- Sputnik International
Get the latest news from around the world, live coverage, off-beat stories, features and analysis.

EU Stipulating Cyber Attacks as Act of War 'Intended More as Symbol' - Analyst

CC0 / / Cyber space
Cyber space - Sputnik International
EU member states may adopt measures to respond "in grave instances" to cyber attacks with conventional weapons. Dr. James Brown, an associate professor of political science, told Radio Sputnik that such a move is intended as a deterrent to cyberattacks; however, the legality of this measure is under question.

Sputnik: Why has the initiative come at this moment?

James Brown: It is an indication that cyber security is one of the biggest issues at the moment; all governments are particularly concerned by this. Parts of this is simply because cyber weapons have become so much more sophisticated in recent years, but it’s also because of few recent developments that put this into the public eye. 

First of all, the alleged Russian intervention in the US election last year and also suggestion that North Korea has actively used cyber weapons to attack its adversaries as well. They feel that it is necessary to take action now. Not so much to indicate that they are really taking a military response to this, but rather the document is intended as a symbol of how significant the EU believes this issue is and also they intend this as a deterrent: they want to show to any country that is considering launching a cyberattack against the EU that the EU is going to take it very seriously and consider all possible responses to it.

Sputnik: Can a cyberattack really be accessed or equated with an act of war? Is it really that severe that it can be equated to an act of war?

James Brown: It is something that has been debated for quite a long time now and I suppose the answer in short is yes. That seems to be where the debate is going and that is because a cyber attack might not be limited to a small scale incident; I don’t think anyone would think that it would be equal to an act of war, but a cyberattack could be incredibly wide spread. It could affect the critical infrastructure of a country. It could shut down a country’s transportation, health care systems and if that was the case there could be causalities. In that case it is possible that a cyberattack could be equated to an act of war.

Sputnik: How relevant and legal would a military response to a cyberattack be? Is it legal and who or what would determine which cyberattacks require military retaliation? 

James Brown: As to the legal question that is a very difficult one and as yet it hasn’t been fully worked out. But the thinking about it at present seems to be in theory similar to a conventional military response. If you are going to launch a cyberattack, that would be judged only legitimate if it was for defensive purposes. So international law states that aggressive war is always unacceptable, always illegal, but a force can be used when it is … in self-defense or perhaps it’s also raised by the UN Security Council. So that would be the theory of it. 

In reality, however, as with conventional weapons I think what we will end up seeing in the coming years is that powerful states will probably go ahead and use cyberattacks when they judge this in their interest. Even if in actual fact it would be judged to be illegal in international law and the reason for that is frankly because big powerful states have the ability to ignore international censure.

Sputnik: How can we define who the perpetrators of cyberattacks actually are?

James Brown: That is exceptionally difficult. Indeed that is part of the appeal of cyberattacks, that’s why they are so attractive to state actors because they are deniable. Experts quite often say that they can assess, with quite a high level of confidence, that an attack came from a particular country, but it is always a bit of a guess. They say that they can identify certain technical features, which indicate that perhaps it came from a particular country, but there is nothing to say that the attacker was from another country. They would have the potential to actually include some of those technical features within the attack to make it look like it was coming from another country, so it could deliberately incorporate a diversionary element to it. 

States can also pursue the option of employing criminal groups to carry out attacks on their behalf, so that creates an additional layer of distance. In all of that, it means it’s very difficult for a state to be absolutely confident where the attack came from. Of course, if you are going to retaliate against the attack you have to be absolutely certain where it came from.

Dr. James Brown is an associate professor in political science at Temple University, Japan.

To participate in the discussion
log in or register
Заголовок открываемого материала