When Can Cyberattack Constitute Use of Force: A Case Study of Cyberattack in the Russia-Ukraine Conflict

Abstract

In todays international community, cyberattacks occur frequently, and cyberspace has become an important battlefield for political games among major powers. Under the push of cyberattacks, the tension between Russia and Ukraine has further escalated. However, due to the unique nature of cyberspace, the rules under the existing international law are difficult to directly apply to the field of cyberspace. This has allowed states and non-state actors to willfully disrupt the network systems and other infrastructure of other countries, causing damage to people or property. One major issue is when can a cyberattack constitute use of force under international law. Only by clarifying this issue can we further discuss the issues of cyber warfare and the exercise of self-defense right. This article will start with a cyberattack that occurred in the Russia-Ukraine conflict, explore the essence of use of force, discuss the three mainstream theories about when can cyberattack constitute use of force, and use the framework of the Tallinn Manual to analyze whether the aforementioned cyberattack falls under the use of force in cyberspace. Through this series of analysis, we can further clarify the meaning of use of force in cyberspace and promote the construction of a legal framework for international law in cyberspace.