Cybersecurity and international law: a critical review of state sponsored cyber-attacks committed by civilian actors

Abstract

Today evolving threat from cyberspace are real and this allow rogue nation-states to conduct cyber-attack against other states and organisations for different reasons such as gaining access to their system, destroy or disrupting their critical infrastructure and steal critical assets and gain access to their national security. Despite, several legislations are emerged for preventing cybercrimes; however, there is a lack of comprehensive legal framework which can held responsible a rogue nation states who conduct cyber hacking and escape from accountability and punishment. This research main purpose was to investigate and identify the legal and technical attribution within international law regarding the state responsibility, accountability and obligation to prevent cybersecurity breach especially from state sponsored cyber-attacks. This research used doctrine method which involves sources from legal literature including legal documents, cases, books, journals and articles that address subject domain. Research concludes that there are growing concerns related to state sponsored cyber-attacks, cyber warfare, cyber espionage and other cyber-criminal activities; however, there is no comprehensive legal framework to address these challenges. Deterrence theory helps to understand the implication of these challenges and development of legal framework and strategies to prevent such criminal activities. There are few recommendations for government organisations and corporate business to prevent cyber-attacks and other cybercrimes which includes: conduct risk assessment, policies and procedures development, develop training program, security hardening solutions for critical infrastructure environment, enhance organisational cyber posture, and develop collaboration among friendly states.