Cyberwar: Cyberattacks In The Light Of International Law

The beginning of the third millennium marks a period of dynamic technological advancement, combining the Fourth Industrial Revolution, which significantly popularized the development of artificial intelligence, robotics, and access to the virtual world. The turn of the 20th and 21st centuries is not only a time of progress in electronics and information technology but also a substantial increase in the intensity of information flow, forming the basis for the functioning of the economy and reflecting the realities of social life. Phenomena such as globalization, technological development, and widespread use of the Internet have led to the creation of cyberspace—a digital space for processing and exchanging information. This space is made up of all telecommunication and information systems, the connections between them, and the relationships between them, their users, and between the users themselves.

Cyberspace has become a domain of activity not only for individuals but also for institutions and states. A natural consequence of this is the emergence of negative phenomena that follow the reality shifting into the online world. Cyberspace protection has therefore become one of the fundamental strategic objectives in the security policies of every state. Until recently, conflicts in cyberspace were largely the domain of science fiction films. Nowadays, no one doubts that what happens in virtual reality has a real impact on our lives. The free movement of people, goods, information, and capital largely depends on the ability of states to create effective mechanisms to prevent threats to the digital space and combat their effects. As a result, states and institutions are investing increasingly substantial resources into developing both defensive and offensive capabilities in cyberspace to achieve specific strategic outcomes.

Recent statistics indicate that the number of crimes committed in cyberspace has significantly increased. In 2021, compared to 2020, there was a rise of 125%. In  the first half of 2022, there were nearly 240,000,000 ransomware attacks. It is predicted that in the coming years, generative artificial intelligence (GenAI) will play a major role among other cyber threats. Hyper-realistic audio and video content are expected to drive a new wave of breaches. A report by the British intelligence agency GCHQ, dated January 24, 2024, indicates the growing importance of GenAI in conducting cyberattacks. The greatest threat stems from the fact that the capabilities offered by artificial intelligence do not require special technical skills from cybercriminals. It is important to note, however, that cybercrimes are not a new phenomenon, although their significant intensification has occurred in the 21st century. Cyberattacks affect not only individuals but also institutions and states. With the development of cyber technology, the classic definition of war has been revised, and the actions of aggressors have partially shifted online, as seen in the conflicts in Iran and Georgia. Among the largest attacks were those experienced by Japan during its conflict with South Korea in 2010, as well as by the governments of Canada, Singapore, the United States, Germany, Romania, Sri Lanka, the USA, Australia, and Poland.

For several years, Ukraine has been a kind of cyber testing ground where Russia has been practising its digital capabilities, which is part of the so-called Gerasimov Doctrine, also known as the Russian concept of new generation war. During the six months of the war, 1,123 cyberattacks were registered. Simultaneously, attacks are being carried out against Ukraine's allies, with Poland being a prime example. On June 29, 2024, Prosecutor Piotr Skiba, spokesperson for the District Prosecutor's Office in Warsaw, announced the initiation of an investigation into the dissemination of disinformation aimed at causing serious disruptions in the political system or economy of the Republic of Poland. This was carried out by an unknown person or persons involved in foreign intelligence activities, or acting on their behalf, by gaining unauthorized access to the editing system of the Polish Press Agency S.A. in liquidation and twice publishing false, disinformation press dispatches on May 31, 2024, at 14:00:53 and 14:17:15 in PAP's Daily Information Service, falsely reporting the announcement of partial mobilization in Poland. On December 12, 2023, Ukraine’s largest mobile network, Kyivstar, fell victim to a cyberattack that disrupted the operation of alarm sirens and prevented Ukrainians from receiving alerts warning of a Russian air attack. In April 2024, cybersecurity experts and investigators from the Security Service of Ukraine identified Russian hackers from the SandWorm group, which is a regular unit of the Russian Main Intelligence Directorate. 

These examples confirm that the topic of this analysis is crucial not only due to the need for an in-depth examination of cyberattacks but also due to the current global situation. Just as the 20th century is called the century of genocide, the first quarter of the 21st century may be labelled the age of cybercrime. Statistics show that in one year, nearly 1,000,000,000 emails were disclosed, affecting 1 in 5 Internet users. Data breaches in 2022 cost companies an average of $4,350,000. In the first half of 2022 alone, there were approximately 236,100,000 ransomware attacks worldwide, and 1 in 2 American Internet users experienced an account breach. Moreover, 38% of British companies reported being victims of a cyberattack in 2022. Nearly 53,350,000 U.S. citizens were affected by cybercrime in the first half of 2022. 

Literature indicates that cyberwar poses a real threat. John Michael McConnell even stated that we have entered a new era of danger, and cyberattacks can harm our way of life as destructively as nuclear weapons. Notably, Poland ranks first among all nations globally in the National Cyber Security Index, scoring 90.83, which measures a country's ability to fend off and handle cyber threats.

This paper attempts to provide a comprehensive understanding of the concept of cyberattacks in the context of international humanitarian law and to establish a definition of such actions while taking into account the specificity of cyberspace. The primary focus of this analysis focuses on the research subject of cyberattacks and the interpretation of applicable norms when they occur. It is important to emphasize that there is currently no international convention regulating cybercrime. The aim of the article is to present cyberattacks against the background of the established concept of attacks in international law, with particular attention to the differences stemming from cyberspace.

Read more