Responsabilitat estatal pels ciberatacs com a ús de la força en el context de la invasió russa d’Ucraïna el 2022

• Olena Nihreieva ^[1]
  1. [1] Universidad de Cádiz

     Universidad de Cádiz

     Cádiz, España

     
• Localización: IDP: revista de Internet, derecho y política = revista d'Internet, dret i política, ISSN-e 1699-8154, Nº. 42, 2025
• Idioma: catalán
• DOI: 10.7238/idp.v0i42.430724
• Títulos paralelos:
  • State responsibility for cyberattacks as a use of force in the context of the 2022 Russian invasion of Ukraine
  • Responsabilidad estatal por los ciberataques como uso de la fuerza en el contexto de la invasión rusa de Ucrania en 2022
• Enlaces
  • Texto completo (pdf)
• Resumen
  • español

    El artículo proporciona un análisis jurídico de los ciberataques que se han producido en el contexto de la invasión rusa de Ucrania en 2022. En el estudio se exploran diferentes enfoques para su consideración en términos del uso de la fuerza. Se subraya la necesidad de un enfoque interdisciplinario, ya que sólo la informática y la ciencia jurídica en conjunto pueden proporcionar una visión integrada de los criterios precisos para la elaboración de un marco legal. Si bien se puede llegar a un consenso con respecto a los ciberataques altamente destructivos, aún se debe desarrollar un marco legal internacional para operaciones cibernéticas menos destructivas. Se presta especial atención a las posiciones legales de varios estados que lideran actividades de investigación dedicadas al desarrollo de la regulación legal del ciberespacio. Además, se exploran algunas cuestiones relacionadas con la responsabilidad del estado por los ciberataques. Se da es-pecial énfasis a los desafíos de su atribución jurídica al estado, entre los que se analiza el problema de la responsabilidad estatal por la conducta de personas privadas. Finalmente, la publicación concluye con recomendaciones para considerar los ciberataques contra Ucrania como uso de la fuerza y, en consecuencia, como actos internacionalmente ilícitos que entrañan la responsabilidad internacional de la Federación Rusia.

  • català

    L’article proporciona una anàlisi jurídica dels ciberatacs que s’han produït en el context de la invasió russa d’Ucraïna el 2022. L’estudi explora diferents enfocaments per a la seva consideració en termes de l’ús de la força. Se subratlla la necessitat d’un enfocament interdisciplinari, ja que només la informàtica i la ciència jurídica en conjunt poden proporcionar una visió integrada dels criteris precisos per a l’elaboració d’un marc legal. Si bé es pot arribar a un consens respecte als ciberatacs altament destructius, encara s’ha de desenvolupar un marc legal internacional per a operacions cibernètiques menys destructives. Es presta especial atenció a les posicions legals de diversos estats que lideren activitats de recerca dedicades al desenvolupament de la regulació legal del ciberespai. A més, s’exploren algunes qüestions relacionades amb la responsabilitat de l’estat pels ciberatacs. Es dona especial èmfasi als desafiaments de la seva atribució jurídica a l’estat, entre els quals s’analitza el problema de la responsabilitat estatal per la conducta de persones privades. Finalment, la publicació conclou amb recomanacions per a considerar els ciberatacs contra Ucraïna com a ús de la força i, en conseqüència, com a actes internacionalment il·lícits que comporten la responsabilitat internacional de la Federació de Rússia.

  • English

    The article offers a legal analysis of cyberattacks occurring in the context of the ongoing Russian inva-sion of Ukraine. Various approaches to their consideration in terms of the use of force are explored in the study. The necessity of an interdisciplinary approach is emphasized, as integrating computer science and legal studies is essential for establishing precise criteria for an effective legal framework. While a consen-sus on highly destructive cyberattacks has emerged, an international legal framework for less destructive cyber operations still needs to be developed. Particular attention is given to the legal positions of several states that are at the forefront of research activities focused on the development of legal regulations for cyberspace. Moreover, various issues concerning state responsibility for cyberattacks are examined. Special emphasis is placed on the challenges of legally attributing cyberattacks to a state, including the matter of state responsibility for the actions of private actors. Lastly, the publication concludes with recommendations regarding the cyberattacks against Ukraine as a use of force and, consequently, as internationally wrongful acts that entail the international responsibility of the Russian Federation.

• Referencias bibliográficas
  • ALOUPI, N. (2015). “The Right to Non-intervention and Non-interference”. Cambridge International Law Journal, vol. 4, no. 3, pp. 566-587....
  • ARAVINDAKSHAN, S. (2021). “Cyberattacks: a Look at Evidentiary Thresholds in International Law”. Indian Journal of International Law, vol....
  • AUSTRALIA (2021). Australia’s International Cyber and Critical Tech Engagement Strategy. Department of Foreign Affairs and Trade, [online]....
  • BAEZNER, M. (2018, October). Hotspot Analysis: Cyber and Information Warfare in the Ukrainian Conflict. Version 2. Zürich: CSS, ETH.
  • BESSON, S. (ed.) (2022). Theories of International Responsibility Law. Cambridge: Cambridge University Press. DOI: https://doi.org/10.1017/9781009208550
  • CANADA (2022, April 22). International Law Applicable in Cyberspace. Government of Canada [online]. Available at: https://www.international.gc.ca/world-monde
  • CRAWFORD, J. (2006). “State Responsibility”. Max Planck Encyclopedia of Public International Law [online]. Available at: https://opil.ouplaw.com/display/10.1093/law:epil/9780199231690/law-9780199231690-e1093
  • CRAWFORD, J. et al. (eds.) (2010). The Law of International Responsibility. Oxford Commentaries on International Law. Oxford: Oxford Academic....
  • D’ASPREMONT, J. (2012). “The Articles on the Responsibility of International Organizations: Magnifying the Fissures in the Law of International...
  • GREEN, J. A. (2011). “Questioning the Peremptory Status of the Prohibition of the Use of Force”. Michigan Journal of International Law, no....
  • DÖRR, O. (2019). “Use of Force, Prohibition of”. Max Planck Encyclopedia of Public International Law [online]. Available at: https://opil.ouplaw.com/display/10.1093/law:epil/9780199231690/law-9780199231690-e427
  • EICHENSEHR, K. (2022). “Ukraine, Cyberattacks, and the Lessons for International Law”. AJIL Unbound, no. 116, pp. 145-149. DOI: https://doi.org/10.1017/aju.2022.20
  • EU (2023). The Role of Cyber in the Russian War against Ukraine: Its Impact and the Consequences for the Future of Armed Conflict. EP/EXPO/A/COMMITTEE/FWC/2019-01/Lot4/1/C/20...
  • FRANCE (2021). International Law Applied to Operations in Cyberspace, Paper shared by France with the Open-ended Working Group established...
  • GERMANY (2021, March). On the Application of International Law in Cyberspace, the Federal Government of Germany [online]. Available at: https://www.auswaertiges-amt.de
  • GOOGLE’S THREAT ANALYSIS GROUP (2023, February 16). “Fog of War: How the Ukraine Conflict Transformed the Cyber Threat Landscape”. Google...
  • HATHAWAY, O. A. et al. (2012). “The Law of Cyber-Attack”. California Law Review, vol. 100, no. 4, pp. 817-885.
  • HELMERSEN, S.T. (2014). “The Prohibition of the Use of Force as Jus Cogens: Explaining Apparent Derogations”. Netherlands International Law...
  • HOPKINS, V. (2022, February 15). “Ukraine Says Cyberattack Was Largest in Its History”. The New York Times [online]. Available at: https://www.nytimes.com/2022/02/15/world/europe/ukraine-cyberattack.html
  • HUNDER, M., LANDAY, J.; BERN, S. (2023, December 13). “Ukraine’s Top Mobile Operator Hit by Biggest Cyberattack of War”. Reuters [online]....
  • ILC (2001). «Draft Articles on Responsibility of States for Internationally Wrongful Acts with Commentaries». Yearbook of the International...
  • ILC (2022). «Draft Conclusions on Identification and Legal Consequences of Peremptory Norms of General International Law (Jus Cogens)». Yearbook...
  • ICJ (1996). “Legality of the Threat or Use of Nuclear Weapons”. Advisory Opinion of 8 July 1996. I.C.J. Reports, p.226.
  • JAMNEJAD, M., WOOD, M. (2009). “The Principle of Non-intervention”. Leiden Journal of International Law, vol. 22, no. 2, pp. 345-381. DOI:...
  • KNAPCZYK, P. (2022, August 18). “Overview of the Cyber Weapons Used in the Ukraine – Russia War”. Trustwave [online]. Available at: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/overview-of-the-cyber-weaponsused-in-the-ukraine-russia-war/
  • KULESZA, J. (2009). “State Responsibility for Cyber‐Attacks on International Peace and Security”. Polish Yearbook of International Law,...
  • KUMAR, S.; DALAL, S.; DIXIT, V. (2014). “The OSI Model: Overview on the Seven Layers of Computer Networks”. International Journal of Computer...
  • LENG, Y. (2023). “When Can Cyberattack Constitute Use of Force: A Case Study of Cyberattack in the Russia-Ukraine”. Conflict Proceedings of...
  • LIN, H. (2022, fall). “Russian Cyber Operations in the Invasion of Ukraine”. The Cyber Defense Review, pp. 31-45.
  • LONERGAN, E.D. (2023). “The Implications of Cyber Proxies in the Ukraine Conflict”. In: J. A. Lewis, G. Wood (eds.). Evolving Cyber Operations...
  • LYNGAAS, S.; LISTER, T. (2022, February 15). “Cyberattack Hits Websites of Ukraine Defense Ministry and Armed Forces”. CNN [online]. Available...
  • MADUBUIKE-EKWE, J. N. (2021). “Cyberattack and the Use of Force in International Law”. Beijing Law Review, no. 12, pp. 631-649. DOI: https://doi.org/10.4236/blr.2021.122034
  • MORRIS, E. (2021, February 17). “DoS vs. DDoS: Which Attack Is More Dangerous and Why?”. Cybrary [online]. Available at: https://www.cybrary.it/blog/dos-vs-ddos-which-attack-is-more-dangerous-and-why/
  • MOYNIHAN, H. (2021). “The Vital Role of International Law in the Framework for Responsible State Behavior in Cyberspace”. Journal of Cyber...
  • MUELLER, G. B. et al. (2023) “Cyber Operations during the Russo-Ukrainian War from Strange Patterns to Alternative Futures”. Center for Strategic...
  • NIHREIEVA, O. (2022). “The 2022 Russian Invasion of Ukraine through the Prism of International Law: a Critical Overview”. Peace & Security,...
  • OORSPRONG, F.; DUCHEINE, P.; PIJPERS, P. (2023). “Cyber-Attacks and the Right of Self-Defense: A Case Study of the Netherlands”. Policy Design...
  • PÉREZ SIERRA, I. (2021). “La legítima defensa del Estado frente a ataques cibernéticos según el Derecho internacional”. Global Strategy Report...
  • PIELLA, G.C. (ed.) (2022). La guerra de Ucrania. Los 100 días que cambiaron Europa. Madrid: Catarata.
  • POIREAULT, K. (2023, September 27). “Cyber-Attacks on Ukraine Surge 123%, but Success Rates Plummet”. Infosecurity Magazine [online]. Available...
  • ROSCINI, M. (2007). “Threats of Armed Force and Contemporary International Law”. Netherlands International Law Review, no. 54, pp. 229-277....
  • ROSCINI, M. (2010). “World Wide Warfare – Jus ad bellum and the Use of Cyber Force”. Max Planck Yearbook of United Nations Law, no.14, pp....
  • ROSCINI, M. (2024). International Law and the Principle of Non-Intervention: History, Theory, and Interactions with Other Principles. Oxford:...
  • SHACKELFORD, S. (2010). “State Responsibility for Cyber Attacks: Competing Standards for a Growing Problem”. In: C. Crosseck & K. Podins...
  • SCHMITT, M. (2017). Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations, 2nd ed. Cambridge: Cambridge University Press....
  • SCHMITT, M. (2019, October 14). “The Netherlands Releases a Tour de Force on International Law in Cyberspace: Analysis”. Just Security [online]....
  • SOKOLOV, K.; LISITSYNA, M. (2023, February 10). “In Russia They Proposed to Exempt ‘White Hackers’ from Responsibility”. RBC [online]. Available...
  • STOCKBURGER, P. Z. (2017). “Control and Capabilities Test: Toward a New Lex Specialis Governing State Responsibility for Third Party Cyber...
  • TSAGOURIAS, N. (2022). “Cyber Attacks, Self-Defense and the Problem of Attribution”. Journal of Conflict and Security Law, vol. 17, no. 2,...
  • UK (2021, June 3). Application of International Law to States’ Conduct in Cyberspace: UK Statement, Policy paper [online]. Available at: https://www.gov.uk/government/publications
  • UK NATIONAL CYBER SECURITY CENTRE (2018, April 11). “New Cyber Attack Categorization System to Improve UK Response to Incidents”.
  • UN (2018). Advancing Responsible State Behavior in Cyberspace in the Context of International Security, Resolution of the General Assembly...
  • UN (2021). Official Compendium of Voluntary National Contributions on the Subject of How International Law Applies to the Use of Information...
  • VINHAS DE SOUZA, O. (2024). “Russia’s Invasion of Ukraine and National Cyber Security Strategies: Quantitative Comparison”. Applied Cybersecurity...
  • VOO, J. (2023). “Lessons from Ukraine’s Cyber Defense and Implications for Future Conflict”. In: J. A. Lewis, G. Wood (eds.). Evolving Cyber...