The likelihood of an unprovoked cyberattack is low, according to extensive new legal research featured in an upcoming issue of the British journal INFO. This research explores a 150-year-old series of Geneva Conventions related to cyberwar. However, defining "cyberwar" remains elusive, and reaching a broad consensus on its definition is challenging.
What is Cyberwar?
The terms "cyber" and "war" have been abstract concepts for many years. After an attack, nations typically assert the right to proportional responsive measures, using all available means during warfare.
International Treaty Provisions
While the topic of cyberwar is widely discussed, few know that two key provisions were added to an international treaty in the 1990s. This treaty, signed and ratified by almost every country, limits the conditions under which a nation can adversely affect another nation's networks, services, and equipment. These provisions were added following major cybersecurity incidents and obligate nations to:
- Avoid causing "technical harm to the operation of telecommunication services of other States."
- Recognize the necessity of taking practical measures to prevent disruptions to telecommunication installations within other Member States' jurisdictions.
The term "telecommunication" here covers all services, signals, or communicated intelligence via any medium. The stringent nature of these provisions may lead to the inclusion of a "defensive measures" clause in future treaty reviews.
Historical Context and Future Steps
Since the first agreements to interconnect networks in 1850 and enable worldwide wireless communication in 1906, the potential for ICT cyber incidents during conflicts has been recognized. Decades of experience have refined these treaty provisions, which were further enhanced over a decade ago following early Internet incidents.
Beyond obligations to other countries, all states recognize a broad right to stop any communications within their jurisdiction that "may appear dangerous to the security of the State or contrary to its laws, public order, or decency."
The next steps toward implementing these "ICT security" provisions are advancing under a U.N. Experts Group agreement reached by 15 of the world’s major powers on July 15.
Moving Forward
While defining "cyberwar" may be challenging, nations are increasingly cooperating to reduce threats, risks, and vulnerabilities through various forums and means. It seems that cyberspace is mirroring the real world, with countries finding common ground to implement existing treaty provisions and avoid escalating cyber conflicts.
