The UK’s Attorney General Suella Braverman has suggested defensive cyber attacks against hostile countries could be legally justified.
Braverman indicated that the UK may be justified in launching defensive cyber attacks against hostile nation-states, should agreement be reached in the international community on the cyber rules of engagement, and how international law is applied in cyber space.
In an interview with The Daily Telegraph given ahead of a planned speech on the subject at Chatham House, Braverman appeared to confirm that a cyber attack would be justified should it be determined it is in line with international law.
Braverman noted that it was her belief that established international law applies to cyber warfare as it does to kinetic warfare, where principles of non-intervention permit countries to take defensive countermeasures against aggression.
If it could be determined that a cyber attack was “the most effective and most proportionate” response, Braverman added, then a defensive cyber attack would be legally allowable.
According to a Computer Weekly report, Braverman was set to talk about how the united global response to Russia’s invasion of Ukraine has demonstrated why there is a need for a cyber security framework for nation-states in her speech at the Chatham House think tank.
Braverman stressed that cyber space is not lawless, argued that cyber attacks should be treated the same as physical ones, and says nation-states must lead the debate on drawing up the ground rules.
“The United Kingdom’s aim is to ensure that future frontiers evolve in a way that reflects our democratic values and interests and those of our allies,” a statement issued by Braverman office further explained.
“The law needs to be clear and well understood if it is to be part of a framework for governing international relations and to rein in irresponsible cyber behaviour.
“Setting out more detail on what constitutes unlawful activity by states will bring greater clarity about when certain types of robust measures are justified in response,” Braverman said.
The government has previously shied away from making such pronouncements, and the National Cyber Security Centre (NCSC) declines to be drawn on the point, noting instead the UK’s stated ambition to be a “responsible” global cyber power.