Kanoza |1

Cyber Warfare: Is it an Ethical Means of War?

For centuries war has been fought in conventional sense, which is, using force with the
intent to cause physical damage to another state or group. The Oxford Dictionary defines war as:
An armed state of conflict between different nations or states or different groups within a nation
or state. This idea of war has held true for years until recent advancements in technology
completely changed the way we go about conducting war. With the creation of the internet, a
whole different world has developed outside of our physical space and into the cyber world. One
of the most significant development to arise from the cyber world is the addition of a completely
new dimension to war and that is, cyber warfare. With the world having never seen a concept of
war like this it left many unanswered questions about conducting a cyber-attack. The big
question regarding cyber warfare is, is cyber warfare ethical? In this paper I will answer this
question using normative theory as a guideline for my reasoning. Since there is no solid frame
work regarding the ethics of cyber warfare I look at the current standards for warfare among
states and apply the concept of cyber war to them. First I give an overview of what cyber warfare
is, who is involved, reasons for cyber-engagement, and the end goal in carrying out a cyber-
attack. Next I look at normative theory and why it is the best theory to help answer my question.
I highlight the overarching ethical beliefs held by normative theory and the just causes for
conducting a war. Many of these ideas do not take cyber warfare into consideration so I take the
traditional standards for a just and ethical war and apply them to the different concepts of cyber
warfare. Then I will look at the impacts of cyber-attacks on its victims and determine whether it
is ethical grounds for a physical retaliation. Next, I use real life examples of cyber warfare being
used by states and non-states and look at their reasoning for carrying out this form of warfare. I
highlight the relations between the U.S. and China and the cyber conflict currently happening.
Finally, I will conclude with my decision on whether cyber warfare is ethical and a discussion of
why I made my choice.

Cyber Warfare

There is no argument that civilization is experiencing a boom in information and

technology mainly brought on by the creation of the internet. The internet has been a blessing
and a curse by being an incredible wealth of information and an unmonitored platform with
virtually endless possibilities. States are propelled into the cyber realm, which has very few
 Kanoza |2

guidelines or restraints, and are tempted to gain strategical advantage from this technological
innovation (Kissinger 343). Through the militarization of the internet a new fifth dimension to
war in the cyber realm has grown to significance in recent years. Cyber warfare is different from
any other form of war in that attacks are carried out through manipulating cyber space. Cyber
warfare is the use of information technology as offensive or defensive strategy with the aim of
the immediate disruption or control of an enemies resources through the informational
environment (Tabbeo, 2012). In the traditional sense of war the main goal is to use force in order
to impose ones will or combat a human rights violation. Cyber warfare differs in that there is
virtually no forced used and the goal of cyber warfare is gathering information or disrupting
information systems. Where traditional war requires some type of physical engagement a cyber
war can be conducted without any physical contact between people. Because of its lack of
physical contact cyber warfare transcends many of the conventional rules of engagement. With a
traditional war the tools and resources to launch an attack are usually exclusive to the state, but
with cyber warfare the playing field is level in terms of attack capability. What is unique about
cyber warfare is that virtually anybody with access to a computer is capable of launching a
devastating attack against a nation. This concept allows for a wide variety of actors that have the
ability to engage in a cyber war. Some of these are private actors that launch attacks to achieve
their own goal, while others are states trying to exploit weaknesses in enemies computer
technology systems (Pool, 2013). These various motives for cyber warfare are possible because
of the lack of governance in cyber space. But what defines cyber space? States have their own
definitions of cyber space and how it should be governed but political differences can cause
different views of cyber space from state to state (Pool, 2013). These varying definitions pose an
obstacle when regulating international cyber warfare. How can ethical policies be put in place if
states have different views on what rights of the physical world apply to the cyber world?
Another dilemma that faces regulating cyber warfare is being able to tell when information
systems are being attacked maliciously or if there is a malfunction with the system. Cyber
warfare poses a multitude of problems to the international community. The new concept of a war
fought within cyber space adds a new dimension to what defines an act of war. The absence of
physical effect through cyber warfare makes it difficult to determine the magnitude of an attack
and the proper course of action to take against an attack. With the ability of conducting a cyber-
attack so available there is no limit to who can carry out an attack, whether it be private actors or
 Kanoza |3

state actors. So many ethical problems surround this concept because of the uniqueness of the
attack. The current standards for war do not take cyber warfare into consideration so the all that
can be done is to apply the current stipulations of a traditional war to concepts of cyber warfare.

Normative Theory and Normative Ethics

The lack of regulation of cyber warfare is due to the simple reason that the world has
never seen such a unique form of warfare. Many of the rules and regulations that help guide
international relations do not have a prescription for handling cyber warfare. When current
policy cant provide answers for modern developments we must look to theory to help guide us
in making new policies and regulations. For the issue of cyber warfare and the ethical dilemmas
it poses, normative theory is the most sufficient theory to use as a guideline for solving the
problems facing cyber warfare. Other theories do not hold the proper values when considering
cyber warfare. For example positivism lacks consideration for personal beliefs and social norms,
and relies too heavily on statistical and tangible evidence. Positivism relies too much on structure
and historical context to provide insight to cyber warfare which has very little historical context
and is virtually structure less. A theory like economic structuralism would not suffice either
because of the high focus placed on the world economic system. The theory assumes that
decisions made on the international level always have economic goals in mind. The beliefs of
this theory are a poor reference because in cyber warfare there is more value placed on gathering
information and cyber technology is available to virtually everybody regardless of economic
status. Other theories are too cut-and-dry when it comes to predicting what will occur in certain
situations, meaning that in most theories there is a predetermined outcome to situations
regardless of changing beliefs and norms held by people. Normative theory takes a look at what
is and what ought to be, what is right and wrong, and what is ethical and unethical in society.
Normative theory also assumes that there are a set of unwritten social norms that people follow
as part of the social contract theory, which states that people are naturally social being and have
an instinctive need for order. From an international relations stand point normative theory takes
into high consideration the beliefs and values of individuals when making decisions on the world
stage. The main goal for normative theory in international relations is making the world a better
place through identifying common beliefs of people around the world and making policy based
on those beliefs. When considering war from a normative stand point there is great focus on the
 Kanoza |4

ethical issues of war. Normative theory believes that there are ethical and just reasons for starting
and fighting a war and follows the standards of the Just War Doctrine.

Since ethics is one of the main focuses in normative theory it imperative to know what
normative theory sees as ethical and to compare those beliefs to aspects of cyber warfare.
Normative theory believes that right and wrong can be determined by cost-benefit analysis; if the
benefits of an action out-weigh the costs of the action then it is seen as ethical (Gray, 2010). This
is a common held belief in utilitarianism that in order for an action to be ethical it must be
beneficial for the greatest number of people. An example is: killing is generally seen as
unethical, but if killing one person in order to save the lives of multiple people then it is seen as
ethical. The same could be said for waging war, that is, if the end goal of a war is to benefit the
rest of the world then it could be seen as an ethical fight. Behaving in an ethical way is to behave
in a rational manner that others would consider to be rational (Gray, 2010). This begs the
question however of what is considered rational to other people? This is where norms and shared
beliefs among society come to importance. By knowing and understanding what beliefs are
shared by society allows a person to know how to act in a rational manner. To apply this concept
to warfare it is important to identify the difference between why a war is started and how a war is
fought. Starting a war could be seen as rational only if other states would consider it rational.
How a war is fought must be seen as rational too, to understand this there are already policies
and regulations in place for determining a rational way to fight a war. There are already
standards set in place in determining the justification for waging war.

Cyber Warfare and the Just War Doctrine

The most basic terms of defining what is considered a just war come from the Just War
Doctrine (JWD) created by St. Augustin. There are two parts to the Just War Doctrine, the first
defines just reasons for starting a war (jus ad bellum) and the second defines appropriate actions
during war (jus in bellum). Although written long ago, the Just War Doctrine is still used as a
reference today. Reasons for starting a war can vary on many levels but for it to be a legitimate
reason it must fall under what the JWD considers to be a just reason. These reasons include self-
defense against an aggressor, war as a last resort, or fighting for a just cause such as defending
human rights (Pozon & Tupaz, 2013). Then in order to carry out an act of war one must have
legitimate authority, which means that only sovereign-governed states have the right to conduct
 Kanoza |5

war. When conducting a just war there must also be a probability of success. This means that war
is not being waged for a futile reason or that the one waging war is not at a huge disadvantage
militarily. When St. Augustine created these justifications for war he probably didnt have a
complex concept such as cyber warfare in mind. Even though cyber warfare wasnt even
fathomable to St. Augustine these reason for just war can still be applied to the aspect of cyber
warfare. The first reason for just war is self-defense against an aggressor. In terms of cyber
warfare attacks on information systems often go unnoticed until they are carried out. One can
argue that states are under a constant threat of being attack through cyber space given the
difficulties in anticipating when a cyber-attack will occur (Cook, 2010). Using war as a last
resort is seen as a just reason, this means that all other attempts to defuse a situation have been
exhausted and there is no choice but to take military action. Applying this to cyber warfare is
difficult because it is unclear whether cyber-attacks can be considered a legitimate act of war.
Cyber warfare is so regularly used that it cant be considered a last resort but could be seen as a
preface for the use of physical action as a last resort. War is also justified if it is being used for a
just cause such as defending human rights. The ability for cyber warfare to be used by virtually
anybody can influence the motives behind attacks. The wide variety of uses for cyber warfare
means that some cyber-attacks could be launched with the intention of fighting for a just cause.
According to the JWD, in order to carry out a just war the actors involved must have legitimate
authority, meaning that only a governed state has the right to carry out acts of war. Since the
technology required to carry out a cyber-attack is available to virtually anybody, legitimate
authority is often not required in carrying out cyber warfare. States with legitimate authority do
use the abilities of cyber warfare, but many of the other actors are made up of rouge hacker
groups or terrorist organizations. Finally, for a just war to happen there needs to be a rational
chance of success, meaning that war shouldnt be fought with one side at a massive disadvantage
to the other. Cyber warfare is so open that it actually levels the playing field of carrying out
attacks and gives virtually everyone the same chance for success. These make up the
justifications for carrying out a war and how they translate to cyber warfare.

Not all aspects of war, kinetic or cyber warfare, fall under the terms of just war but that
doesnt mean they dont happen. The connection between the two are now stronger than ever in
terms of how one affects the other. Even though cyberspace cannot be seen doesnt mean it isnt
present in the physical world. A question that has risen from the development of cyber warfare
 Kanoza |6

is, is a cyber-attack ethical grounds for physical retaliation? The differences between a cyber-
attack and a physical one are pretty clear. When thinking about a cyber warfare the main targets
are information structures and computing systems. These are attack to either to gather
information about a state or government or to disrupt the informational structure of a state
(Remus, 2013). With a physical attack the target can vary from a building, a person, a military
base, and transportation systems, pretty much any physical object could be the target of one of
these attacks (Barrett, 2013). The result of a physical attack usually constitutes destroying the
target at hand through brute force. Though these two types of attacks differ greatly in the way
they are carried out and their end goal they are both still considered an act of war. With
cyberspace so intertwined with the physical world it is nearly impossible to believe that these
two dont relate at all. This poses the question, can a cyber-attack cause a kinetic reaction? And
if so, is a cyber-attack ethical grounds for physical retaliation? One of the most ethical reasons
for engaging in war is for self-defense against an aggressor. Traditionally what constitutes as
aggression involves the intent or the action of causing physical harm to another (Computing
Ethics, 2012). In cyber warfare there is no direct harm done to other people, so can this be
considered aggression (Computing Ethics, 2012)? To help answer this question we can look at
how people view aggression on a personal level through cyber space and the physical world. A
study conducted by Wright and Li in 2013 set out to find how people responded to face-to-face
and cyber aggression and attempted to find a relation between the two. The study showed that
the aggression people felt in cyber space translated to aggression felt in real world situations.
This study focused on small scale aggression, where cyber warfare is typically on a larger scale,
but since normative theory places high value in the individual this study is a useful reference to
how people as individuals respond to aggression. For the purpose of the paper we focus back on
the large scale of cyber warfare. First we need to look at the impact a cyber-attack can have on
the physical world. Through a cyber-attack a person or state possesses the ability to shut vital
information systems of another country causing damage to a states infrastructure. With how
heavily we rely on these systems on a day to day basis this could have devastating impacts that
could translate to problems in the physical world. By shutting down vital computing systems
there is no direct harm done to another person, but the effects can occur indirectly. Consider this,
a cyber-attack is launched with the target being a power grid of a major city, when the attack
goes into effect the entire city shuts down. Think of the effects this would have on the people in
 Kanoza |7

the city. Along with attacks on information systems, cyber warfare could be used to hijack
control of important structures that are remotely controlled (Lilienthal & Ahmad, 2015). Actions
such as these have more of a direct impact in the physical world and could be easily seen as a
sign of aggression. Although attacks like these may have more reason to be met with physical
retaliation it is still a question of who conducted the attack and whether it had the intention of
being a military operation or just a random act of cyber-crime. This is an important question
facing cyber warfare as well. Identifying where a cyber-attack originates from could determine
whether the attack is a legitimate threat by another state or non-state actor. Being able to answer
this question is important for deciding whether cyber warfare is ethical or not.

The States Use of Cyber Warfare

Even though the concept of cyber warfare is fairly new states have wasted no time taking
advantage of this new technology to the point where it has become a necessary use of warfare.
States use new cyber technology for a multiple number of reasons to both conduct acts of cyber
warfare and to defend against it. It is not uncommon either for states to use acts of cyber warfare
of other states. A recent example of this is the 2010 attack on Iranian nuclear enrichment plant
through the use of the Stuxnet virus, which was believed to have been created and used by the
United States and Israel (Sanger, 2012). When looking at states using cyber warfare the region
of the world leading in cyber warfare tactics is Northeast Asia. China has perhaps taken the most
advantage of this kind of warfare to the point where China has been accused of engaging in
cyber operations by multiple countries (Kondoch, 2013). When talking about China on an
international stage it is hard to keep from mentioning the United States. With these two countries
tied so closely on the international level it is easy to see how these two world powers use cyber
warfare against one another in order to keep tabs on the other without them knowing. The U.S.
and China has had their fair share of cyber conflict between each other. One of the most recent
and significant developments came from an attack by China on data housed in the Office of
personal management, the attack having an effect on over 24 million people with in the United
States government (Banerjee, 2015). China has placed importance on cyber warfare for years
now and place high value on its uses and developments in the future (Chinascope, 2011). In
recent years China has focused most of its military efforts toward developing its cyber
capabilities and has focused less on traditional means of warfare (Banerjee, 2015). So why is it
 Kanoza |8

that China places such high value on cyber warfare? One would think that a country with ties
that close to the U.S. would be worried about trying keeping up with the military power of the
U.S. Its no question that the United States spends more on military defense than any other
country in the world and this may be the reason for Chinas interest in cyber warfare. China sees
cyber technology as a destructive force that, unlike traditional warfare, does not require an
extensive capital investment (Chinascope, 2011). Cyber warfare is also seen by the Chinese as a
way to close the militarily with the U.S. by not trying to match their physical strength but to find
ways to undermine and take advantage of the U.S.s military resources (Chinascope, 2011).
China sees cyber warfare as a means of survival against the U.S.s dominating military presence
in the world. China see realizes that there is no use in trying to match the United States military
without spending a tremendous amount of money so the look to cyber warfare as their chance of
survival in military conflicts. In normative theory, survival can be seen as an ethical reason for
doing something that may otherwise be considered unethical (Gray, 2010). China using cyber
warfare as a means of survival is a good real world example of how cyber warfare is used
ethically in terms of normative theory.

Conclusion

When I first started the work on the analysis of the ethical status of cyber warfare I was
so split between whether it should be considered ethical or not. With cyber warfare being a
unique form of fighting it transcends most of todays policy regarding war. First of all cyber
warfare is the only mode of warfare that is virtually absent of violence and cause no direct harm
to humans. Because of this it is easy to wonder if cyber warfare could even be considered war
because of the lack of physical presence. Looking deeper into my research I found that even
though many cyber-attacks dont directly harm humans, many of the attacks have an indirect
effect on peoples day to day lives. The main targets of cyber-attacks effect vital aspects of their
life and depending on the magnitude a viciousness on the attack could cause serious devastation
to large numbers of people. With this in mind I was able to determine that cyber warfare was a
proper method of war. After answering that question, the question of whether cyber warfare
could be considered ethical or not. After researching normative theory and what it considered to
be an ethical war I found that many of the aspects of traditional ethics and just war had no
prescription for cyber warfare. After looking deeper into what cyber warfare consisted of and
 Kanoza |9

what made it different from other aspects of war, I was able to translate those concepts to best fit
the concepts of ethical and just war. After doing extensive research on this topic I have come to
the conclusion that cyber warfare is an ethical means of war. I came to this decision based on a
few different things I found during my research. What really was the deciding factor for me was
the aspects of cyber warfare applied to just war theory. First I looked at what made a war just and
found that one of the main reasons for a just war was self-defense from an aggressor. Since cyber
space is so open and free, states face a constant threat of being attacked through cyber space.
Another factor to my decision was looking at what constituted as aggression or an act of war.
The common definition of aggression is it causes harm to another person, but in cyber warfare
there is no physical contact. Through more research I found that many cyber-attacks can have
serious impact indirectly to people and an even bigger direct impact on a states information
structure. Through this I came to the decision that cyber-attacks, given the magnitude and
destructiveness, can be seen as signs of aggression or even acts of war that could require kinetic
action. In my decision about cyber warfare I also took into consideration the state of the modern
era and how much people rely on cyber technology. The creation of this whole different world
inside of our world has opened up unimaginable possibilities not all of which are good. That is
why it is important to keep doing research on cyber warfare so that proper policy can be made in
the future to ensure safety in our cyber world.
 K a n o z a | 10

Work Cited
Banerjee, B. (2015). China vs. US cyberwar heats up. Retrieved
from http://www.valuewalk.com/2015/08/china-vs-us-cyberwar-heats-up/
Barrett, E. T. (2013). Warfare in a new domain: The ethics of military cyber-operations. Journal
of Military Ethics, 12(1), 4-17. doi:10.1080/15027570.2013.782633
Bremmer, I. (2015). These 5 facts explain the threat of cyber warfare. Retrieved
from http://time.com/3928086/these-5-facts-explain-the-threat-of-cyber-warfare/
Computing ethics. war 2.0: Cyberweapons and ethics. (2012). Communications of the
ACM, 55(3), 24-26. doi:10.1145/2093548.2093558
Cook, J. (2010). 'Cyberation' and just war doctrine: A response to randall dipert. Journal of
Military Ethics, 9(4), 411-423. doi:10.1080/15027570.2010.536406
Kissinger, H. (2014). World order. New York: Penguing Press.
Kondoch, B. (2013). Jus ad bellum and cyber warfare in northeast asia. Journal of East Asia &
International Law, 6(2), 459-478. doi:10.14330/jeail.2013.6.2.06
Kremer, J., & Mller, B. (2014). Cyberspace and international relations : Theory, prospects and
challenges Berlin : Springer.
Libicki, M. C., & Project Air Force. (2012). Crisis and escalation in cyberspace. Santa Monica,
CA: Rand.
Lilienthal, G., & Ahmad, N. (2015). Cyber-attack as inevitable kinetic war. Computer Law &
Security Review: The International Journal of Technology Law and Practice, 31(3), 390-
400. doi:10.1016/j.clsr.2015.03.002
Lin, P., Rowe, N., & Allhoff, F. (2012, June 5). Is it possible to wage a just cyberwar? The
Atlantic
Martemucci, M. G. (2015). Unpunished insults--the looming cyber barbary wars. Case Western
Reserve Journal of International Law, 47, 53-62.
Owens, W. A., Dam, K. W., Lin, H., & National Research Council. (2009; 2009). Technology,
policy, law, and ethics regarding U.S. acquisition and use of cyberattack capabilities.
Washington, D.C.; 4: National Academies Press.
Remus, T. (2013). Cyber-attacks and international law of armed conflicts; a "jus ad bellum"
perspective. Journal of International Commercial Law & Technology, 8(3), 179-189.
Rodden, J. (2015). Warfare, from cold to cyber. Society, 52(5), 405-409. doi:10.1007/s12115-
015-9922-2
 K a n o z a | 11

Sanger, D. E. (2013). In cyberspace, new cold war. Retrieved

from http://www.nytimes.com/2013/02/25/world/asia/us-confronts-cyber-cold-war-with-
china.html?pagewanted=all&_r=1
Springer, P. J. (2015). Cyber warfare :A reference handbook. Santa Barbara, California: Abc-
Clio.
Taddeo, M. (2012). An analysis for A just cyber warfare. 4th International Conference on Cyber
Conflict, , 209-218.
Taddeo, M. (2012). Information warfare: A philosophical perspective. Philosophy &
Technology, 25(1), 105-120. doi:10.1007/s13347-011-0040-9
Talking foreign policy: A discussion on cyber warfare (2015). Case Western Reserve University
School of Law.
Weibel, P., & Zentrum fr Kunst und Medientechnologie Karlsruhe. (2015). Global activism :Art
and conflict in the 21st century. Karlsruhe, Germany; Cambridge, MA; Ettlingen,
Germany; 4: ZKM, Center for Art and Media; MIT Press; Kraft Druck GmbH.
Wright, M. F., & Li, Y. (2013). Normative beliefs about aggression and cyber aggression among
young adults: A longitudinal investigation. Aggressive Behavior, 39(3), 161-170.
doi:10.1002/ab.21470