< DeepSec 2016 Talk: Assessing the Hacking Capabilities of Institutional and Non-institutional Players

New Article: Applicability of Criminal Law and Jus ad Bellum to Cyber-Incidents

by Oscar Serrano & Florin-Răzvan Radu & Ele-Marit Eomois

Despite current efforts to adapt existing legal instruments to regulate hostile activities in cyber space, there is uncertainty about the legal situation of actors affected by these actions. Part of this uncertainty is due to the fact that being the cyber domain technically complex, there is a strong need for collaboration between technical and legal subject matter experts, collaboration which is difficult to achieve.  This paper aims to narrow the gap existing between the legal work in the area and the technical situations that arise during the day to day defence of computer networks. With this purpose, it defines a taxonomy of possible cyber-incidents, and analyses the predictable consequences of each type of cyber-incident with the purpose of mapping cyber-incidents to either Jus ad Bellum or criminal law.  Not surprisingly, this mapping justifies that most cyber operations fall outside Jus ad Bellum and usually account only to harassment, criminal acts or espionage, and as such they shall be prosecuted using national or international criminal law. The paper identifies the very few cases in which cyber-incidents could theoretically account to an armed attack (i.e. a cyber-attack).
This article appears in the special edition „In Depth Security – Proceedings of the DeepSec Conferences Vol. 2“. Edited by Stefan Schumacher and René Pfeiffer


To the MJS Archive