A legal understanding of state-linked cyberattacks and malicious cyber activities

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Many countries have fallen victim to state-linked cyberattacks and malicious activities. State-linked cyber operations pose serious legal threats and challenges to the stability and security of cyberspace. The discussion aims to establish a legal understanding pertaining to the differences and similarities between state-linked cyber operations such as cyberattacks and malicious cyber activities. In many instances, the terms are used interchangeably. Conduct that may be considered as malicious activities are referred to as cyberattacks. However, cyberattacks and malicious activities are not the same and the consequences and motive for the state-linked cross-border cyber operation may differ. State-linked cyberattacks is defined as a cyber operation that is reasonably expected to cause injury or death to persons or damage or destruction to objects such as DDoS attacks or ransomware attacks. State-linked malicious cyber activities consist of theft of information (espionage), disinformation and false websites. Malicious activities do not cause physical harm to persons or objects. However, the harm in the instance of espionage may consist of financial loss and/or undermining trust in the ability of the government to protect sensitive information or sowing political and social discord such as interference in another country’s elections or referendums. Cyber operations evoke various debatable questions such as how should a victim state respond to state-linked cyber operations and when does state behaviour in a foreign cyberspace constitute an act of cyber war or information war? Drawing a clear distinction is relevant when it comes to a victim state’s response to a foreign state’s cyber operation in their cyberspace on national, international and global level. Stability and security in cyberspace may be achieved by means of international norms governing state behaviour specifically cross-border cyber operations. Although a country should not abuse the cyberspace of another country, the discussion debates the negotiation and enforcement of cyber norms governing state behaviour and how countries should respond to unlawful cyber operations on national and global level.

Original languageEnglish
Title of host publicationProceedings of the 18th European Conference on Cyber Warfare and Security, ECCWS 2019
EditorsTiago Cruz, Paulo Simoes
PublisherCurran Associates Inc.
Pages560-567
Number of pages8
ISBN (Electronic)9781912764280
Publication statusPublished - 2019
Event18th European Conference on Cyber Warfare and Security, ECCWS 2019 - Coimbra, Portugal
Duration: 4 Jul 20195 Jul 2019

Publication series

NameEuropean Conference on Information Warfare and Security, ECCWS
Volume2019-July
ISSN (Print)2048-8602
ISSN (Electronic)2048-8610

Conference

Conference18th European Conference on Cyber Warfare and Security, ECCWS 2019
Country/TerritoryPortugal
CityCoimbra
Period4/07/195/07/19

Keywords

  • Cross-border state cyber operations
  • Cyberattack
  • Law
  • Malicious cyber activities
  • Norms for state behaviour in cyberspace
  • State cyber operations and international law

ASJC Scopus subject areas

  • Information Systems
  • Information Systems and Management
  • Safety, Risk, Reliability and Quality

Fingerprint

Dive into the research topics of 'A legal understanding of state-linked cyberattacks and malicious cyber activities'. Together they form a unique fingerprint.

Cite this