Footnotes (162)



Rethinking Computer Network 'Attack': Implications for Law and U.S. Doctrine

Paul Walker

U.S. Navy Judge Advocate General's Corps

March 12, 2010

Journal of National Security Law & Policy, Forthcoming

Because much of current legal scholarship uncritically accepts either popular, hacker-based notions of computer “attacks” or the definition of “computer network attack” used in United States military doctrine, a critical approach to what constitutes an "attack" under international humanitarian law is needed. First making the case that the definition of “attack” in Article 49 of Additional Protocol I is customary international law, the article examines a number of methodologies that can provide the appropriate determination that an “act of violence” involving computers, computer networks or information systems has occurred. Of the three methodologies examined, the consequence-based method is the most appropriate. This methodology is applied to two information-based capabilities, distributed denial-of-service (DDoS) actions and chip-level actions, to determine whether or not these types of actions are, in fact, “attacks” under IHL. The article concludes that DDoS actions-- despite widespread belief to the contrary-- do not rise to the level of an attack under IHL. Chip-level actions may constitute IHL attacks if the foreseeable consequences involve death, injury to personnel, or destruction of property, which is the case for some, but by no means all, chip-level (and malicious software) actions. In calling for a more rigorous adherence to well-defined legal standards and definitions in the area of information-based warfare, the article concludes with a call to revise the United States definition of “computer network attack” in order to more closely adhere to the definition of attack under IHL.

Number of Pages in PDF File: 56

Keywords: computer network attack, international humanitarian law, law of war, article 49, attack

Open PDF in Browser Download This Paper

Date posted: April 10, 2010  

Suggested Citation

Walker, Paul, Rethinking Computer Network 'Attack': Implications for Law and U.S. Doctrine (March 12, 2010). Journal of National Security Law & Policy, Forthcoming. Available at SSRN: https://ssrn.com/abstract=1586504

Contact Information

Paul Walker (Contact Author)
U.S. Navy Judge Advocate General's Corps ( email )
United States
Feedback to SSRN

Paper statistics
Abstract Views: 2,102
Downloads: 151
Download Rank: 154,503
Footnotes:  162