Self-defensive Force against Cyber Attacks: Legal, Strategic and Political Dimensions

• Author: Matthew C. Waxman
• Position: Professor, Columbia Law School; Adjunct Senior Fellow, Council on Foreign Relations; Member of the Hoover Institution Task Force on National Security and Law
• Pages: 109-122

Self-defensive Force against Cyber Attacks Vol. 89

109

W

Self-defensive Force against Cyber Attacks:

Legal, Strategic and Political Dimensions

Matthew C. Waxman*

I. INTRODUCTION

hen does a cyber attack (or threat of cyber attack) give rise to a right

of self-defense—including armed self-defense—and when should it? By

“cyber attack” I mean the use of malicious computer code or electronic

signals to alter, disrupt, degrade or destroy computer systems or networks

or the information or programs on them. It is widely believed that sophisti-

cated cyber attacks could cause massive harm—whether to military capabil-

ities, economic and financial systems, or social functioning—because of

modern reliance on system interconnectivity, though it is highly contested

how vulnerable the United States and its allies are to such attacks.

1

* Professor, Columbia Law School; Adjunct Senior Fellow, C ouncil on Foreign Rela-

tions; Member of the Hoover Institution Task Force on National Security a nd Law.

1

. See Mark Clayton, The New Cyber Arms Race, CHRISTIAN SCIENCE MONITOR (Mar.

7, 2011), http://www.csmonitor.com/USA/Military/2011/0307/The-new-cyber-arms-

race. Some experts warn of a “digital Pearl Harbor” or other likely devastating attacks on

the United States. See, e.g., Mike McConnell, To Win the Cyber-War, Look to the Cold War,

WASHINGTON POST, Feb. 28, 2010, at B1. Other experts, however, argue that these risks

are greatly exaggerated. See, e.g., Thomas Rid, Cyber War Will Not Take Place, 35 JOURNAL

OF STRATEGIC STUDIES 5 (2012).