In an increasingly technological, interconnected, and digital world, advancements in technology pose significant legal challenges. “Grey zone” conflicts—such as in cyber warfare, election interference, political subversion, and proxy wars—share a common characteristic: exploiting gaps in international law. These conflicts allow States to leverage legal ambiguities as tools in their strategic planning, enabling them to pursue their own national interests while avoiding direct retaliation or full-scale warfare. By operating within this “grey area” between inaction and outright aggression, States often can advance their objectives without triggering the thresholds of conventional war. This incremental approach takes advantage of legal uncertainties that exist due to the evolving nature of international law. Cyber warfare is particularly significant among the various “grey zones” in international law. While other areas may also present complex legal questions, the cyber warfare area overshadows other areas due to the global reach and disruptive potential of cyberattacks. The legal issues surrounding cyber warfare are particularly challenging due to the borderless nature of the Internet and the wide range of vulnerabilities that cyberattackers can target, from critical infrastructure to financial institutions, research institutions, and an individual’s personal data. Understanding international law as it applies to cyber warfare has become crucial. In today’s interconnected and digital world, citizens are concerned not only with traditional concepts of national security, such as physical borders, but also with the risks that threats in cyberspace pose to their daily lives. As cyberspace transcends national boundaries, even States with robust physical protections find themselves vulnerable to attacks in the digital realm.1 Further, unlike conventional military threats, cyberattacks have become unpredictable, multi-faceted, and long-term, often targeting infrastructure that traditional defense measures cannot address. Furthermore, these threats are not confined to State actors; non-State actors, including private individuals or organizations, can launch cyberattacks or defend against them, often complicating the legal response. Cyberattacks can further complicate the legal landscape by threatening State sovereignty without using kinetic attacks that result in physical damage or destruction. International law recognizes the right to self-governance and prohibits interfering with this aspect of a State’s sovereignty. However, traditional methods of interference with self-governance involve kinetic uses of force, differing from cyberattacks which involve non-kinetic means of disrupting a State’s self-governance. Because of technological advances, international law does not fully encapsulate modern cyber warfare. An international panel of experts considered the applicability of existing international law to cyberspace, but their work is not a binding authority and thus does not define cyber operations or principles with legal enforceability. This raises a crucial question: how do States respond to cyberattacks, particularly when the victim State is not engaged in traditional armed conflict with the aggressor? The increasing importance of cyber warfare underscores the need for clearer legal frameworks to guide State responses in modern conflicts. This Note will explore the applicability of jus ad bellum and jus ad vim principles to cyber operations, arguing that current international law’s “grey zones” do not address the unique challenges of cyberwarfare and potential interference with State sovereignty including election systems. It will also argue that adopting a new international convention to narrow the legal gaps caused by these “grey zones” will allow the law to adapt to technological advancements and enhance protection of a State’s sovereignty.
To read this Note, please click here: Modern Cyber Warfare and International Law.