Protecting Australian Cyberspace: Are Our International Lawyers Ready?
Tully, Stephen, Australian International Law Journal
Cyberspace is an important element of Australia's critical national infrastructure. Recent policy developments within this field seek to maintain economic opportunity and protect national security. This article discusses four contemporary threats posed to the Australian military and civilian electronic information infrastructure: 'cyber war' conducted by hostile states, 'cyber conflicts' by foreign combatants, attacks committed by 'cyberterrorists' and the commission of 'cybercrimes'. This article reviews the existing international legal paradigms relevant to each and identifies the issues raised from a survey of the existing literature. It concludes that each paradigm is presently inadequate for addressing the nature of these threats and calls for further contributions from Australian government, military and international lawyers to articulate a distinctive national perspective on these questions.
The United States (US) Department of Defense has recently developed an offensive cyber war capability and a coordinated military-civilian strategy to defend against cyber attacks. (1) Cyber experts from the Centre for Strategic Counterterrorism Communications at the US State Department also routinely patrol social media including the internet and recently hacked Yemeni websites to replace al-Qaeda propaganda. (2) In Australia, the Director General of the Australian Security Intelligence Organisation ('ASIO'), has predicted that cyber attacks against Australia will increase from both state and non-state actors, including terrorists who use the internet for recruitment and to support operational activities. (3) More than 200 cyber intrusions against the Department of Defence were investigated in 2009. (4) The Department of Foreign Affairs and Trade is also subjected to daily cyber attacks. (5) Australian engineers have since received training at the Idaho National Laboratory, which designed the Stuxnet worm used to sabotage an Iranian nuclear facility. (6) And finally, 'Anonymous' conducted Operation 'Titstorm' to disable the websites of the Australian Parliamentary House and the Department of Broadband, Communications and the Digital Economy to protest at mandatory internet filtering. (7)
These developments raise a range of questions. What precisely is occurring, and where are cyber threats emanating from? Flow does cyber activity fit within the paradigms of international law so familiar to us, if at all? Should our international, military and government lawyers respond? If so, how? What are the available legal options and the policy choices relevant to each?
This article addresses several of these questions by surveying the existing literature and contrasting recent policy developments within Australia with that of other states, principally the US and the United Kingdom (UK). Part II will define cyberspace. Part III describes how cyberspace is conceptualised as critical national infrastructure. Parts IV to VII examine four threats to Australian cyberspace: 'cyber war' conducted by states, 'cyber conflicts' between combatants, 'cvberterrorism' targeting civilians, and finally the use of computer technology to commit offences ccybercrimesp. These parts will situate each threat within the relevant legal framework: international law on the use of force, international humanitarian law, anti-terrorism measures and criminal law enforcement. The adequacy of each regime for protecting Australia's electronic information infrastructure is assessed. Part VIII identifies challenges, risks and possible solutions, considers several cross-cutting themes and calls for further contributions which demonstrate a distinctive Australian perspective on these issues.
II Cyberspace Defined
'Cyberspace' may be defined as the interdependent network of information technology infrastructures. It includes the internet, telecommunications networks, computer processing systems and embedded industrial processors and controllers. …