حملات سایبری از‌منظر حقوق بین‌الملل (مطالعه موردی: استاکس‌نت)

نوع مقاله: مقاله پژوهشی

نویسنده

دانشجوی دکتری حقوق بین‌الملل، دانشکده حقوق و علوم سیاسی، دانشگاه تهران

چکیده

در سال 2010 استاکس‌نت با توجه به کارویژه‌ها و پیچیدگی‌هایش مورد توجه کارشناسان قرار گرفت. این بدافزار به‌گونه‌ای طراحی شد تا رایانه‌های خاصی را در ایران مورد هدف قرار دهد. اگرچه استاکس‌نت از طریق اینترنت در جهان منتشر شد، اما آثار مخرب آن محدود به سیستم‌های کنترلی خاصی بود که در ایران هدف قرار گرفته بودند. با رمزگشایی کدهای این بدافزار مشخص شد که همانند سلاحی علیه تأسیسات هسته‌ای کشورمان طراحی و به‌کار گرفته شده است تا عملیات گازرسانی سانتریفیوژها را در فرایند غنی‌سازی دچار اختلال کند. اهداف و آثار این بدافزار به‌گونه‌ای بود که بسیاری آن را با یک حمله مسلحانه مقایسه کردند.

کلیدواژه‌ها


عنوان مقاله [English]

Cyber Attacks from the Perspective of International Law (Case Study: Stuxnet Virus)

نویسنده [English]

  • Hossein Khalaf Rezaei
چکیده [English]

Stuxnet was addressed by experts in 2010 due to its functions and complexities. This malware was designed to target special computers in Iran. Although Stuxnet was released via the internet in the world, its destructive effects were limited to certain control systems targeted in Iran. Decoding this malware revealed that it had been designed and used as a weapon against Iran’s nuclear facilities to disrupt gas operation of centrifuges in the process of uranium enrichment. Due to purposes and effects of this malware, many compared it with an armed attack.

کلیدواژه‌ها [English]

  • Cyber Attacks
  • Stuxnet
  • Armed Attack
  • Law of Armed Conflicts
1. "Computer Network Attack", HPCR Manual on International Law Applicable to Air and Missile Warfare (May 15, 2009), http://www.ihlresearch.org/amw/manual/ category/section-a-definitions.

2. "Iran’s Nuclear Program", The New York Times (Jan. 18, 2011), http://topics.nytimes.com/ top/news/international/countriesandterritories/iran/nuclear_program/index.html.

3. "Symantec’s W32.Stuxnet Report", http://www.symantec.com/security_response /writeup.jsp? docid=2010-071400-3123-99.

4. Belk, Robert and Noyes, Matthew (2012). On the Use of Offensive Cyber Capabilities: A Policy Analysis on Offensive US Cyber Policy, USA: The Office of Naval Research.

5. Broad, William J., John Markoff and David E. Sanger (2011). "Israeli Test on Worm Called Crucial in Iran Nuclear Delay", The New York Times, Published: January 15, available at: http://www.nytimes.com/2011/01/16/ world/middleeast/ 16stuxnet.html?_r=1and.

6. Brown, Gary D. (2011). "Why Iran Didn’t Admit Stuxnet Was an Attack", JFQ, issue 63.

7. Daoust, Isabelle, Coupland Robin and Ishoey Rikke (2002). "New wars, new weapons? The obligation of States to assess the legality of means and methods of warfare", International Review of the Red Cross, No. 846, 30-06-, http://www.icrc.org/eng/assets/files/other/345_364_daoust.pdf.

8. Declaration Renouncing the Use, in Time of War, of Explosive Projectiles Under 400 Grammes Weight, St Petersburg, 1868 ("St Petersburg Declaration").

9. Delibasis, D. (2007). "The Right to National Self-defence: In Information Warfare Operations", Bury St Edmunds.

  1. Dep’t of Def., Office of Gen. Counsel, An Assessment of International Legal Issues, May 1999, Reprinted in Thomas Wingfield, The Law of Information Conflict, National Security Law in Cyberspace (2000).
  2. Documents of the United Nations Conference on International Organization, vol. VI, 1945.
  3. Draft Information Security Convention (April 2012), available on the website of the Russian Embassy to the UK, http://rusemb.org.uk/policycontact/52.
  4. Dunlap, Charles J. (2011). "Perspectives for Cyber Strategists on Law for Cyberwar", Strategic Studies Quarterly.
  5. Exec. Order 13,321, 66 Fed. Reg. 53,063 (Oct. 16, 2001).
  6. Exec. Order No. 13,010, 61 Fed. Reg. 37,347 (July 15, 1996).
  7. Graham, David E. (2010). "Cyber Threats and the Law of War",4 Journal of National Security Law and Policy.
  8. Hildreth, Steven A. (2001). Congressional Research Service Report for Congress No. RL30735, Cyberwarfare 11, http://www.fas.org/irp/crs/RL30735.pdf.
  9. Hollis, Duncan, "Could Deploying Stuxnet be a War Crime?", available at: http://opiniojuris.org/2011/01/25/could-deploying-stuxnet-be-a-war-crime.
  10. http://www.state.gov/s/l/releases/remarks/197924.htm.
  11. I.C.J., Case Concerning United States Diplomatic and Consular Staff in Tehran, 24 May 1980, I.C.J. Rep. 1980.
  12. I.C.J., Corfu Channel (United Kingdom of Great Britain and Northern Ireland v. Albania), Merits, separate opinion by Judge Alvarez, 1949.
  13. I.C.J., Corfu Channel case (Merits), 9 Apr. 1949, I.C.J. Rep, 1949.
  14. I.C.J., Gabcikovo-Nagymaros Project (Hung. v. Slovk.), Merits, 1997 I.C.J. 7.
  15. I.C.J., Gabcikovo-Nagymaros Project (Hung. v. Slovk.), Merits, I. C. J. Rep. 1997.
  16. I.C.J., Legal Consequences of the Construction of a Wall in the Occupied Palestinian Territory,2004, 43 I.L.M. 1009, 1050 (2004).
  17. I.C.J., Legality of the Threat or Use of Nuclear Weapons, Advisory Opinion, ICJ Rep.1996.
  18. I.C.J., Military and Paramilitary Activities in and against Nicaragua (Nicaragua v. United States of America), merits, ICJ Rep.1986.
  19. I.C.T.Y., Prosecutor v. Tadic, Case No. IT-94-1-A, I.C.T.Y. App. Ch., 1999.
  20. ICRC (2008). "How is the Term ‘Armed Conflict’ Defined in International Humanitarian Law?".
  21. International Law Commission, Addendum-Eighth report on State responsibility by Mr. Roberto Ago, Special Rapporteur-the internationally wrongful act of the State, source of international responsibility (part 1), UN document A/CN.4/318/Add.5–7, 1980.
  22. International Law Commission, Draft Articles on the Responsibility of States for Internationally Wrongful Acts, U.N. Doc. A/CN.4/L.602/ Rev. 1 (2001).
  23. International law Commission, Report of the International Law Commission on the work of its Thirty-second session, 5 May–25 July 1980, Official Records of the General Assembly, Thirty-fifth session, Supplement No. 10, UN document A/35/10, 1980.
  24. Johnny Ryan (2007). "Growing Dangers: Emerging and Developing Security Threats", NATO REV, http://www.nato.int/docu/review/2007/issue4/ english/analysis2.html.
  25. Joint Chiefs of Staff, Joint Publication 1-02, Dep't of Def. Dict DICT DictionaryDICT Dominant Introverted Concrete Thinker (Jung personality type indicator) DICT Dictionary Client . of Military and Assoc'd Terms (12 Apr. 2001). available at: http://www.dtic.mil/doctrine/jel/newoubs/jp102.pdf.
  26. Kulesza, Joanna (2009). "State responsibility for cyber‐attacks on international peace and security", Polish Yearbook of International Law, vol. XXIX, Electronic copy available at: http://ssrn.com/abstract=1668020.
  27. Lopez, C. Todd (2007). Fighting in Cyberspace Means Cyber Dominance, A. F. Print News, http://www.af.mil/news/story.asp?id=123042670.
  28. Melzer, Nils (2011). "Cyberwarfare and International Law", UNIDIR RESOURCES.
  29. P.C.I.J., S.S. Lotus (France v. Turkey), 1927 P.C.I.J. (ser. A) No. 10. (Sept. 7, 1927) (Moore, J., dissenting).
  30. Perera, David (2012). "Cyber attacks subject to international law, says State Dept", http://www.fiercegovernmentit.com/story/cyber-attacks-subject-international-law-says-state-dept/2012-09-19?utm_source=rssandutm_medium=rss.
  31. Protocol Additional to the Geneva Conventions of 12 August 1949, and relating to the Protection of Victims of International Armed Conflicts, 8 June 1977 ("Additional Protocol I").
  32. Randelzhofer, Albrecht (2002). "Article 2(4)", in Bruno Simma (ed.), The Charter of the United Nations: A Commentary, Vol. I.
  33. Richardson, John, "Stuxnet as Cyberwarfare: Applying the Law of War to the Virtual Battlefield", 2011. Electronic copy available at: http://ssrn.com/abstract=1892888.
  34. Roscini, Marco (2010). "World Wide Warfare-Jus ad bellum and the Use of Cyber Force", in Armin Bogdany and Rüdiger Wolfrum (eds.), Max Planck Yearbook of United Nations Law, Vol. 14.
  35. Sandoz, Y., C. Swinarski and B. Zimmermann (eds) (1987). Commentary on the Additional Protocols of 8 June 1977 to the Geneva Conventions of 12 August 1949, Martinus Nijhoff, Geneva.
  36.  Sanger, David E. (2012). "Obama Order Sped Up Wave of Cyberattacks Against Iran", Published: June 1, http://www.nytimes.com/2012/06/01/world/ middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html?pagewanted= 1and_r=3andseid=autoandsmid=tw-nytimestechand.
  37. Schaap, Arie J. (2009). "Cyber warfare operations: development and use under international law", U.S. Air Force Academy, Department of Law, at: http://www.thefreelibrary.com/Cyber+warfare+operations%3a+development+and+use+under+international+law.-a0212035712.
  38. Schmitt, Michael N. (2002). "Wired Warfare: Computer Network Attack and Jus in Bello", International Review of the Red Cross, vol. 84, no. 846.
  39. Schmitt, Michael (1999). "Computer Network Attack and the Use of Force in International Law: Thoughts on a Normative Framework", Columbia Journal of Transnational Law, vol. 37.
  40. Schmitt, Michael (2011). "Cyber Operations and the Jus in Bello: Key Issues", Naval War College International Law Studies.
  41. Sklerov, Matthew J. (2009). "Solving the Dilemma of State Response to Cyberattacks: A Justification for the Use of Active Defenses against States Who Neglect their Duty to Prevent", Military Law Review, Vol. 201.
  42. The United Nations, G. A. (1970). Declaration on Principles of International Law Concerning Friendly Relations and Cooperation Among states in Accordance with the Charter of the United Nations, G.A. Res. 2625, U.N. GAOR, 25th Sess., Annex, Agenda Item 85, U.N. Doc. A/Res/2625.
  43. The White House, Cyberspace Policy Review, 16 May 2011.
  44. UK government (2010). "A Strong Britain in an Age of Uncertainty: The National Security Strategy".
  45. UN General Assembly Resolution 2625 (XXV), October 24, 1970.
  46. UN General Assembly Resolution 3281 (XXIX), December 12, 1974.
  47. UN General Assembly Resolution 3314 (XXIX), U.N. Doc. A/3314, 1974.
  48. UN General Assembly Resolution 58/199, 30 January 2004.
  49. UN General Assembly Resolution A/RES/55/29, "Role of science and technology in the context of international security and disarmament", 20 November 2000.
  50. UN General Assembly Resolution A/RES/64/211, "Creation of a global culture of cybersecurity and taking stock of national efforts to protect critical information infrastructures", 21 December 2009.
  51. UN General Assembly Resolution A/RES/65/41, "Developments in the field of information and telecommunications in the context of international security", 8 December 2010.
  52. US Department of Defense, The National Military Strategy for Cyberspace Operations, 2006.

14.    Dunn, John E. (2012). "Stuxnet details leaked to boost Obama, alleges McCain", at: http://news.techworld.com/security/3362243/stuxnet-details-leaked-to- boost-obama-alleges-mccain.

Williams, Christopher (2011). "Israeli Security Chief Celebrates Stuxnet Cyber Attack," The Telegraph, http://www.telegraph.co.uk/technology/ news/8326274/ Israeli-security-chief-celebrates-Stuxnet-cyber-attack.html.