Australia Non Paper
Case studies on the application of international law in cyberspace
The international community recognises that existing international law – and in particular the UN
Charter in its entirety – is applicable to state conduct in cyberspace and is essential to maintaining
peace and stability and promoting an open, secure, peaceful and accessible ICT environment. This is
reflected in the 2013 and 2015 reports of the UN Group of Governmental Experts on the use of
Information Communications Technologies in the Context of International Security (UNGGE),1 as
adopted by the UN General Assembly.2 Australia’s position on how international law governs state
conduct in cyberspace is presented in the International Cyber Engagement Strategy (2017), Annex
A,3 as supplemented by the 2019 International Law Supplement.4
These case studies apply international law to standalone hypothetical scenarios, demonstrating that
existing treaties and customary international law provide a comprehensive and robust framework to
address the threats posed by state-generated or sponsored malicious cyber activity. In particular,
international law provides victim states with a “tool kit” to identify breaches of international legal
obligations, attribute those acts to the responsible state, seek peaceful resolution of disputes and,
where the victim state deems appropriate, take lawful measures in response. The case studies
illustrate that the application of existing international law to cyberspace can enhance international
peace and security by increasing predictability of state behaviour, reducing the possibility of conflict,
minimising escalation and preventing misattribution.
The case studies represent fictional scenarios and are not based on actual actors or events. They are
intended to illustrate potential options rather than recommend a course of action. They do not
purport to represent how Australia could or would respond to any malicious cyber activity directed
against it, or purport to provide a comprehensive view on potential response options or the
international law issues raised in any specific scenario.
1
Report of the Group of Governmental Experts on Developments in the Field of Information and
Telecommunications in the Context of International Security (24 June 2013) UN Doc A/68/98 para 19; Report
of the Group of Governmental Experts on Developments in the Field of Information and Telecommunications
in the Context of International Security (22 July 2015) UN Doc A/70/174 para. 24.
2
UNGA Resolution 68/243 (9 January 2014) UN Doc A/RES/68/243; UNGA Resolution 70/237 (30 December
2015) UN Doc A/RES/70/237.
3
Available at https://dfat.gov.au/international-relations/themes/cyberaffairs/aices/chapters/annexes.html#Annex-A and also enclosed at Attachment 1
4
Available at https://dfat.gov.au/international-relations/themes/cyberaffairs/aices/chapters/2019_international_law_supplement.html and also enclosed at Attachment 2
1
www.dfat.gov.au/cyberaffairs