PERSPECTIVE: Cyber conductIsrael, Cyberattacks and International Law

Published 7 January 2021

Recently, several cyberattacks have hit Israeli companies. While Israel has not yet publicly attributed the attacks to any foreign state, media outlets report that Israeli cybersecurity experts have tied the operations of the main hacker groups behind these attacks—BlackShadow and Pay2Kitten—to Iran. Tal Mimran and Yuval Shany write that in response, Israel seems to be increasingly turning toward international law to guide its approach to hostile activities in cyberspace

Recently, several cyberattacks have hit Israeli companies. While Israel has not yet publicly attributed the attacks to any foreign state, media outlets report that Israeli cybersecurity experts have tied the operations of the main hacker groups behind these attacks—BlackShadow and Pay2Kitten—to Iran.

Tal Mimran and Yuval Shany write in Lawfarethat in response, Israel seems to be increasingly turning toward international law to guide its approach to hostile activities in cyberspace—as suggested by recent remarksby Roy Schöndorf, Israel’s deputy attorney general for international law.

Mimran and Shany write:

The timing of the speech could suggest that in response to increasingly devastating cyberattacks, Israel is opting for more explicit reliance on international law as part of its cybersecurity policy. Neither this predicament nor the strategic decision in response is unique. In fact, it appears that the U.S. is at a similar crossroads. It is currently subject to a serious and highly sophisticated string of attacks directed at U.S. government agencies (such as the Department of Energy) and private industries (for example, Microsoft). And a number of influential voices inside the U.S. private and public sectors, including Microsoft President Brad Smith and President-elect Joe Biden, have called for a greater reliance on international rulesand for a multilateral response to violations.

Israel has historically dealt with cyberattacks through upgrading defensive capabilities and engaging in under-the-radar deterrence and retaliation. But as such attacks become more frequent, dangerous and harmful, Israel—like other countries—appears to increasingly consider reliance on this strategy alone to be inadequate. The turn to international law appears to add more tools to the cybersecurity toolbox: both as a basis for tighter standards of conduct, including in the field of nonintervention and espionage, and with respect to the protection of data and influence campaigns; and as grounds for attribution of attacks, imposition accountability and sanctions. Arguably, a greater reliance on international law offers states the possibility of dealing with cyber threats through public diplomacy and multilateral sanctions. Such a reliance might also encourage them to accept mutual restraint in cross-border cyber operations and to exercise more intensive control over non-state actors active in this field. It remains to be seen, however, whether this approach will prove itself more effective than the existing and more informal paradigm.