Cyberspace Operations, Stuxnet, Jus ad Bellum and Jus in Bello
Air War College Air University Maxwell AFB United States
Pagination or Media Count:
Air Force Doctrine Document 3-12 defines cyberspace as a global domain within the information environment consisting of the interdependent network of information technology infrastructures, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers. Cyberspace attacks are on the rise. In September 2012, hackers attacked Canadian energy companies that manage 60 percent of all oil and gas pipelines in North and Latin America. At about the same time, sophisticated hackers attacked several large United States banking institutions in cyberspace attacks that experts concluded had been planned for weeks. And the now-famous Stuxnet cyber weapon infected the software that controls Irans nuclear weapons centrifuges, resulting in what some experts believe was the first cyberspace attack targeting infrastructure control software.This paper will analyze the application of the law of armed conflict to cyber operations, applying jus ad bellum principles to cyber operations in order to determine when a cyberspace attack constitutes a use of force. Then, applying the jus ad bellum principles to the Stuxnet worm, the paper argues that Stuxnet constituted a use of force under Article 24 of the United Nations Charter. Further, analyzing the jus in bello principles of proportionality, military necessity, and discrimination, the paper concludes that the Stuxnet attack complied with all applicable principles of international humanitarian law.