You have already added 0 works in your ORCID record related to the merged Research product.
You have already added 0 works in your ORCID record related to the merged Research product.
Jus ad bellum and malicious cyber operations: a critical infrastructure approach
Jus ad bellum and malicious cyber operations: a critical infrastructure approach
The Covid-19 Pandemic has highlighted how important the healthcare sector is as critical infrastructure. It has also revealed how vulnerable the healthcare critical infrastructure is to malicious cyber operations. The number of cyber operations against the healthcare sector has increased substantially since the onset of the pandemic, seemingly unregulated by international law, particularly jus ad bellum. This paper argues that cyber operations that target or intend to target healthcare critical infrastructure should be treated as a use of force and armed attack because any intentional disruption to business continuity can and will cause physical harm and potential loss of life. Using the 2017 WannaCry Ransomware attack on the United Kingdom as a case study, this paper analyzes four approaches to classifying a cyber operation as a use of force and armed attack. The first approach is the Instrument Based Approach, which emphasizes a textual reading of the United Nations Charter. The second approach is the Strict Liability Approach, which treats all cyber operations against critical infrastructure as an armed attack. Third, the Effects Based Approach endorsed by the Tallinn Manual 2.0 on the International Law Applicable to Cyberspace, which emphasizes the scale and effect of a cyber operation. Fourth, the Cyber Physical System Approach, which emphasizes the intent of the attack. Finding these approaches insufficient, this paper advocates for a Healthcare Based Approach which would consider any cyber operation rising above the level of espionage on healthcare critical infrastructure as an armed attack.
- University of Manitoba Canada
Cyberspace, Critical Infrastructure, International Law
Cyberspace, Critical Infrastructure, International Law
citations This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).0 popularity This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.Average influence This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).Average impulse This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.Average citations This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).0 popularity This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.Average influence This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).Average impulse This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.Average
Citations provided by BIP!Popularity provided by BIP!- University of Manitoba Canada
The Covid-19 Pandemic has highlighted how important the healthcare sector is as critical infrastructure. It has also revealed how vulnerable the healthcare critical infrastructure is to malicious cyber operations. The number of cyber operations against the healthcare sector has increased substantially since the onset of the pandemic, seemingly unregulated by international law, particularly jus ad bellum. This paper argues that cyber operations that target or intend to target healthcare critical infrastructure should be treated as a use of force and armed attack because any intentional disruption to business continuity can and will cause physical harm and potential loss of life. Using the 2017 WannaCry Ransomware attack on the United Kingdom as a case study, this paper analyzes four approaches to classifying a cyber operation as a use of force and armed attack. The first approach is the Instrument Based Approach, which emphasizes a textual reading of the United Nations Charter. The second approach is the Strict Liability Approach, which treats all cyber operations against critical infrastructure as an armed attack. Third, the Effects Based Approach endorsed by the Tallinn Manual 2.0 on the International Law Applicable to Cyberspace, which emphasizes the scale and effect of a cyber operation. Fourth, the Cyber Physical System Approach, which emphasizes the intent of the attack. Finding these approaches insufficient, this paper advocates for a Healthcare Based Approach which would consider any cyber operation rising above the level of espionage on healthcare critical infrastructure as an armed attack.