Difference between revisions of "Scenario 10: Legal review of cyber weapons"

Jump to navigation Jump to search
(incorporating review DW)
(incorporating review DW)
State A develops new sophisticated malware designed to weaken the military capacity of its adversaries in times of armed conflict. The software is capable of replicating itself through cyber infrastructure.
Once installed in a host system, the malware assesses it for the presence of a specific [[Glossary|programmable logic controller (PLC)]] used by several States for the purposes of automated maintenance of military equipment. If it does not detect this specific PLC in a given host system, it attempts to further spread through any connected networks and then it shuts itself down in that particular host system. However, if the detection is positive, the malware uses a vulnerability in the PLC to slightly alter the maintenance process.
The effect of this alteration is that instead of servicing the equipment in question, the maintenance machines damage it and thus render it unusable. Tests in controlled environment show that whenever the malware is installed in a host system, it causes it to significantly slow down for a short period of time. However, it is not expected to cause physical damage unless the target PLC is detected in a specific host system.
=== Examples ===
* [[Stuxnet (2010)]]
== Legal analysis ==
''For a general overview of the structure of analysis in this section, see [[Note on the structure of articles]].''
The analysis in this scenario examines State obligations to conduct a weapons review with respect to cyber capabilities duringthey peacetimemay develop or acquire. In particularthe first place, it considers whether malware capable of physical destruction qualifies as a weapon. thatThis is especially significant because classifying a capability as a weapon means that it must comply with the relevant rules of IHL. The analysis then zones in on the question whether such malware would be considered as inherently indiscriminate and therefore prohibited by IHL.
{{#lst:Legal review of cyber weapons|Definition}}
In the present scenario, the malware developed by State A would qualify as a “cyber weapon” due to its ability to produce physical destruction, which is an effect that qualifies as “violence against the adversary”.<ref>Art 49(1) [https://ihl-databases.icrc.org/applic/ihl/ihl.nsf/Treaty.xsp?documentId=D9E6B6264D7723C3C12563CD002D6CE4&action=openDocument AP I].</ref> State A would accordingly be under a duty to ensure that the use of this malware complies with its international obligations. This is so irrespective of whether State A is currently involved in any armed conflict or not. If State A has ratified Additional Protocol I, its duties would additionally extend to conducting a formal legal review, which would include the assessment of the malware’s compliance with all applicable rules of international law.
* Scenario by: [[People|Kubo Mačák]]
* Analysis by: [[People|Kubo Mačák]]
* Reviewed by: [TBC[Peer reviewers|Reviewer174]]; [[Peer reviewers|Reviewer793]]
{| class="wikitable"