Unilateral Remedies to Cyber Operations
Self-Defence, Countermeasures, Necessity, and the Question of Attribution

A study of how states can lawfully react to malicious cyber conduct, taking into account the problem of timely attribution.

Henning Lahmann (Author)

9781108479868, Cambridge University Press

Hardback, published 9 April 2020

334 pages
23.5 x 15.6 x 2.1 cm, 0.59 kg

'The book is remarkable in several aspects: firstly, it does give several new impulses to discussions surrounding cyber operations. This especially holds true for the analysis of customary necessity. Secondly, the author focusses on those areas that are in fact of practical relevance and not merely of an academic nature. Attribution is the essential part in this respect, as is the focus on unilateral remedies, especially those below the level of armed force … Lahmann's demonstrated broad and well-founded knowledge, not only in the cyber context but in general international law as a whole, gives the author's arguments considerable weight.' Johann-Christoph Woltag, ZaöRV/Heidelberg Journal of International Law

Addressing both scholars of international law and political science as well as decision makers involved in cybersecurity policy, the book tackles the most important and intricate legal issues that a state faces when considering a reaction to a malicious cyber operation conducted by an adversarial state. While often invoked in political debates and widely analysed in international legal scholarship, self-defence and countermeasures will often remain unavailable to states in situations of cyber emergency due to the pervasive problem of reliable and timely attribution of cyber operations to state actors. Analysing the legal questions surrounding attribution in detail, the book presents the necessity defence as an evidently available alternative. However, the shortcomings of the doctrine as based in customary international law that render it problematic as a remedy for states are examined in-depth. In light of this, the book concludes by outlining a special emergency regime for cyberspace.

Part I. Cybersecurity Incidents and International Law: 1. The spectre of cyberwar
2. Terminology
3. International legal framework
Part II. Unilateral Remedies to Cybersecurity Incidents: 4. Self-defence
5. Countermeasures
6. Necessity
Part III. Outlines of an Emergency Regime for Cyberspace: 7. Transnational cybersecurity, unilateral remedies, and the rule of law
8. 'Such incidents might recur at any time': the intervention convention
9. Possible elements of the cyber emergency regime
10. Concluding remarks
Bibliography
Index.

Subject Areas: E-commerce law [LNCB2], International organisations & institutions [LBBU], Public international law [LBB], Internet & WWW industries [KNTX1], International relations [JPS]