Editing Scenario 16: Cyber attacks against ships on the high seas

Jump to navigation Jump to search

Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.

The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.

Latest revision Your text
Line 86: Line 86:
 
<b>[L21] </b>The cyber operation in <b>incident 2</b> may be considered as a law enforcement operation. Circumstances that would support such a conclusion include that the cyber operation was not intended to defend State A against a threat to its sovereignty,<ref>Patricia Kwast, ‘Maritime Law Enforcement and the Use of Force: Reflections on the Categorisation of Forcible Action at Sea in the Light of the Guyana/Suriname Award’ (2008) 13 Journal of Conflict and Security Law 49, 81.</ref> but rather to prevent the passage of a vessel.<ref>Case Concerning the Detention of Three Ukrainian Naval Vessels (Ukraine vs the Russian Federation) (Order for Provisional Measures 2019) ITLOS 26, para 72 (holding that a dispute concerning the interpretation of a regime of passage is not military in nature).</ref> If the cyber operation was preceded by the attempted arrest and charging of those on the merchant vessel, this would also support qualifying the operation as law enforcement.<ref>Case Concerning the Detention of Three Ukrainian Naval Vessels (Ukraine vs the Russian Federation) (Order for Provisional Measures 2019) ITLOS 26, para 76.</ref> However, the isolated nature of the cyber operation against the merchant vessel, and the lack of prior circumstances suggesting a law enforcement action<ref>Ibid, para 73 (“After being held for about eight hours, the Ukrainian naval vessels apparently gave up their mission…and sailed away from it. The Russian Coast Guard then ordered them to stop and, when the vessels ignored the order…started chasing them. It was at this moment and in this context that the Russian Coast Guard used force…”).</ref> may undermine the operation’s classification as maritime law enforcement.
 
<b>[L21] </b>The cyber operation in <b>incident 2</b> may be considered as a law enforcement operation. Circumstances that would support such a conclusion include that the cyber operation was not intended to defend State A against a threat to its sovereignty,<ref>Patricia Kwast, ‘Maritime Law Enforcement and the Use of Force: Reflections on the Categorisation of Forcible Action at Sea in the Light of the Guyana/Suriname Award’ (2008) 13 Journal of Conflict and Security Law 49, 81.</ref> but rather to prevent the passage of a vessel.<ref>Case Concerning the Detention of Three Ukrainian Naval Vessels (Ukraine vs the Russian Federation) (Order for Provisional Measures 2019) ITLOS 26, para 72 (holding that a dispute concerning the interpretation of a regime of passage is not military in nature).</ref> If the cyber operation was preceded by the attempted arrest and charging of those on the merchant vessel, this would also support qualifying the operation as law enforcement.<ref>Case Concerning the Detention of Three Ukrainian Naval Vessels (Ukraine vs the Russian Federation) (Order for Provisional Measures 2019) ITLOS 26, para 76.</ref> However, the isolated nature of the cyber operation against the merchant vessel, and the lack of prior circumstances suggesting a law enforcement action<ref>Ibid, para 73 (“After being held for about eight hours, the Ukrainian naval vessels apparently gave up their mission…and sailed away from it. The Russian Coast Guard then ordered them to stop and, when the vessels ignored the order…started chasing them. It was at this moment and in this context that the Russian Coast Guard used force…”).</ref> may undermine the operation’s classification as maritime law enforcement.
   
<b>[L22] </b>If the cyber operation in <b>incident 2</b> was characterised as a law enforcement operation, it would be likely to be classed as unlawful. The lack of a valid jurisdictional basis would support a finding of unlawfulness. State A had no jurisdictional basis to conduct a cyber operation against the merchant vessel, as it was not the flag State of the vessel, nor did it have the flag State’s consent. The exceptions that can grant jurisdiction over foreign flagged vessels also do not apply in this scenario (see paras L14-L16 above).
+
<b>[L22] </b>If the cyber operation in <b>incident 2</b> was characterised as a law enforcement operation, it would be likely to be classed as unlawful. The lack of a valid jurisdictional basis would support a finding of unlawfulness. State A had no jurisdictional basis to conduct a cyber operation against the merchant vessel, as it was not the flag State of the vessel, nor did it have the flag State’s consent. The exceptions that can grant jurisdiction over foreign flagged vessels also do not apply in this scenario (see paras XX above).
   
 
<b>[L23] </b>In addition, the actions taken would likely have also breached the standards imposed on enforcement operations. The cyber operation was the first measure used, thus not meeting the requirement that auditory or visual signals should be used first. Moreover, the interference with the navigation systems caused by the cyber operation had the potential to result in the death or injury to the crew and severe damage to the ship. State A would thus likely have failed to make all efforts to ensure life would not be endangered.<ref>See The M/V Saiga Case, para 156.</ref>
 
<b>[L23] </b>In addition, the actions taken would likely have also breached the standards imposed on enforcement operations. The cyber operation was the first measure used, thus not meeting the requirement that auditory or visual signals should be used first. Moreover, the interference with the navigation systems caused by the cyber operation had the potential to result in the death or injury to the crew and severe damage to the ship. State A would thus likely have failed to make all efforts to ensure life would not be endangered.<ref>See The M/V Saiga Case, para 156.</ref>
Line 98: Line 98:
 
<b>[L26] Incident 1</b> would be unlikely to be considered as a use of force. The severity of the operation was minimal; the data which was accessed was not corrupted or deleted, and the infrastructure that it was stored on remained functional after the incident. Though the access was invasive, the lack of significant consequences militates against considering the operation as a use of force.
 
<b>[L26] Incident 1</b> would be unlikely to be considered as a use of force. The severity of the operation was minimal; the data which was accessed was not corrupted or deleted, and the infrastructure that it was stored on remained functional after the incident. Though the access was invasive, the lack of significant consequences militates against considering the operation as a use of force.
   
<b>[L27] Incidents 2</b> and <b>3</b> would have to be distinguished as potential uses of force under Article 2(4) of the UN Charter rather than maritime law enforcement operations (see section 2.2.5 above) in order for the following analysis to apply.
+
<b>[L27] Incidents 2</b> and <b>3</b> would have to be distinguished as potential uses of force under Article 2(4) of the UN Charter rather than maritime law enforcement operations (see section XX above) in order for the following analysis to apply.
   
 
<b>[L28] </b>With respect to <b>incident 2</b>, the cyber operation would likely lack the necessary severity due to the absence of physical harm to the individuals on board the vessel and because the navigation’s loss of functionality was only temporary in nature. As such, it is unlikely that the cyber operation would reach the threshold of a prohibited use of force.
 
<b>[L28] </b>With respect to <b>incident 2</b>, the cyber operation would likely lack the necessary severity due to the absence of physical harm to the individuals on board the vessel and because the navigation’s loss of functionality was only temporary in nature. As such, it is unlikely that the cyber operation would reach the threshold of a prohibited use of force.
Line 113: Line 113:
 
==== Countermeasures====
 
==== Countermeasures====
 
{{#lst:Countermeasures|Definition}}
 
{{#lst:Countermeasures|Definition}}
<b>[L33] </b>State B launched a cyber operation against State A’s Foreign Office with the aim to end cyber operations against it (<b>incident 4</b>). International law permits it to take countermeasures in order to bring to an end those actions by State A that qualify as internationally wrongful acts. Incidents 2 and 3 arguably amounted to internationally wrongful acts (see paras L12, L17, and L20 above).
+
<b>[L33] </b>State B launched a cyber operation against State A’s Foreign Office with the aim to end cyber operations against it (<b>incident 4</b>). International law permits it to take countermeasures in order to bring to an end those actions by State A that qualify as internationally wrongful acts. Incidents 2 and 3 arguably amounted to internationally wrongful acts (see paras XX and XX above).
   
 
<b>[L34] </b>Countermeasures cannot be anticipatory; they must only be taken in response to an internationally wrongful act.<ref>Case Concerning the Gabčíkovo-Nagymaros Project (Hungary/Slovakia) (Judgment) [1997] ICJ Rep 7; Gary Corn and Eric T Jensen, ‘The Use of Force and Cyber Countermeasures’ (2018) 32 Temple International & Comparative Law Journal 127; Michael Schmitt ‘Below the Threshold Cyber Operations: The Countermeasures Response Option and International Law’ (2014) 54 Virginia Journal of International Law 697, 715.</ref> The vulnerability in the Foreign Office was identified prior to the cyber operations against the vessels; however, the operation against the computer in the Foreign Office was not launched until after the cyber operations in <b>incidents 2</b> and <b>3</b>. Therefore, the countermeasure would not qualify as anticipatory.
 
<b>[L34] </b>Countermeasures cannot be anticipatory; they must only be taken in response to an internationally wrongful act.<ref>Case Concerning the Gabčíkovo-Nagymaros Project (Hungary/Slovakia) (Judgment) [1997] ICJ Rep 7; Gary Corn and Eric T Jensen, ‘The Use of Force and Cyber Countermeasures’ (2018) 32 Temple International & Comparative Law Journal 127; Michael Schmitt ‘Below the Threshold Cyber Operations: The Countermeasures Response Option and International Law’ (2014) 54 Virginia Journal of International Law 697, 715.</ref> The vulnerability in the Foreign Office was identified prior to the cyber operations against the vessels; however, the operation against the computer in the Foreign Office was not launched until after the cyber operations in <b>incidents 2</b> and <b>3</b>. Therefore, the countermeasure would not qualify as anticipatory.

Please note that all contributions to International cyber law: interactive toolkit are considered to be released under the Creative Commons Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) (see International cyber law: interactive toolkit:Copyrights for details). If you do not want your writing to be edited mercilessly and redistributed at will, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource. Do not submit copyrighted work without permission!

Cancel Editing help (opens in new window)