1
Challenges in Applying the Law of Armed Conflict to Cyberspace
Richard W. Aldrich
1
On June 17, 2010 a small antivirus company established in Belarus discovered what would later
come to be known as the Stuxnet worm. Later research would reveal that a variant of the worm existed
at least a year earlier. Stuxnet reputedly caused the physical degradation of some 1000 centrifuges at
the Natanz facility in Iran, based on data of the International Atomic Energy Agency (IAEA).
2
While the
identity of the perpetrators is still unknown almost two years later, some have suggested nation-state
involvement due to the sophistication of the malware. The heavily hardened Natanz facility was built to
withstand “bunker buster” bomb attacks, but apparently not cyber-attacks. The incident has created
new impetus for examining the law of armed conflict in cyberspace.
On the 5
th
of February of this year, several senior government officials, including Secretary of State
Hillary Clinton, Prime Minister David Cameron, Chancellor Angela Merkel and others, participated in the
47
th
Munich Security Conference to address, among other issues, how the Geneva and Hague
Conventions should be applied in cyberspace. A joint US-Russian bilateral document presented at the
conference offered recommendations in five key areas:
1. Detangling Protected Entities in Cyberspace
2. Application of the Distinctive Geneva Emblem Concept in Cyberspace
3. Recognizing New Non-State Actor and Netizen Power Stature
4. Consideration of the Geneva Protocol Principles for Cyber Weaponry
5. Examination of a Third, ‘Other-Than-War’ Mode
This paper will examine the merits and challenges of each recommendation, as well as the overarching
challenge of attribution in cyberspace.
I. Detangling Protected Entities in Cyberspace
The aim of this recommendation is to “promote the preservation of the observed principles of the
[Geneva and Hague] Conventions that protect humanitarian critical infrastructure and civilians.”
3
The
concern seems to be how to disentangle internet communications that support protected civilian
functions from those that would be legitimate military targets. It is widely estimated that at over 95
percent of military Internet communications ride over the commercial backbone,
4
which shows just how
1
Mr. Aldrich is a Lead Associate at Booz Allen Hamilton and the Senior Computer Network Operations Policy
Analyst for the Information Assurance Technology Analysis Center.
2
David Albright, Paul Brannan, and Christina Walrond, “Did Stuxnet Take Out 1,000 Centrifuges at the Natanz
Enrichment Plant? Preliminary Assessment,” ISIS, Dec. 22, 2010 (available at http://www.isis-online.org/isis-
reports/detail/did-stuxnet-take-out-1000-centrifuges-at-the-natanz-enrichment-plant/).
3
Karl Frederick Rauscher & Andrey Korotkov, “Working Towards Rules For Governing Cyber Conflict: Rendering
the Geneva and Hague Conventions in Cyberspace,” at 7 (Jan. 2011) [hereinafter “EastWest Proposal”].
4
Science Applications International Corporation, “Information Warfare: Legal, Regulatory, Policy and
Organizational Considerations for Assurance,” research report for the chief, Information Warfare Division
