Industry News

U.S. to Apply Self-Defense Rule if Cyber Attacks Turn Hostile

The United States views any cyber-attack that results in death, injury or destruction as implicitly triggering the self-defense rule. Claiming that cyberspace is not “law-free,” State Department legal adviser Harold Koh said the U.S. will abide by international law and take proportionate actions that won’t harm individuals.

Although countries in the United Nations have adopted and shared these views, Koh noted that others didn’t, and referenced China as having a veto stand. Both the Defense Department and the White House have contingency plans in case of cyber-attacks, but Koh’s speech at the U.S. Cyber Command at Fort Meade is the first time an official took a clear stance.

“In our view, there is no threshold for a use of deadly force to qualify as an ‘armed attack’ that may warrant a forcible response,” Koh said. “We see law not as a straitjacket but as . . . a body of ‘wise restraints’ that make us free.”

Koh emphasized the U.S. will act in self-defense if a cyber-attack violates international law or causes direct harm to individuals. Hacking that results in planes crashing or causes nuclear power plants to melt down will constitute an act of violence.

While some nations consider an “armed attack” a powerful enough incentive to trigger a self-defense response, Koh believes cybercrime resulting in human casualties should be considered equally significant.

About the author


Liviu Arsene is the proud owner of the secret to the fountain of never-ending energy. That's what's been helping him work his everything off as a passionate tech news editor for the past couple of years. He is the youngest and most restless member of the Bitdefender writer team and he covers mobile malware and security topics with fervor and a twist. His passions revolve around gadgets and technology, and he's always ready to write about what's hot and trendy out there in geek universe.