Cybercrime vs. Cyberwar: Paradigms for Addressing Malicious Cyber Activity

Journal of National Security Law and Policy, Forthcoming

21 Pages Posted: 8 Jun 2020 Last revised: 21 Jan 2021

Date Written: March 4, 2020


This contribution seeks to identify and assess the frameworks used to describe and deter malicious cyber activity (MCA), and to highlight legal and operational challenges in tackling problems that arise where these frameworks overlap or intersect. To that end, we examine two different models, an “armed conflict model” and a “law enforcement model,” that have been used to address the threat posed by such activity. The terms cyber-war and cyber-crime, respectively, encapsulate each of these models — yet the line separating these categories is not well defined, and both terms have been used by laypersons and experts alike to describe conduct ranging from network intrusions to data ex-filtration to denials-of-service. Our analysis of these ambiguities and their implications proceeds in four parts. Part I describes. Part II explores the assumptions underlying the predominant armed conflict model. Part III discusses the implications of characterizing MCA as cyber-war as opposed to cyber-crime. Part IV concludes by suggesting that these characterizations should be viewed along a continuum, and that the law enforcement model should not be given short shrift by policy-makers or — perhaps most importantly — appropriators.

Keywords: Cyber-crime, Cyber-war, Hacking, Armed Conflict, Law Enforcement

Suggested Citation

Eoyang, Mieke and Keitner, Chimène, Cybercrime vs. Cyberwar: Paradigms for Addressing Malicious Cyber Activity (March 4, 2020). Journal of National Security Law and Policy, Forthcoming, Available at SSRN: or

Mieke Eoyang


Chimène Keitner (Contact Author)

UC Hastings Law ( email )

200 McAllister Street
San Francisco, CA 94102
United States

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Abstract Views
PlumX Metrics