From the abstract: "Air Force Doctrine Document 3-12 defines cyberspace as 'a global domain within the information environment consisting of the interdependent network of information technology infrastructures, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers.' Cyberspace attacks are on the rise. In September 2012, hackers attacked Canadian energy companies that manage 60 percent of all oil and gas pipelines in North and Latin America. At about the same time, sophisticated hackers attacked several large United States banking institutions in cyberspace attacks that experts concluded had been planned for weeks. And the now-famous Stuxnet 'cyber weapon' infected the software that controls Iran's nuclear weapons centrifuges, resulting in what some experts believe was the first cyberspace attack targeting infrastructure control software.This paper will analyze the application of the law of armed conflict to cyber operations, applying 'jus ad bellum' principles to cyber operations in order to determine when a cyberspace 'attack' constitutes a use of force. Then, applying the 'jus ad bellum' principles to the Stuxnet worm, the paper argues that Stuxnet constituted a use of force under Article 2(4) of the United Nations Charter. Further, analyzing the 'jus in bello' principles of proportionality, military necessity, and discrimination, the paper concludes that the Stuxnet attack complied with all applicable principles of international humanitarian law."
Defense Technical Information Center (DTIC): http://www.dtic.mil/dtic/