Cyberwar and Cyberterrorism

Terms such as “cyberwar” and “cyberterrorism” have been extensively used in the media, in the official governamental reports and amongst academics. Even if they have been often hyped, experts agree that it is unlikely that cyberwar will occur in the future (Thomas Rid and Bruce Scheneier; on the contrary, Jeffrey Carr).

Nonetheless, they do acknowledge that cyber threats are real and that various cyber tools and techniques are becoming increasingly important in international conflict, including those used for sabotage, espionage, and subversion.

Common element between the two is the lack of an internationally accepted definition.

US government security expert Richard A. Clarke, in his book Cyber War, defines “cyberwarfare” as “actions by a nation-state to penetrate another nation’s computers or networks for the purposes of causing damage or disruption.” The Economist describes “cyberwarfare” as “the fifth domain of warfare”.

The lack of common understanding opens various other issues:

  • How it is possible to formulate a definition of “cyberwar” while facing the impossibility of proving the source of an attack ?
  • Which might be the implication for the right of self-defense and for the rule of engagement?
  • Without a clear attribution, how it is conceivable to distinguish cyberwar acts from cyberterrorism attacks?

The word “cyberterrorism” refers to two elements: cyberspace and terrorism. Mark Pollitt constructs a working definition such as the following:
“Cyberterrorism is the premeditated, politically motivated attack against information, computer systems, computer programs, and data which result in violence against non combatant targets by subnational groups or clandestine agents. ”This definition is necessarily narrow. For the term “cyberterrorism” to have any meaning, we must be able to differentiate it from other kinds of computer abuse such as computer crime, economic espionage, or information warfare. I would suggest that the latter is a offensive and defensive function of governments.
It is first important to note that no single definition of the term “terrorism” has yet gained universal acceptance. Additionally, no single definition for the term “cyber terrorism” has been universally accepted. Also, labeling a computer attack as “cyber terrorism” is problematic, because it is often difficult to determine the intent, identity, or the political motivations of a computer attacker with any certainty until long after the event has occurred.

The Stuxnet code, the cyber espionage alleged to originate in China, and the attacks to Estonia and Georgia have been widely reported as examples of cybeterrorism and possible acts of cyberwar . Profound investigations of the incidents could prove neither an authorship of a sovereign state nor serious harm as a consequence of the attacks. This is one of the most fundamental problems: In the relative anonymity and complexity of the Internet and the ability to cross international borders and jurisdictions with impunity, it is very difficult to know exactly who is behind the attacks and their exact motive.

Tech and Law Center will assess the various definitions of cyberwar and cyberterrorism. To achieve this result, TLC will focus its research primarily on gathering scientific material (papers, studies and research), case law and recently approved legislation. In addition to this activity it will organize workshops with top experts from the sector aiming at exploring which might be adequate law to apply at international and national level.