By: Lauren Watson
On November 4, Major General Charles Dunlap presented an argument for his paper, “‘Cybervandalism’ or ‘Digital act of war’? America’s Muddled Approach to Cyber Incidents Won’t Deter More Crises,” to attendees at the North Carolina Journal of International Law’s annual symposium. His lecture detailed the failure of the current administration to adequately tailor its language within the current international framework in such a way to effectively deter cyberattacks. He argued that unless we amend our discussion of cyberattacks to include terms with force sufficient to indicate the severity of the attack’s impact, there is no way for the United States to adequately prepare for the coming “Pearl Harbor-type” cyber attack.
At the crux of Gen. Dunlap’s argument is the reality that the U.S., as member of the United Nations, is limited in its ability to respond to cyberattacks. While there is normally a prohibition against the threat or use of force in international relations, the UN charter allows for the use of force in self-defense if a nation suffers an “armed attack.” The definition of armed attack, however, is left open. In 2012, then-Legal Advisor to the Department of State, Harold Koh, articulated the administration’s position on when a cyberattack could constitute an armed attack, arguing that if the attack resulted in “death, injury, or significant [physical] destruction,” then it is considered the functional equivalent of a kinetic use of force. For Koh, “force” and “armed attack” were coterminous.
The point of contention for Gen. Dunlap is not the U.S.’ position on ‘force’ and ‘armed attack,’ but rather the current administration’s failure to adequately define an appropriate method of classification for cyberattacks. Of particular problem is the disconnect within the administration itself. For example, when describing the recent cyberattack on Sony, President Obama used the soft term “cyber vandalism.” Nevertheless, the Department of Defense described North Korea’s cyberattack as a physical and structural destruction that the term “cyber vandalism” does not adequately address and which would almost certainly be considered sufficient to trigger Art. 51. The story is the same regarding the more recent hacks on the Democratic National Convention (DNC). While the attacks had obvious and far reaching consequences for both the DNC and the electoral process in general, the language used by the Obama administration included ambiguous terms such as theft, compromise, and disclosure when referring to the hacks rather than firm language describing the actual effects of the attack.
Gen. Dunlap’s ultimate argument is that this ambiguity in language has serious consequences for the nation’s ability to respond. Terms like ‘vandalism’ and ‘theft’ indicate actions typically understood to be minor criminal law issues that lack the option of the use of force as a remedy. In order to legally take action within the international sphere, the U.S. must start to use consistent and accurate language that fully represents the effects of cyberattacks. While the administration claims that there is not an appropriate body of law to deal with cyberattacks and to shape the terminology, Gen. Dunlap is of the opinion that defining a set terminology will help set the body of law. By labeling a cyberattack an armed attack, the limitations on response will fall away, allowing the U.S. to develop its own norms and body of law for dealing with cyberattacks. Until this is done, the U.S. will never be fully ready to defend itself from cyber threats.
 Charles Dunlap, “Cybervandalism” or “Digital Acts of War”? America’s Muddled Approach to Cyber Incidents Won’t Deter More Crises, Lawfire (Oct. 30, 2016), https://sites.duke.edu/lawfire/2016/10/30/cybervandalism-or-digital-act-of-war-americas-muddled-approach-to-cyber-incidents-wont-deter-more-crises/ [https://perma.cc/D86Q-ZYSU].
 See id. (The Department of Defense Cyber Strategy Document included a harsh response to the Sony cyberattack. The DoD stated that North Korea used “coercion, intimidation, and the threat of terrorism” in its attack. It further added that the Sony attack “was one of the most destructive cyberattacks on a U.S. entity to date.”).
 Dunlap, supra note 1.