Computer network attack and international humanitarian law

 Knut Dörmann, Legal Adviser, International Committee of the Red Cross, Geneva  

 This paper reflects the views of the author alone and not necessarily those of the International Committee of the Red Cross.  

 Introduction  

1. Computer network attacks (CNA) are a relatively recent phenomenon. CNA have been tentatively described as operations to disrupt, deny, degrade, or destroy information resident in computers and computer networks, or the computers and networks themselves. It may be waged against industries, infrastructures, telecommunications, political spheres of influence, global economic forces, or even against entire countries.

2. Traditional information warfare mainly consisted of physical attacks on lines of communication. CNA however may involve new ways of fighting, for example, hacker activities, viruses, trojan horses and worms. Attacks could be conducted from a distance, through radio waves or international communications networks, without physical intrusion beyond enemy borders and wit hout immediate traditional physical damage. The consequences of CNA may be devastating if certain system malfunctions are caused. For example a virus may be used to attack a nuclear power plant computer system causing the release of dangerous forces.

3. Despite certain uses in recent conflicts, it seems that so far CNA have not been fully integrated into military doctrine. There is however already considerable research on CNA capabilities taking place, which lets assume that interconnected communications and computer systems will become more and more vulnerable.

4. In this short paper some aspects of what prohibitions or limitations on the use of CNA might follow from international humanitarian law will be explored.

 Definition of International humanitarian Law (IHL)  

5. IHL is applicable only in times of armed conflict and composed of the two following types of rules:

• Rules which limit the right of the parties to use means and methods of war;

• Rules which protect the persons and property in times of armed conflict.

6. In particular the first set of rules relating to the use of means and methods of warfare seems to be relevant in assessing possible restrictions on CNA. The core provisions are to be found in the 1977 Additional Protocols I and II to the Geneva Conventions (AP I, AP II) and customary international law.

 Applicability of IHL  

7. The fact that a particular military activity is not specifically regulated, does not mean that it can be used without restrictions. It is perfectly reasonable to assume that also the new forms of CNA, which do not involve the us e of traditional weapons, are subject to IHL just as any new weapon or delivery system has been so far when used in an armed conflict.

8. One of the fundamental rules of IHL states that the right of the Parties to the conflict to choose methods or means of warfare is not unlimited. If CNA is used against an enemy in order to cause damage, it can hardly be disputed that CNA is in fact a method of warfare.

9. The only difficulty, as far as applicability of IHL is concerned, would arise if the first, or only, " hostile " acts were conducted by these means - would this amount to an armed conflict within the meaning of the 1949 Geneva Conventions and other IHL treaties?

10. So far hostilities have involved physical violence and kinetic energy leading to human casualties or material damage. In the case of IHL, the motivation for the application of the law is to limit the damage and provide care for the casualties. This would support an expansive interpretation of when IHL begins to apply. Nevertheless, whether CNA alone will ever come to be seen as amounting to an armed conflict will probably be determined in a definite manner only through future state practice. At least, there are strong arguments in favour of the applicability of IHL when CNA is intended to or does result in physical damage to persons, or damage to objects that goes beyond the computer program or data attacked.

 What restrictions does the existing IHL impose on the use of CNA?  

11. Three areas of this law seem to be particularly relevant: the principle of distinction and all the rules that are derived from this, the use of ruses of war and the prohibition of perfidy, and the rules relating to combatant status.

 The principle of distinction  

12. The principle of distinction is defined as follows: In order to ensure respect for and protection of the civilian population and civilian objects, the Parties to a conflict are required at all times to distinguish between the civilian population and combatants and between civilian objects and military objectives and accordingly must direct their operations only against military objectives (Art. 48 AP I).

13. In particular the following rules follow from this principle:

• the obligation to direct attacks only against " military objectives " ;

• the prohibition of indiscriminate attacks;

• the need to minimise collateral civilian damage and to abstain from attacks if such damage is likely to be disproportionate to the value of the military objective to be attacked;

• the need to take the necessary precautions to ensure that the above three rules are respected.

 Only military objectives may be attacked  

14. The generally accepted definition of a military objective is contained in AP I (Art. 52). The definition comprises two conditions: first, it must make an effective contribution to the military action of the adversary and secondly, in the circumstances ruling at the time, its attack must offer a definite military advantage to the attacker. Whenever these two conditions are simultaneously present, there is a military objective in the sense of existing IHL.

15. Computer networks could be qualified as " communications " . Many military manuals refer to " means of communication " as typical military objectives. A simple reference to these statements, without taking into account the requirements of the aforementioned definition, could lead to the appalling result that any computer network used by the adversary State a nd its citizens could be attacked. However, in order to amount to a military objective either the piece of network being affected must meet the two conditions or the object that the network is controlling. This would, for example, be the case if computer networks are used for command and control purposes. However, the computer system of a hospital, which performs its normal humanitarian functions, would not be a military objective.

16. In this context, it must also be remembered that IHL contains special protections against attacks for particular objects, which in our days are highly dependent on computer control. For example, certain attacks against objects indispensable to the survival of the civilian population, such as drinking water installations and irrigation works, or attacks against installations containing dangerous forces, namely dams, dykes and nuclear electrical generating stations are prohibited. These prohibitions are independent of the type of weapons or methods of warfare used. They would therefore cover also attacks effected by means of cyber warfare, for example manipulation of the computer system of a dam which leads to opening the floodgates.

 The prohibition  of indiscriminate attacks  

17. IHL prohibits indiscriminate attacks. In accordance with Art. 51 (4) AP I, an indiscriminate attack is defined as one which is either not carefully aimed at a specific military objective (through carelessness or use of weapons that are by nature not capable of being so directed) or because the effects of an attack on a military objective are uncontrollable and unpredictable.

18. From what has been written so far on CNA, this might potentially be the most serious problem. How could a CNA be aimed accurately at the intended target and, even if one capable of doing this, not at the same time creating a host of unforeseen and unforeseeable effects? This problem is due to the fact that civilian and military computer networks are in practice highly interconnected.

19. It is evident that the dual-use of many telecommunications networks may further exacerbate the difficulty in distinguishing between military and civilian systems and, consequently, between military targets, which are lawful, and civilians, which are unlawful.

 The problem of collateral damage  

20. The need to avoid, or at least minimise, incidental damage to civilians and civilian objects is a generally accepted rule of IHL (Art. 57 [2 ] [a ] [ii ] AP I). An attack against a military objective with lawful means or methods of warfare causing collateral civilian damage or injury only becomes illegal, if it violates the rule of proportionality. The wording used in Art. 51 (5)(b) AP I is: " an attack which may be expected to cause incidental loss of civilian life, injury to civilians, damage to civilian objects, or a combination thereof, which would be excessive in relation to the concrete and direct military advantage anticipated " .

21. The advance evaluation as to whether likely civilian damage would be disproportionate has an inherent difficulty in that one is comparing two different things - the concrete and direct military advantage on the one side and the collateral civilian damage or injury on the other. Nevertheless, it is clear that this rule also imposes important limitations on the use of CNA.

 Precautions in attack  

22. In order to respect and implement the rules relating to the principle of distinction, certain precautions must be taken. These are defined in Art. 57 AP I.

23. In order to make the evaluation as to whether something is a military objective or the extent of incidental damage that could be expected and its potential excessiveness, sufficient intelligence is required. Computer network exploitation (CNE), which can be carried out from the relative security of the computer terminal far from the actual battlefield, could help gain maximum information on the situation of the adversary and be an important means to implement the rules on precautions in attack. The precondition is, however, that the data about the adversary is available on reachable networks and that the data is not itself deliberate misinformation. Therefore, the military should not rely on CNE solely. CNE together with other reliable intelligence sources, in particular gathering intelligence on the spot, could well enable the parties to a conflict to take good precautions in attack.

 Ruses of war and perfidy  

24. Computer data creates new opportunities for practising ruses of war. Since CNE is likely to be an important tool for intelligence gathering, the parties to a conflict will be tempted to plant misinformation deliberately with a view to confuse the adversary. Such misinformation about one's own military plans is perfectly lawful and is no different in principle to any other vehicle for misinformation.

25. As with all ruses of war, the parties to a conflict must ensure that they do not cross the line into perfidy (definition see Art. 37 AP I). For example, causing enemy forces to believe that combat vehicles of the opponent were medical vehicles or those of neutrals would be perfidious.

 Combatants and CNA  

26. There is some likelihood that CNA would be carried out by specialised personnel. They might or might not be incorporated in the armed fo rces of a party to a conflict. In accordance with existing rules the following would apply:

27. If incorporated into the armed forces, such personnel would have all the rights and liabilities of combatants: They could be attacked like any other combatant and should endeavour to be in uniform if captured in order to be entitled to prisoner-of-war status (POW status means in particular that the person cannot be prosecuted for the mere fact of taking part in hostilities). Persons captured in the adversary's territory without uniform conducting CNE operations would be considered spies and would therefore not be entitled to POW status.

28. The situation of technicians that act for the army but are not incorporated into it is more problematic. There might be a strong argument that persons who actually undertake CNA would be considered civilians who would have no POW status if captured and could be prosecuted for the mere fact of taking part in the hostilities (Their conduct does not seem to be comparable to the situation of civilians described in Art. 4 (4) of Geneva Convention III of 1949, which are entitled to POW status.). They would also be subject to attack.

 Conclusions  

29. There does not seem to be a provision of international law that explicitly outlaws CNA. However, despite the newness of both technology of CNA, legal restrictions will almost certainly apply to its use. Some of them have been outlined in this paper.

30. CNA can only be undertaken in a way that would respect existing law. Certain uses would probably be not only violations of the law of armed conflict, but could also amount to war crimes. After technical analysis, it must be determined in particular whether certain types of CNA (for example, the introduction of worm viruses) would be inherently indiscriminate.

31. In this context it should be remembered that in accordance with AP I in the study, development or adoption of a new weapon or method of warfare, States are under an obligation to determine whether its employment would, in some or all circumstances, be prohibited by any rule of international law applicable to the State. Therefore, States should be encouraged to make such a thorough determination before integrating various forms of CNA in their military doctrine.

 Selected Bibliography  

Louise Doswald-Beck, Some thoughts on Computer Network Attack and the International Law of Armed Conflict , forthcoming

Wolff Heintschel v. Heinegg, Informationsrecht und Völkerrecht , in: Epping/Fischer/v. Heinegg (eds.), Brücken bauen und begehen. Festschrift für Knut Ipsen zum 65. Geburtstag, Publisher C.H. Beck, München 2000, pp. 129 et seq.

James J. Busuttil, A Taste of Armageddon: The Law of Armed Conflict as Applied to Cyberwar, in: The Reality of International Law: Essays in Honour of Ian Brownlie, Oxford: Clarendon 1999, pp. 37 et seq.