Defining the Rules of Engagement: Legal and Ethical Standards in Cyber Conflict
Main Article Content
Abstract
In an increasingly digitized world, cyber conflicts are emerging as a critical domain of modern warfare and international relations. This paper examines the legal and ethical standards that govern cyber conflict, aiming to define clear rules of engagement. Through a detailed analysis of current international laws, national legislation, and ethical theories relevant to cyber operations, this research identifies gaps and challenges in the existing frameworks. Case studies of notable cyber incidents illustrate the practical implications of these legal and ethical standards. The study proposes a set of refined rules of engagement designed to address these deficiencies, ensuring ma ore coherent and consistent application of legal and ethical principles in cyber conflict. The findings suggest that while international consensus and cooperation are crucial, there is also a need for dynamic and adaptable rules that can keep pace with rapid technological advancements. This paper contributes to the growing discourse on cyber conflict by providing a comprehensive understanding of the legal and ethical dimensions and offering actionable recommendations for policymakers, legal experts, and cybersecurity practitioners.
Article Details
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
References
Alead, R. M. S. A., & Altalibe, A. a. A. (2023). Attribution Challenges in the era of Cyber warfare: Unraveling the identity of Cyber-Attackers. Deleted Journal, 3(16), 5287–5309. https://doi.org/10.21608/hiss.2023.337323
Barrett, E. T. (2013). Warfare in a new domain: the ethics of military cyber-operations. Journal of Military Ethics, 12(1), 4–17. https://doi.org/10.1080/15027570.2013.782633
Botes, M., & Lenzini, G. (2022). When Cryptographic Ransomware Poses Cyber Threats: Ethical Challenges and Proposed Safeguards for Cybersecurity Researchers. In European Symposium on Security and Privacy Workshops. https://doi.org/10.1109/eurospw55150.2022.00067
Brown, C. S. D. (2015). Cyber-Attacks, retaliation and risk. In Advances in digital crime, forensics, and cyber terrorism book series (pp. 166–203). https://doi.org/10.4018/978-1-4666-8456-0.ch008
Bruch, C., Altman, S., Al-Moumin, M., Troell, J., & Roffman, E. (2007). Legal frameworks governing water in the Middle East and North Africa. International Journal of Water Resources Development, 23(4), 595–624. https://doi.org/10.1080/07900620701488539
Caso, J. S. (2014). The rules of engagement for cyber-warfare and the Tallinn Manual: A case study. In The 4th Annual IEEE International Conference on Cyber Technology in Automation, Control and Intelligent. https://doi.org/10.1109/cyber.2014.6917470
Cavelty, M. D., & Smeets, M. (2023). Regulatory cybersecurity governance in the making: the formation of ENISA and its struggle for epistemic authority. Journal of European Public Policy, 30(7), 1330–1352. https://doi.org/10.1080/13501763.2023.2173274
Chang, Z. (2017). Cyberwarfare and international humanitarian law. Social Science Research Network. https://doi.org/10.2139/ssrn.2973182
Denning, D. E. (2008). The Ethics of Cyber Conflict. In The Handbook of Information and Computer Ethics (pp. 407–428). Wiley Telecom. https://doi.org/10.1002/9780470281819.ch17
Dipert, R. R. (2010). The ethics of cyberwarfare. Journal of Military Ethics, 9(4), 384–410. https://doi.org/10.1080/15027570.2010.536404
Droege, C. (2012). Get off my cloud: cyber warfare, international humanitarian law, and the protection of civilians. International Review of the Red Cross, 94(886), 533–578. https://doi.org/10.1017/s1816383113000246
Elliott, D. (2011). Deterring strategic cyberattack. IEEE Security & Privacy, 9(5), 36–40. https://doi.org/10.1109/msp.2011.24
Flowers, A., Zeadally, S., & Murray, A. (2013). Cybersecurity and US Legislative Efforts to address Cybercrime. Journal of Homeland Security and Emergency Management, 10(1). https://doi.org/10.1515/jhsem-2012-0007
Focarelli, C. (2015). Self-defence in cyberspace. In Edward Elgar Publishing eBooks. https://doi.org/10.4337/9781782547396.00023
García-Vargas, L., Durán-Aponte, E., & Chaux, E. (2023). The Role of Third Parties in Cyber Conflicts: The sima Simulator. Revista Colombiana De Psicología/Revista Colombiana De Psicologia, 32(1), 67–81. https://doi.org/10.15446/rcp.v32n1.96322
Geiß, R., & Lahmann, H. (2012). Cyber Warfare: applying the principle of distinction in an interconnected space. Israel Law Review, 45(3), 381–399. https://doi.org/10.1017/s0021223712000179
Giles, K., & Monaghan, A. (2014). Legality in Cyberspace: an adversary view. https://doi.org/10.21236/ada597232
Glorioso, L. (2015). Cyber Conflicts: Addressing the regulatory gap. Philosophy & Technology, 28(3), 333–338. https://doi.org/10.1007/s13347-015-0197-8
Gray, C. W. (1993). Evolving legal frameworks for private sector development in Central and Eastern Europe. http://documents.worldbank.org/curated/en/922841468770973557/Evolving-legal-frameworks-for-private-sector-development-in-Central-and-Eastern-Europe
Haataja, S., & Akhtar-Khavari, A. (2018). Stuxnet and international law on the use of force: an informational approach. Cambridge International Law Journal, 7(1), 99–121. https://doi.org/10.4337/cilj.2018.01.05
Haggard, S., & Lindsay, J. R. (2015). North Korea and the Sony hack : exporting instability through cyberspace. Asia-Pacific Issues, 117, 1. https://scholarspace.manoa.hawaii.edu/bitstream/10125/36444/1/api117.pdf
Ikegbu, E. A., & Diana-Abasi, F. I. (2017). Utilitarianism as a veritable vehicle for the promotion of a just society. LWATI, 14(2), 121–137. https://www.ajol.info/index.php/lwati/article/download/162939/152449
Jardine, E., & Porter, N. D. (2020). Pick Your Poison: The Attribution Paradox in Cyberwar. SocArXiv. https://ideas.repec.org/p/osf/socarx/etb72.html
Jensen, E. T. (2002). Computer attacks on critical national infrastructure: a use of force invoking the right of Self-Defense. Stanford Journal of International Law, 38, 207. https://digitalcommons.law.byu.edu/cgi/viewcontent.cgi?article=1212&context=faculty_scholarship
Jensen, E. T. (2012). Cyber attacks: Proportionality and precautions in attack. Social Science Research Network. https://doi.org/10.2139/ssrn.2154938
Jensen, E. T. (2014). Cyber Sovereignty: The way ahead. Social Science Research Network. https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2466904
Kanuck, S. (2010). Sovereign Discourse on Cyber Conflict under International Law. Texas Law Review, 88(7), 1571. http://static1.1.sqspcdn.com/static/f/956646/23348437/1377029193930/Kanuck+Sovereign+Discourse+Texas+Law+Review.pdf?token=OB2H803ZUnuwTFVt%2FzHzCpZkzm0%3D
Kao, D., Hsiao, S., & Tso, R. (2019). Analyzing WannaCry Ransomware Considering the Weapons and Exploits. In 21st International Conference on Advanced Communication Technology (ICACT). https://doi.org/10.23919/icact.2019.8702049
Kehler, C. R., Lin, H., & Sulmeyer, M. (2017). Rules of engagement for cyberspace operations: a view from the USA. Journal of Cybersecurity. https://doi.org/10.1093/cybsec/tyx003
Kelsey, J. T. (2008). Hacking into International Humanitarian Law: The Principles of Distinction and Neutrality in the Age of Cyber Warfare. Michigan Law Review, 106(7), 1427–1451. https://repository.law.umich.edu/cgi/viewcontent.cgi?article=1381&context=mlr
Kosseff, J. (2018). Developing collaborative and cohesive cybersecurity legal principles. In 10th International Conference on Cyber Conflict. https://doi.org/10.23919/cycon.2018.8405022
Lancelot, J. F. (2020). Cyber-diplomacy: cyberwarfare and the rules of engagement. Journal of Cyber Security Technology, 4(4), 240–254. https://doi.org/10.1080/23742917.2020.1798155
Lin, H. (2012). Cyber conflict and international humanitarian law. International Review of the Red Cross, 94(886), 515–531. https://doi.org/10.1017/s1816383112000811
Lonsdale, D. J. (2020). The Ethics of Cyber attack: pursuing legitimate security and the common good in contemporary conflict scenarios. Journal of Military Ethics, 19(1), 20–39. https://doi.org/10.1080/15027570.2020.1764694
Lucas, G. (2017). Ethics and Cyber warfare. https://doi.org/10.1093/acprof:oso/9780190276522.001.0001
Lucas, G. R. (2014). Ethics and Cyber Conflict: A Response toJME12:1 (2013). Journal of Military Ethics, 13(1), 20–31. https://doi.org/10.1080/15027570.2014.908012
Miller, S., Regan, M., & Walsh, P. F. (2021). National Security intelligence and Ethics. In Routledge eBooks. https://doi.org/10.4324/9781003164197
Nyabuto, C. R. (2018). Game of Code: Challenges of Cyberspace as a domain of Warfare. the Strathmore Law Review, 3(1), 49–72. https://doi.org/10.52907/slr.v3i1.102
Pipyros, K., Mitrou, L., Gritzalis, D., & Apostolopoulos, T. (2016). Cyberoperations and international humanitarian law. Information & Computer Security/Information and Computer Security, 24(1), 38–52. https://doi.org/10.1108/ics-12-2014-0081
Pistor, K., Keinan, Y., Kleinheisterkamp, J., & West, M. D. (2003). The Evolution of Corporate Law: A Cross-Country Comparison. Social Science Research Network. https://doi.org/10.2139/ssrn.419881
Power, D. J., Heavin, C., & O’Connor, Y. (2021). Balancing privacy rights and surveillance analytics: a decision process guide. Journal of Business Analytics, 4(2), 155–170. https://doi.org/10.1080/2573234x.2021.1920856
Prescott, J. M. (2014). Building the ethical cyber commander and the law of armed conflict. Rutgers Computer & Technology Law Journal, 40(1), 42.
Richardson, J. C. (2011). Stuxnet as Cyberwarfare: Applying the law of War to the virtual battlefield. Social Science Research Network. https://doi.org/10.2139/ssrn.1892888
Roche, E. M. (2019). The search for global cyber stability. Journal of Information Technology Cases and Applications/Journal of Information Technology Case and Application Research, 21(2), 68–73. https://doi.org/10.1080/15228053.2019.1636570
Roscini, M. (2015). Cyber operations as a use of force. In Edward Elgar Publishing eBooks. https://doi.org/10.4337/9781782547396.00022
Rowe, N. C. (2010). The ethics of cyberweapons in warfare. International Journal of Technoethics, 1(1), 20–31. https://doi.org/10.4018/jte.2010081002
Santhosh, T., & Thiyagu, K. (2024). Fostering Responsible Behavior online- Relevance of Cyber Ethics education. Malaysia Online Journal of Educational Techology, 12(1), 32–38. https://doi.org/10.52380/mojet.2024.12.1.428
Schmidt, L. (2015). Perspective on 2015 DOD Cyber Strategy. In RAND Corporation eBooks. https://doi.org/10.7249/ct439
Schmitt, M. N. (2013). Tallinn Manual on the international law applicable to cyber warfare. In Cambridge University Press eBooks. https://doi.org/10.1017/cbo9781139169288
Shackelford, S. (2020). Review of Cyber operations Strategies of the United States and Canadian Governments: A Comparative analysis. Social Science Research Network. https://doi.org/10.2139/ssrn.3727510
Shackelford, S., & Craig, A. (2014). Beyond the New “Digital Divide”: Analyzing the Evolving Role of National Governments in Internet Governance and Enhancing Cybersecurity. Stanford Journal of International Law, 50, 119.
Shaw, W. H. (2016). Utilitarianism and the ethics of war. In Routledge eBooks. https://doi.org/10.4324/9780203538333
Spagnol, G. (2021). Cyberspace: an advantageous terrain for war? In Advanced sciences and technologies for security applications (pp. 117–128). https://doi.org/10.1007/978-3-030-67973-6_8
Stöcker, C., Bennett, R., Nex, F., Gerke, M., & Zevenbergen, J. (2017). Review of the current state of UAV Regulations. Remote Sensing, 9(5), 459. https://doi.org/10.3390/rs9050459
Taddeo, M. (2012). An analysis for a just cyber warfare. In 4th International Conference on Cyber Confl ict (pp. 1–10).
Theohary, C. A., & Harrington, A. I. (2014). Cyber Operations in DOD Policy and Plans: Issues for Congress. In Congressional Research Service. http://goodtimesweb.org/overseas-war/2015/R43848.pdf
Trautman, L. J., & Ormerod, P. (2018). Wannacry, Ransomware, and the Emerging Threat to Corporations. 86 Tennessee Law Review, 503. https://doi.org/10.2139/ssrn.3238293
Tsagourias, N. (2012). Cyber attacks, self-defence and the problem of attribution. Journal of Conflict and Security Law, 17(2), 229–244. https://doi.org/10.1093/jcsl/krs019
Tsotniashvili, Z. (2024). Silicon Tactics: Unravelling the Role of Artificial Intelligence in the Information Battlefield of the Ukraine Conflict. Asian Journal of Research, 9, 54–64.
Usman, H., Ahmed, R. I., & Ali, S. S. (2022). Navigating the Gray Area: A Comprehensive Analysis of Cyber Warfare and its Relationship to the Law of Armed Conflict. Global Legal Studies Review, VII(III), 32–36. https://doi.org/10.31703/glsr.2022(vii-iii).05
Von Heinegg, W. H. (2012). Legal implications of territorial sovereignty in cyberspace. International Conference on Cyber Conflict, 1–13. http://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=6243962
Watney, M. (2014). Challenges pertaining to cyber war under international law. In 3rd International Conference on Cyber Security, Cyber Warfare and Digital Forensic, CyberSec. https://doi.org/10.1109/cybersec.2014.6913962
Wilton, C. (2017). Sony, Cyber Security, and Free Speech: Preserving the First Amendment in the modern world. Pace I.P., Sports & Entertainment Law Forum, 7(1), 1. https://doi.org/10.58948/2329-9894.1058