE USE OF FORCE 129-31 (1999).
18
International law also considers magnitude and duration of the use of force to be material
parameters.35
However, alternatively, it must also be remembered that in the Military and Paramilitary
Activities in and Against Nicaragua case,36 it was propounded that there need not be a kinetic
effect manifested in order to construe the resort to force.37 It can thus be inferred that a cyber
attack on government servers of a state may be construed to be a use of force. State practice
and opinions of pertinent states like the Russian Federation,38 Estonia39 and the USA40 clearly
lay out that they consider a cyber attack the use of force, as mentioned in Article 2(4).

35
Armed Activities on Territory of Congo (Dem. Rep. Congo v. Uganda) 2005 I.C.J. (Dec. 19). DRC.
36
Supra note 27.
37
Advisory Opinion on Legality of the Threat or Use of Nuclear Weapons [1996] ICJ Reports 226.
38
J. Markoff, Signs of agreement appear between U.S. and Russia, NEW YORK TIMES, April 15, 2010.
39
NATO Parliamentary Assembly, NATO on Cyber Defense,59,173 DSCFC09 E bis, (2009), 59.
40
Joint Chiefs of Staff, National Military Strategy of the United States of America: A Strategy for Today, Vision
for Tomorrow, US GOVERNMENT PRINTING OFFICE, 2004.

19
CYBER ATTACKS AND COUNTERMEASURES
Preoccupation with cyber armed attacks is counter-experiential. Few, if any, cyber operations
have crossed the armed attack threshold. By contrast, malicious cyber operations below that
level are commonplace.41 For instance, Chinese hackers have penetrated powerful financial
institutions like Morgan Stanley and the U.S. Chamber of Commerce, 42 as well as such
influential media outlets as the New York Times, Wall Street Journal, and Washington
Post. 43 Reportedly, the Chinese government also hires contractors to conduct cyber
operations, a prominent example being the “Comment Crew,” which has breached the
passive defenses of U.S. defense industries. 44 The Syrian Electronic Army has conducted
disruptive operations against media and human rights groups it styles as anti- Assad, like Al-
Jazeera, the BBC, National Public Radio, Human Rights Watch, and Anonymous. 45 Perhaps
most significantly, U.S. Cyber Command possesses unparalleled capabilities to conduct
operations below the armed attack threshold.
States who have been subjected to an intervention by another state under the threshold of an
armed attack may respond by countermeasures and acts of retorsion. In cases of attacks by
individuals or groups whose conduct is not attributable to a state, the state may exercise
national criminal jurisdiction.46 All of these may be useful depending on the situation, yet
they share a variety of potential problems, not least of which being the effectiveness of each
of them. According to the commentary of the International Law Commission on the Draft

41
Kenneth Geers et al., FIREEYE LABS, WORLD WAR C: UNDERSTANDING NATION-STATE MOTIVES BEHIND
TODAY’S ADVANCED CYBER ATTACKS (2013).
42
Siobhan Gorman, ‘China Hackers Hit U.S. Chamber’, WALL STREET JOURNAL, December 21st, 2011,
available at: http://online.wsj.com/news/articles/SB10001424052970204058404577110541568535300 (last
accessed: April 25th, 2017).
43
Nicole Perlroth, Wall Street Journal Announces That it, Too, Was Hacked by the Chinese, NEW YORK TIMES,
January 31st, 2013, available at: http://www.nytimes.com/2013/02/01/technology/wall-street-jo urnal-reports-
attack-by-china-hackers.html (Last accessed: April 25th, 2017).
44
Office of the Secretary of Defense., Annual Report to Congress: Military and Security Developments
Involving the People’s Republic of China 36 (2013), available at
http://www.defense.gov/pubs/2013_china_report_final.pdf.
45
Hayley Tsukayama & Paul Farhi, Syrian Hackers Claim Responsibility for Disrupting Twitter, New York
Times Web Site, WASHINGTON POST, August 28th, 2013, Available at: http://www.washington
post.com/lifestyle/style/syrian-hackers-claim-responsibility-for-hacking-twitter-new-york-times-web-
site/2013/08/27/20500f58-0f5c-11e3-bdf6-e4fc677d94a1_story.html (Last accessed April 25 th, 2017).
46
Supra note 22, at 877.
20
Articles on State Responsibility, countermeasures are “measures that would otherwise be
contrary to the international obligations of an injured state vis-à-vis the responsible State”
which are carried out as a response to an internationally wrongful conduct. Article 2 of the
Draft Articles states that an internationally wrongful act consists of two elements: the act is
attributable to the state under international law and it constitutes a breach of an international
obligation of the state. The breach may relate to treaty-based obligations of a state or those
stemming from customary international law. Also an omission may constitute an
internationally wrongful act.
The law of state responsibility applies to cyber operations of states as well. In other words, if
the conditions are met, states may respond to cyber attacks conducted on them as well as use
cyber operations as countermeasures themselves.47 This view was also adopted in the Tallinn
Manual.48 Countermeasures have been a relatively rare occurrence, especially since the end
of the Cold War. The legal uncertainty and the strict limitations of countermeasures
combined with the fact that states seem to steer clear of invoking the right to take
countermeasures when reacting to less grave uses of force suggests that the role of
countermeasures will remain less significant in the future as well. This is also the case with
cyber countermeasures too.

47
Michael N. Schmitt, “Below the Threshold” Cyber Operations: The Countermeasures Response Option and
International Law, 54(3) VIRGINIA JOURNAL OF INTERNATIONAL LAW 698, 702 (2014).
48
MICHAEL N. SCHMITT (ED.), TALLINN MANUAL ON THE INTERNATIONAL LAW APPLICABLE TO CYBER
WARFARE (2013).

21
CONCLUSION

Therefore, in light of the above, it can be seen how cyber attacks have become a matter of
common occurrence, but very rarely of the threshold seen in the Stuxnet attack. Therefore,
resorting to the use of force and a reciprocal cyber attack is not the wisest proposition for the
maintenance of peace in international relations. It has long been believed that the advent of
the internet and cyber counter-intelligence is a truly Grotian moment in international law.
The norms of use of force have consequently changed. The availability of cyber technology
and its relatively lower cost in comparison to weapons of mass destruction makes resorting to
cyber attacks a lot easier for nations.
In the interest of global cooperation, states would be well-advised to consider
countermeasures as methods for retaliation to cyber breaches. This may put certain critical
infrastructure requirements to a disadvantage, but there can never be any consequent legal
issues that arise due to an actual use of force, or a cyber attack that manifests in kinetic,
physical, destructive consequences.

22
BIBLIOGRAPHY

Judicial Pronouncements
1. Advisory Opinion on Legality of the Threat or Use of Nuclear Weapons [1996] ICJ
Reports 226.
2. Armed Activities on Territory of Congo (Dem. Rep. Congo v. Uganda) 2005 I.C.J.
(Dec. 19). DRC.
3. Air Services Agreement case (France v. United States), 18 R.I.A.A. 416 (1978).
4. Case Concerning Military and Paramilitary Activities in and Against Nicaragua
(Nicaragua v. United States of America), 1986 I.C.J. 1986.
5. Gabcikovo-Nagymaros Project (Hungary v. Slovakia), [1997] ICJ Rep. 7.
6. Portuguese Colonies case (Naulilaa incident), UNRIAA, vol. II (Sales No. 1949.V.1)
(1928).

Books
1. E. Zoller, Peacetime Unilateral Remedies: An Analysis of Countermeasures 179–189
(Dobbs Ferry Ed., New York: Transnational, 1984).
2. JAMES CRAWFORD, STATE RESPONSIBILITY 647 (2nd Edn., Oxford University Press:
Oxford, 2008).

Journal Articles
1. Bruno Simma, Countermeasures and Dispute Settlement: A Plea for a Different
Balance, 5 EUROPEAN JOURNAL OF INTERNATIONAL LAW 102, 103 (1994).
2. Thomas M. Franck, On Proportionality of Countermeasures in International Law,
102(4) AMERICAN JOURNAL OF INTERNATIONAL LAW 715, 727 (2008).
3. Enzo Cannizaro, The Role of Proportionality in the Law of International
Countermeasures, 26 EUROPEAN JOURNAL OF INTERNATIONAL LAW 24, 43 (2000).
4. David J. Bederman, Counterintuiting Countermeasures, 96 AMERICAN JOURNAL OF

INTERNATIONAL LAW 817, 820 (2002).

5. J. Markoff, Signs of agreement appear between U.S. and Russia, NEW YORK TIMES,
April 15, 2010.
6. NATO Parliamentary Assembly, NATO on Cyber Defense,59,173 DSCFC09 E bis,
(2009), 59.

23
7. Joint Chiefs of Staff, National Military Strategy of the United States of America: A
Strategy for Today, Vision for Tomorrow, US GOVERNMENT PRINTING OFFICE, 2004.
8. Siobhan Gorman, ‘China Hackers Hit U.S. Chamber’, WALL STREET JOURNAL,
December 21st, 2011, available at:
http://online.wsj.com/news/articles/SB10001424052970204058404577110541568535
300 (last accessed: April 25th, 2017).
9. Nicole Perlroth, Wall Street Journal Announces That it, Too, Was Hacked by the
Chinese, NEW YORK TIMES, January 31st, 2013, available at:
http://www.nytimes.com/2013/02/01/technology/wall-street-jo urnal-reports-attack-
by-china-hackers.html (Last accessed: April 25th, 2017).

24