The use of Cyber Space has been adopted widely and various functions, which previously were in the realm of the real world, have shifted to that of the virtual world. The use of cyberspace is not limited only to the usage of civilians. Each day, intelligence units, ministries and departments make use of cyberspace in sophisticated manners which a civilian would not be aware of. A simple instance of the same is the usage of Google or social media platforms such as Facebook to track the movements of the citizens of a particular country making cyber espionage a pertinent issue.
Additionally, the military reliance on this technology has opened the fifth domain of war-fighting next to the traditional domains of land, sea, air and outer space. It is important in the context of sovereignty that every country’s citizens are protected from crime and espionage prevalent on the internet, which is why this blog suggests a holistic and an international approach to countering the same. Cyberspace, not being subject to geographical or natural boundaries challenges the notion of sovereignty and therefore international law would be the forum where the same could be effectively dealt with.
CYBER ESPIONAGE-THE ART OF EAVESDROPPING
Cyber espionage, in common parlance, can be termed as eavesdropping and in the 21st century, it is seen that each country is engaging in the same. Spying is believed to be the world’s second oldest profession and as state-on-state wars continued to flare, states sent spies across sovereign borders to collect intelligence.
As stated earlier, various activities have shifted from the real to the virtual one and spying has been one of them. In the twenty-first century, traditional state-sponsored surveillance and espionage have been transformed into a sophisticated and high-stakes enterprise which deploys highly advanced technologies. Now cyber activity is used for electronic surveillance for intelligence purposes, mimics traditional spying, in anticipating terrorist attacks, learning about the foreign policy plans of adversaries, gaining an advantage in foreign relations and negotiations. However, a good deal of the cyber-sleuthing involves economic matters, sometimes extending to include intellectual property theft and is undertaken by states or their proxies to secure comparative economic gain in trade negotiations.
THE ROLE OF INTERNATIONAL LAW
There are two views on whether international law permits cyber spying or not. First view is that international law either permits cyber espionage or does not regulate it all. The second proposition is seen due to the SS Lotus case in 1927 where the ICJ was of the opinion that in the absence of a rule explicitly dealing with the same, states are free to act. Going by the analogy, lacking any rule against spying, the same is permitted.
A manner of tackling the same could be bringing espionage under the purview of it being contrary to the customary norm of non-intervention which is a corollary of state sovereignty. The principle of non-intervention is reflected in the U.N. Charter and aims at the protection of territorial integrity and sovereignty of the state.
Additionally, the ICJ also stated in the Nicaragua case that non-intervention also means “the element of coercion” and coercion does not necessarily mean force. Therefore, cyber warfare targeting government activities tends to interfere with the internal affairs of a state and the same also amounts to coercion.
Some scholars have argued in the alternative that cyber espionage is a lawful precursor to a state’s exercise of its Article 51 self-defence rights. The argument is that in modern times, preparing in well advanced and anticipating an armed attack is critically important. Espionage widely used by states and thus is supported by a norm of customary international law.
International space remains a netherworld for intelligence activities – whatever surveillance or cyber spying a government does outside its own national borders short of the use of force is an international law free-for-all. Decades of state practice have created a norm that surveillance or espionage may be conducted across borders without violating sovereignty. The examples of acceptable practices in cyber spying include collecting the contents of electronic communications; scrutinizing government computer systems through cyber penetration, including SCADA systems; exfiltration of government data which includes military or any other national security secrets etc.
The term “cyber warfare” denotes a new form of warfare which is conducted in cyberspace through cyber means and methods. It can be identified as an internationally connected network of digital information and communications infrastructures, including internet, telecommunications network, computer systems etc.
The cyber war problem is one that is purely man- made and since 1998 when Chinese hackers attacked Indonesian government sites, the problem of cyber war has been prevalent
In International law, in order to qualify as war there has to be the presence of force. To what extent can cyber operations be construed as force is where the problem arises? Overall there is no consensus as to the precise threshold at which cyber operations should amount to an internationally wrongful threat or use of force.
Cyber warfare is also justified by various nations as being done in self-defence. In the post-world war II era, cyber-security has evolved from a technical discipline to the strategic concept. The power of the internet is immense and today there is growing dependence upon it and the disruptive capability of cyber attackers now threaten national and international security.
The nature of a security threat has changed a lot, but the internet provides a new delivery mechanism that can increase the speed, scale, and power of an attack. National critical infrastructures are now at risk. As a consequence, all future political and military conflicts will have a cyber-dimension, whose size and impact is difficult to predict. World leaders must address the threat of strategic cyber-attacks with strategic responses in favour of cyber defence. The nations will now have to adopt technologies like that of deterrence, arms control and technology.
Cyber-attacks deterrence lacks creditability because hacker skills are easy to acquire and because attackers are often able to conduct high-asymmetry attacks even while remaining anonymous to their victims.
Cyber arms controls appear unlikely because cyberspace is too big to inspect and malicious code is even hard to define. However political will, perhaps in the wake of a future cyber-attack, could change the status-quo.
The dynamic nature of Cyberspace makes it difficult to predict the next future cyber-attack, or how serious it could be. A key challenge for the national security planners is that the hacker tools and techniques required for cyber espionage are often the same as for cyber-attacks.
Hackers today have enormous advantages over cyber defenders, including anonymity and asymmetry. In fact, if there is a future war between major world powers, a significant degree of fighting will take place on the cyberspace only, and the first victim may be the internet itself.
To shift the balance, the cyber defenders will need to increase the trust in hardware and software. More improved defence strategies should be there. The government will also have to play an active role in this action-packed future.
Whereas on the other hand, International law has to furnish its sections related to ‘force’ and ‘armed attack’. The ambiguity related to these factors is not giving a convincing answer to the ones affected by the cyber-warfare. The societies, trusts and the NGOs will have to play a more active role in supporting the statutory international law bodies related to the cyber-warfare. More opinions and research work should be conducted by the scholars to provide the law bodies with an adequate amount of evidence. The problem of Jurisdiction, armed attack, international etc. has to be sorted out as early as possible.
The coming together of interests of victims of surveillance and cyber espionage has presented an opportunity to begin developing new norms and international law that could be more rationale, predictable. The costs of cyber espionage are real and as the technology progresses the threats and vulnerabilities will increase. At present Nation States are woefully underprepared for the level of cyber espionage they are facing. Meanwhile, blowback from the Snowden leaks has generated sufficient political pressure to cause some changes in domestic surveillance authorities. As those reforms develop, and privacy claims are litigated in the international stage and European courts, it is likely that new international law will emerge, too, perhaps in tandem with reforms to the limits on cyber espionage.