Cyber Attack and Non-State Actors


It is always difficult for states to have a strategic response to a cyber attack. In this research, the thesis question is what does estate do strategically to respond to a cyber attack? This thesis aims to determine the responses that a state can have in case they have been attacked by a cyber attack and how these responses can affect the international relationship between two countries. Cybersecurity and other cyber issues do not have laws or theories that guide countries on how to act in case of a cyber attack. It is this reason that countries fail to understand what the terms of the mainstream theories at the level of international relations. To provide a framework for analyzing these issues, it is crucial to understand theories of defensive realism, constructivism as well as liberalism that shows how a state should respond to attacks. The suits have been focusing mainly on defending themselves against cyber attacks, especially when relating these attacks to the armed attacks.  This thesis will explore the ideas behind the role of nonstateorganizations and when a country can act in case of a cyber attack.

Keywords: Cyberattack, cybersecurity, defense, international relationships, and attack, cyberspace.





In modern society, cyber attacks and cyber crimes have been difficult subjects to debate about because of the unsettlement and uncertainties surrounding the tropics. Cyber attacks are quite different from the well-known warfare especially the one that is done on the ground. These attacks what are permitted different as the involve network connections that is different from the armed attacks. A cyber attack can be defined as an action that is taken to undermine the existing functionality of the computer systems within the national security of a country. The attacks also go beyond the jurisdictions that are set on land. They are attacks that are meant to interfere with the political system or a stable economic system for the people behind the attack to gain financially. In most cases,

Cyber attacks are also targeting people who are living under technological advancement to prevent them from proceeding with asthmatic can also lead to massive destruction especially if it is meant to control a missile bomb.The development of cyberspace and the internet revolution started in the year 1980 through to the year 1990. This development has also shown potential avenues for war in a different dimension to the ones that the people are conventionally used to (Messerschmidt, 2013). The cyber-attack takes place when there are hostile actions and malicious event that have a political or economic motive (Sigholm, 2013). Cyber-attacks mainly constitute the modern cyberspace warfare because the non-state actors mainly execute their actions after a connection (Pipyros, Mitrou, Gritzalis, and Apostolopoulos, 2014). Because of the complications and the continuous changes, there is various involvement in cyber-attacks. Various states and non-state actors are always part of cyber warfare (Roberts, 2014). The non-state actors perform cyber-attacks and are also part of the solutions to these problems while being less accountable for the actions. The lack of accountability is also created by the limitations of the international laws and limitations of individual state military doctrines and policies (Schmidt, 2016 and Hathaway et al., 2012). The main aim of this paper is to look at some of the laws that are behind the cyber crimes together with the roles that are played by the nonstate actors in the cyber attacks.  Due to the differences that a cyber-attack have with an armed attack, it is always difficult to find the laws and jurisdictions behind cyber-attacks and how to react to achieve justice. The strength of the main nonstate actors has been increasing as technological advancement also proceeds. International community together with the current state cyber powers also have to adjust their security doctrine and enact considerable changes within the international bodies and laws to regulate the use of cyber crimes and interstate conflicts. States must, therefore, pursue methods that are multilateral so that they can prepare for threats presented by cyber realm by non-state actors. This work with look at some of the remedies that countries can take in case a cyber-attack reaches the level of an armed attack; it will explore some of the measures available for the states when they are responding to attacks.In many cases, the first attempt that has been proposed for countries to the resolver to in case of a cyber attack is why identify the type of attack that they have experienced. In most cases, countries experience a complete shutdown and interference of the basic processes such as air control systems, transport systems or network is best for a country to trace the locations where the threat had originated from.

Cyberspace refers to a virtual environment that operates on a global scale affecting different networks and systems directly or indirectly thereby having an impact on the structures that are critical in modern society (DeLuca 2013). These cyber actions involve a host of activities that take place within the cyberspace and a framework of illegal actions carried out by the nonstate actors rather than the state actors (Davis, 2014). Kadivar, 2014).  In most cases, the actions are meant to disrupt and to harm a political system or a stable economic system so that the perpetrator can have personal gains and satisfaction. Contrary to the military or armed operations that are done primarily by state actors to accomplish a task, cyber-attacks cause harm and damage and sometimes resulting to a loss of life for accomplishing an economic or a personal objective (Geers, 2010). With many countries having a conflict with one another, cybercrimes provide different non-state actors an opportunity to attack other countries even without getting involved in the actions physically (Aaviksoo, 2010). Nonstate actors also come in different forms and sizes as well as different ideologies, motivations, and ability (Libicki, 2012). There are times that the nonstate actors can cause harm on a state or take part in an operation that can help a country (Castel, 2012). This comes in the form of white hat hackers who are activists against terrorism and criminal activities. Cyberspace realism is complicated because of their modeling that exists between criminal warfare activities and different military responsibilities.





There are several sources of information that will be used in this thesis. All the legal system sources of law give authorities to principles of application. This species user the legal dynamics by giving an account of international laws regarding cyber attacks and also focusing on the laws that have been recognized at an international level. The materials are acknowledging resources that are recommended by articles 38 and 39 of the international court of justice in regards to the general principles, judicial decision and customary international laws. The most significant treaties for this disease is one that is stated within the united nations charter recognizing the rights and sovereignty of countries and also how countries should deal with the war against each other. The United nation’s charter also gives a representation of how countries should not be attacked by others and less they have been coerced and allowed by the united nations to do so. The united nations security council is in charge of security ideas especially those that deal with humanitarian interventions in a country. Establishing customary international law as one that is legally binding is an opinion of opiniojuris which is a statement of security practice between countries.Various teleological interpretations are recognized at an international level as they relate to the united nations charter. The main problem that has been realized is the lack of internet and cyber attack laws drafted within the united nations charter. This means that it is not right to always start to the united nations charter to get an analysis of the legal problems and to find solutions for the cyber warfare. Establishing international laws requires a legal binding and opinions that can be accepted by most countries. When it comes to the customary international laws that cover the attacks of the internet, they are not provided but employed making the international laws that relate to the customary legislations to become quite relevant when examining cyber attacks. Similarly, judicial decisions that concern cyberattack has always supported different arguments made. The decision of the criminal justice only binds when the parties r respecting each other.Nonstate actors refer to individuals or groups holding a massive influence on the government operations that can be whole or part of an independent state government (Bussolati, 2015). The interest and influence of the non-state actors can be broad; most of them being business magnets, media organizations or aid agencies. The rationale for focusing on non-state actors have always been the subject of public criticism and professional analysis (Lewis, 2010). Non-states have been deployed in different sectors due to their abilities to perform offensive actions during a cyberwar crime (Mačák, 2016). Various operations have taken place during these attacks (Grosswald, 2010). Apart from this, other hostile actions have shifted their operations in favor of nonstate actors as most of them become sustainable in fighting cyber-attacks. The complications when these non-state actors are also involved in criminal activities are also seen in different forms and platforms (Lindsay, 2015).

Cyber warfare refers to the use of computer systems and online controls to start warfare in a battlespace thereby controlling the networks. It involves an offensive or defensive operation that pertains to attack a cybercrime. It can also involve espionage or sabotage. There have been numerous controversies surrounding operations of cybercrime and weather events that are not noted. Different powers have been on the ascendance with capabilities of cybercrime engaging in the warfare between different countries such as the United Kingdom, Israel, Russia, and us (Bronk, and Tikk-Ringas, 2013).  Two of the most notable players of cybercrime include Iran and North Korea. The destruction capabilities have also been seen to grow with more independent network systems functioning on a daily basis. This distraction prospect is always expanding, and efforts to deal with the state terrorists and nonstate actor remain a massiveconcerned. The non-state actors have remained groups of ideal novelty because of their subversions and their less understood tenants within the Westphalia system (Graham, 2010).

One of the issues that have been debated recently is about the international laws that apply while responding to cyber-attacks within the self-defense priorities (Shackelford, and Andres, 2010). Even though the law of war is well-known based on accepted principles, applying similar principles to cyber-attacks always been a difficult task (Tereshchenko, 2012). The difficulty also comes because these laws are developed from war and in many cases respond to traditional or conventional wars that take place between states. Whenever there are attacks within that similar paradigm, it becomes natural in assessing the scope and to identify the attack. However, the cyber-attack becomes difficult for states in assessing the scope and finding out who is responsible for the attack (Betz, 2017).  It is these difficulties that make states to become quite reluctant in responding to cyber-attacks especially when there is then for the self-defense mechanism due to the fear of violation of the war laws. It turns out that cyber warfare is a hot topic within the international law (Liff, 2012). It is always crucial to view and respond to cyber-attacks and to determine whether to act regarding war-hosts only is a criminal activity that presents a massive challenge (Tsagourias,2012). Using active defense against computer networks in different states is also a challenge within various borders.

Because of the potential catastrophes and consequences that may result from a cyber-attack, it is always imperative for various states to effectively defend the infractions of attack (Straub, 2016). The most effective method that is used is warding off a cyber-attack by using a layered defense or using both active and passive defenses (Dinicu, 2014). It is unfortunate that states usually choose to confine to the differences in computer technology in a manner that it conspires the passive defense alone as these countries do not want to violate the law of war (Baron, Mahony, Manheim, and Dion-Schwarz, 2015). Currently, there are no comprehensive treaties that exist at the international level regarding the regulation of cyber-attacks. As a consequence of this, different states have to settle these issues by analogy; thereby equating the cyber-attacks to the armed warfare between different states (Park, 2012). This way, they will correspond to the methods that they use at the law of war or equating them to the criminal activities that take place in the domestic criminal law (Farwell, and Rohozinski, 2011). The existing views of legal scholars and states are based on the fact that states have to treat cyber-attacks similarly to criminal matters because they are uncertain over whether this cyber-attacks can be equated to the armed attack or not (Asal et al., 2016). The other reason is that of the law of war that needs states to attribute any form of armed attack to an intervention of foreign government or agents before they can respond to such a force (Gross, 2015).

As a result of the challenges that are usually presented by the technical aspect of the cyber warfare, having basic knowledge in understanding the law of war about the cyber war is crucial in understanding the sound legal basis of the states and how to respond to cyber attacks in self-defense. There is also a need for understanding the individual legal basis that comes with criminal citations and factual research (Gross, 2015).


The limited view in which people see the law of war is problematic because of two different reasons. The first reason is that active defense can be seen in the form of an electronic force and most cases concern the state computer defenses that are passive. This weakens the state posture of defense. The other dilemma is that it forces states to rely on the domestic criminal legislation that prevents cyber-attacks heavily. The domestic laws are ineffective because different states are also not willing to extradite or to prosecute cyber attackers (Sigholm, 2013 and Gross, 2015). These problems that come with the law of war makes different states to always find themselves in a condition where they only correspond to the crisis in case of an attack (Pipyros, Mitrou, Gritzalis, and Apostolopoulos, 2014).It is also crucial when they are forced to decide between effective methods which may sometimes be illegal (Messerschmidt, 2013). Sometimes active defenses are effective but are less illegal.The attributions that are required perpetrates response to the crisis. Although countries can trace the cyber-attack by using technologies back to the computer servers, finding the identity of the attacker requires an intensive investigation, an idea that is quite a time to consume that also needs attention and assistance from the state where the original attack came from (Roberts, 2014). Because of the prohibitions that exist to responding to a force, as well as the facts that majority of the attacks are conducted by non-state actors, states are always reluctant to trace a cyber-attack to the origin because of the risk of violation of international laws (Schmidt, 2016). This means that states are always locked in the state of responding to the crisis instead of protecting itself against the attacks. Treating cyber-attack as a criminal matter can sometimes be less problematic in case a passive defense under criminal during jurisdiction gives sufficient protection for them. It is unfortunate that perceived offenses are always the first line of defense and reduces the chance of a successful cyber-attack (Hathaway et al., 2012). The defense also does little to attackers that are tempting and attack in the first place. Criminal laws are proven to be important as they did a massive part of the international cybercrimesas major state actions such as China and Russia to allow these attackers to operate in a manner that is immune from the rival states (DeLuca 2013).  Cybercrime has been the major cause of increasing terrorism around the globe with numerous countries suffering in the hands of people who have their agendas and objectives (Davis, 2014).Cyberspace operations are different from cyberwar in that they can be in motivated by good objectives.



Cyber-attacks refers to an umbrella that compass all the activities of non-state actors and nation-state actors within the cyberspace, sometimes considered to be hostile and those that cause harm and damage (Kadivar, 2014). Cyberwar is loosely used to apply to instances that takes place when a cyber-attack occurs or a cyber-action operation that is surpassing the threshold recognized by the international community (Geers, 2010). When a cyber-war takes place, it surpasses the recognized welfare that is defined by the international law and sometimes leads to the loss of lives from the people (Aaviksoo, 2010).

Cyber-attacks have special characteristics that are different from physical attacks. Unlike physical space, the cyberspace is a landscape that is human-made and has interconnection of devices (Libicki, 2012). It requires a data connection which is provided by the internet. This means that the laws of one country cannot apply across all the geographical locations where the internet is present. It is these special characteristics that make cyber-attack a challenge together with the lack of governance that connected businesses and government agencies have to face (Castel, 2012). For many years, tools have enabled people with little computer knowledge to be able to prevent various controls world to start these attacks. The art is available to both the white hat hackers and black hat hackers for free such as vital hacking tools that they can use to penetrate different tester (Bussolati, 2015). The cyberspace itself is a world that lacks governance and control. Cyber-attacks expose perimeters and internal systems to a wide variety of threats. This makes it quite different from the physical war and traditional wars that people have been conventional too. One of the challenges is the rapid pace of change on the cyber-attack that presents a potential vulnerability. Management and control vigilance is needed to challenge the threat of the landscape presented by the cyber-attacks (Lewis, 2010). Cyber-attacks are also rapidly reducing in price and the scale of use. Because of the low cost of the attacks, various attackersbe presented to a state including those who cannot afford the physical war (Mačák, 2016). Because of the low cost of cyber-attacks, it exposes numerous people to the attacks. The structure of a cyber-attack is a transmission or internet protocol. This makes it difficult to identify the source of the attack and does not guarantee law enforcement or counter-attack purposes to challenge this attack (Grosswald, 2010).

Other characteristics of a cyber-attack are that they are asymmetric and have a high level of complexity. The asymmetry comes as a result of attacks that can come from anywhere from the world. It means that countries have to have defense mechanisms that take into account prevention and detection procedures to respond and to control all the data channels where attacks are surfacing from. Anonymous networks or systems always resemble a form of technology instead of showing a form of attack behavior (Lindsay, 2015). The business of the loss of cyber-attack makes countries quite vulnerable to them. Cyber warfaresare not defined across the national borders. Therefore, they do not have laws to protect themselves against it or to enforce them (Bronk, and Tikk-Ringas, 2013). These nations are the sponsors of these attacks making it difficult to react effectively.

Different researchers have tried to study the social implications of the non-state actors and their activities within the cyberspace (Graham, 2010). Most of the findings show that due to the rise of international terrorism, the non-state actors are now and acting a massive influence on the national government (Shackelford, and Andres, 2010). This comes as a result of policy choices that have to be bound within the virtual world and even on the outside. Specifically, cyberspaces have different advantages including the lowered barriers regarding time and space and the availability of knowledge that is accessible in every region of the globe (Tereshchenko, 2012; Betz, 2017).  The nonstate actors also have the time to expertise the knowledge with the available resources and therefore are always ahead of the government operations. Individuals have a significant career path that they can take with their technical knowledge that they have gained from this cyberspace. Even though the actions undertaken by the nonstate actors have been relatively tame as compared to the traditional warfare that is kinetic based, some experts agree on the potential distractions that can be done by the technical advancement. This is because of the different social activities and necessities that are continuously linked with their network systems.

There are various techniques that a country can use to perform an attribution against any cyber-attack. Attribution is defined as the process of determining the identity or the process of locating the position of an attacker. Attribution can also come in the form of identifying an intermediary of an attacker. Within the public literature, the most commonly used attribution methods are traced back tools and source tracking tools. The United Statesdepartments of defense have always improved its capability of attribution and have always notified the public on the best methods to do it. Different law enforcement finance has been available especially those that guide transmission control protocol and internet protocol. There is a large number of attribution techniques that have their weaknesses and strengths and that they can all be used according to their attack and none of them can be used instead of the other. Attribution has become difficult and limited because it can cause a crime that is delayed. These articles can also perform crime through different intermediaries and in different jurisdictions making it difficult to make an attribution. In most cases, such instances are encountered when the country is unprepared and is mostly counted by treating the information-gathering techniques and surveillance. Because of the difficulty and uncertainty of this attributions, a computer defense network in a country which is crucial should not depend on the processes of attribution. It proposed that attribution should be just part of a defensive strategy but not something that the whole country depends on. Attribution is also easier against intermediaries that comes from inside the country, and it is difficult from intermediaries coming from outside. Most of these techniques are also immature and requires findings before they are deployed. There are no laws that are agreed universally that is based on attribution procedures acceptable by every country. An attack may be identified to belong to a person name or an association. Location of an attacker can also be found regarding an internet protocol address or an Ethernet address. Because of the nature of the cyber-attacks, cyber-attribution can only involve tracking and laying blame onto a perpetrator.

Cyber-attacks usually cause serious consequences for public relations and businesses, of which end up losing their finance reputations and compliances. Because of this, organizations usually conduct investigations to attribute the incident to attract more to an actor to find the reason behind the attack or bring the attacker to justice. The attribution efforts are often done in conjunction with different law enforcement agencies and recently through the non-state actors. Because of the difficulty of this attributions, the underlying architecture of the internet makes it difficult for the states to execute justice in case there is an attack excellently. Dimension and shove cyber attribution is the lack of resources and expertise that is needed to take this criminal down. It is because of this reason that companies and organizations usually hire information experts from outside most of whom are nonstate actors. Cyber attribution has for a long time become a challenge even for the security expert who is always hired. Determining those who are responsible for a cyber-attack, there is always an extensive audit and a forensic investigation that requires analysis of digital evidence or historical data press and the people behind orchestrating these attack. Nonetheless, that occurs usually do not conduct these attacks on their own and are always acting behind emotive. The jurisdictions always hinder the attributions in a cross-border cybercrime especially if an investigation has to involve cross border activities. This can always prevent gathering evidence that should always be conducted as soon as possible after an attack has occurred.

The most commonly used attribution techniques our special but definitive. This is because it is not easy to find the most concise technique that can apply to all the cases. The continuous advancement in technology also makes it difficult because new threats are always developed. This makes old attribution techniques that had been defined quite difficult to implement because they are outdated.  Investigators of cybercrimes always use analysis tools and programs that uncovers critical information on the attackers. They are often presented with information about programming languages related to the information including the compilers that have been used to conduct the activity and the time as well as the library used in the attack. An example is when an investigator determines a man were written in Chinese. This information can be used to narrow down suspects of the cyber attribution. Investigators sometimes attempt to do an attribution through analyzing the presented meta-data connected to the attack. Meta-data include the IP addresses, hosts for emails at the domain names. The domain name registration can lead the investigator to a third-party source that can help them make an attribution because these attacks often communicate through the nodes that are outside their networks target. The data can sometimes defect which even presents more challenges to the investigator. Nonetheless, this metadata can use at the initial stages to help that investigator and attribute as to narrow down their suspects as required.

Sometimes, fusion may involve analyzing the data collected from multiple targets. This requires an expert who makes assumptions that are based on their falsified data identified. An example is when a professional process and a nominee must email address and links it back to the domain names that are attack had been identified in the first place. The other commonly used approach is where investigators examine the procedures and tactics used in the attack. Cyber-attacks often have their recognized styles. This distinctive styles can be identified by professionals who are always working to pin down these attack this can be used in conjunction with their falsified data. In most cases, the investigators have identified perpetrators based on the clues that they have heard from the past attacks. These can include engineering tactics or reusing the malware from the other attacks that had happened earlier. If there is some knowledge about what is happening in certain industries, the attributes can predict an attack based on these uncertainties. An example is when a company operating on natural gas spends money exploring the gas, as a consequence of this, there must be a possibility of stealing geospatial data. It is also important to understand the motive of the attacker and the person or estate behind the cyber-attack. The lack of security experts is to understand the objective of the perpetrator because in most cases it is not money. This can help them figure out cybercrimes and criminals who have been saying for a long time in case they have not contacted an impending attack. Cyber-attack is not exactly science because the techniques are identifiable.

The increasing importance of modern technology and advancement in cyberspace within the society he’s becoming something of a national security concern in many government processes in the whole globe. Cybersecurity is also increasingly becoming an arena of the dispute with special characteristics that cannot be solved easily. Different characteristics of surface security such as its nature which is isometric and they massive lack of attributions coupled with the low entry costs make it one of the most attractive in national state and non-state act within the cyber-security conflict. Other characteristics of cyber security that makes it more significant are the legal and equity surrounding it together with the role of an efficient medium for crime and the protest together with a sponge military aggression. This dissertation will analyze different non- state actors that are quiet listing within their cyber security space and examine the motives behind them. It will also look at the incitement through analyzing how these objectives coincide with the once for the nation-states. The literature from the first suggests that several nations are pursuing the warfare of cybersecurity and the capabilities that they have while also leveraging different criminal organizations through the use of regular and irregular forces. Employment of this nonstate actor such as activist, patriotic hackers together with the cybersecurity within the state cyberspace operations is also useful for conducting cyber-attacks. Cyber-attacks are imagined to be one of the basic tools that the state powers are using to reshape the future warfare; nonetheless, the lack of concrete experience in cybersecurity together with unlimited legitimation of cyber-attacks makes it assess the future effects and risks of cybersecurity.

The world is increasingly becoming hooked on to the operations of information technology and communication. The rate at which things are becoming digitalized is even alarming to the creators of technology themselves. In our daily lives, numerous things are shaped by technology especially the time that people use on computers, mad phones, and the internet. Technology is even operating other basic needs such as electricity, clean water, transportation, and security. What if things are integrated into technology and network forming a critical infrastructure in the peoples’ lives? As a result of technology and the network is a critical part of these basic services, there has been a massive interdependency of information requirement that makes services even more efficient and excessively. At the same time, the accessibility and efficiency created by educational technology and networks also make these items and ideas more vulnerable and prone to failure in case of an adversary or an attack. Throughout the last few decades, the global use of the internet has been increasing at the rate of five hundred percent that has grown from two million in the year 2002 more than three billion in the year 2015. This means that three years later the use of the internet is maybe covering more than 60% of the population of the entire globe. Because more people are getting online, cyber-security is also becoming a concern and something that is defining the life of individuals. Cybersecurity is also threatening interactions of the people as many communities and organizations are socializing across the national boundaries through the use of social networks. Cybersecurity is becoming a more defining feature that is part of modern life. Despite the success that comes with it, cyberspace has brought new threats that are even more severe than the threats that the logo’s facing before its intervention. Cyber dependency is widespread in the society complicating the interconnections of different sectors and increasing the vulnerability of civilians and military infrastructures to attacks from other countries and other organizations. In the military, cyber-security is always a threat in all aspects of national securities starting from the land, space, under the sea. Oldies spaces have identified cybersecurity to undermine the operations of the military. These operations are not as cyberspace operations and are always coming in the form of offensive measures as well as defensive measures that are put in place to help the people from bad to the threats and vulnerabilities posed by cybersecurity. Cyberspace security can be performed in an independent manner or in a way that is convenient to the warfare. Even though the nation-state cant is the main player in this full-scale cyberwar, there have been recent events showing that nonstate actors are crucial and play key roles during events of attack and the massively contribute to the low intensive cyber schemes. Openly, they are cited as cyber-attacks.         An example of a cyber-attack was the one that took place in Estonia in the spring of the year 2007 where they are volunteers that actively took place in a cyber-conflict openly acting as if they were some form of cyber militia. When it took place, the volunteers rallied the overload in different cyberspace resources including the government and other commercial services. This is an example of a voluntary estate idea that managed to help a country in the year 2007. The other example was anonymous which was a collection of activists that were responsible for several publicized well departments as well as leaks of information. They are cyber actions that are related to national security and military affairs at are not directly involved in a national affair. Rogue malware writers other cybercriminals have also become active within the last two decades after they have been motivated by the various economic gains.


Most cybercriminals are mainly motivated by economic gains. In the year 2009, ghost net discovered confidential information that belongs to the government and other private organizations in more than 11 countries throughout the globe. This information was claimed that it came from software that was controlled by a server in China. However, responsibilities were denied by China as the government claimed not to know of the existence of ghosts net and therefore there was no conclusive evidence of the Chinese government participation in the operation.

The concept of cyber where and cybercrime is gradually becoming relevant in my states calling for quick action from the military cyberspace capable of forming intelligence agencies around the world. The demand of cybercrime also becomes a complex idea because of the continuously increasing advancement in technology. A cybercrime becomes more relevant in many nations states, the top priority in the world is all concerned about the safety of military operations. The year 2017, the department of defense in the United States approved an expansion of how it operates its cyber prediction. The department has therefore increased the troops that cover cyber operations to more than 5000 while also incorporating the civilians.



When a country has been struck by a cyber-truck, it is important to act in a comprehensive manner and with pace. Cybersecurity attack usually affects businesses and industries and has been a broad agenda. Therefore dealing with it requires technical know-how and laws that are abiding. Currently, every organization whose lives on technology and telecommunication and therefore various organizations and governments are exposed to a cyber-attack. Various organizations rely upon nonstate actors to secure and install the network operations. In many cases, these companies are not aware of the ideas behind these installations. It is important to understand the steps to undertake in case there is damage that comes with a cyber-attack. The first measure that is available is mobilizing there response team that can handle the attack. An incident response team is always relevant to a country or an organization. This can be an investigation breach team or an expert team that represents various organizations. A cyber-attack can affect the employees and individual property experts. These people can be able to attribute the attack to various items or ideas such as stolen IP address or a breach of data protection measures. In most cases, the response team can reverse the situation before it becomes a serious concern. The technical team should always contain members of a legal team who are from an external counsel. Different legal implications are also posed by cyber-attacks and are also important organizations that are seeking legal advice. There are times that a country may not act because of a lack of legal backings making it necessary for states to have legal experts who come from external legal counsel. It is also important to check if there is a loss that has come from the cyber-attack so that it can be recovered under the insurance policies. Organizations that have taken risk insurance against cyber-attacks making it easier to replace spoilt items. Most of the legal policies are costly, and organizations have to be willing to bear the costs and consequences.

It is always necessary for the business and other organizations to have a security system to ensure that the business is continuous. After there is a breach as a result of a cyber-attack, the first step is for the technical experts to secure a system that can allow the business of the organization to continue to operate. The organization can also isolate or suspend some sections in the network temporarily if they are affected. The disruption can sometimes be costly to a state or an organization.

In different countries around the globe, there have been similar cyber mobilizations aimed towards a target. Even though well-developed countries can have better defensive capabilities to protect themselves from digital resource vulnerability, including having better command and controls for their systems, less developed countries, and developing countries are recognizing the operations of cybercrime as Arabia that is attracting methodologies. They are therefore resolving two methods that are inexpensive and risk-free especially when they are waging war against anyways. Non-state actors are therefore being approached by different governments on a global scale. These governments seek to benefit from their experiences to leverage their cybersecurity and to attain the capabilities of other countries. In most cases, this has been the explanation to the case of ghost net. Currently, there is even more increase in demand for the incorporation of technology in other areas of work and infrastructure. As the operations of cybersecurity become gradually relevant to many nine states, achieving military operations demands more attention and resources. As many countries also approach nonstate actors to approach the globalization events and benefit the experiences of these countries, it is also becoming a concern for countries that do not promote such activities. The interaction between the United States and Israel also shows an interesting development on the growing importance of nonstate actors in cybercrime. Cyber-crime is mainly aimed at a conflict that focuses on nonstate actors and how they relate to the name states. Involvement of nonstate actors disables positions it’s a question of warfare that regards to the acceptance of the extreme precautions.

Addressing the importance of nonstate actors in cybercrime can be analyzed by reviewing the basic warfare principles that apply to different cyber was from the traditional perspective. Cyber has become a hot topic within the last decades us research areas have been done in this field. This is a technological advancement that is quite fast paced and is rapidly developing making it a serious concern to the public and the governmental organizations. The rapid development of the new technology doctrines, as well as public policies, also make it difficult for various legislations to keep up with the volatile and a subject that is constantly changing. The past literature defines cybercrime as techniques and tools used by security practitioners inside warfare. Well considering various definitions there are types of actions that can be taken during inevitable armed conflicts in the cyber-attack.There are different malicious actions in cybercrime that have identified in the past involving activities with the intent of messing up the operations of the country.

From this thesis, several conclusions can be made regarding the challenges that are faced by countries especially when they have been attacked by a cyber attack. Non-state actors have a major role to play in a cyber attack. This is because of the complexities that are surrounding technology for advancement and technological issues. Ideas in technology are always free and open to everyone to access. As a result, many non-state actors can develop skills that even government agencies may sometimes not afford. This makes nonstate actors important personalities in fighting crime against cyber attack. Even when it comes to the lower end of cyber attacks, such as cyberbullying and stealing of information, it is always important to keep up-to-date with the development of technology. This happens because of the differences that people have in preferences. Nonstate actors can be deployed effectively in case there is an attack against a country. Private organizations also form part of the nonstate actors especially the media personnel who are also concerned about the safety of countries. Even though there are several disadvantages to deploy the nonstate agencies, their role cannot be undermined because they are always up-to-date with the ideas of technology.In case of an attack, the country can deploy numerous remedies especially when they have been attacked by an unknown cyber attack. Many researchers have written about the ability to find the source of the attack. Knowing the type of attack is this initial stage as the laws the country to trace effectively the source where the tick has come from. After realizing the source, better for countries to have mitigation strategies such as attribution that can help estate to realize the source of the attack. Attribution refers to the ability of a technician to locate the source of a cyber attack. This is will, therefore, bear the blame of all the damages that have been done. In most cases, the country can also react and find justice to the damages that have been done. If this happens to be from a different country, then it makes sense as a country can react just in a similar way that they would do if they were attacked by an armed attack. Attribution strategies are many including those that deal with mislineous texts such as emails or by the use of IP address. Apart from attribution, various measures are available for countries to take especially if they can locate the source of the cybercrime. The characteristics of internet usage and modern technology make it difficult to have laws that godly operations of the internet. It is even more difficult to tell whether a cyber attack has reached the level of an armed attack and that the country that has been attacked should react if they find the source of the attack. This makes it difficult for different countries to respond to the attacks that are always against them.The main challenge is noticing the source of the attack and finding the attribution strategies that can massively apply to the situation. Use of best goose stepping stone is one of the strategies that have been used in the time that a country needs to control computers belonging to innocent civilians. There are times that attackers and cybercriminals use the computers belonging to civilians who are innocent are not involved in these attacks. When this happens, it becomes difficult to investigate the source of the attack and to channel all the blame towards one innocent individual. This is why it is important for computer users always to take care of their networks and secure them so that they are network cannot be used to conduct an attack that can result in havoc. However, yeah computers that can be located anywhere in the world through the use of attribution technologies. This takes place even when an attacker has concluded the attack through the use of a computer that is in another country and a network that is in another country to conduct an attack on the other continent.Based on the nature of the attack, a cyber attack can disrupt and destroy any systems that are located remotely and can disrupt out of infrastructure in a country causing one of the biggest economic disruptions to be witnessed. Avoiding site states always require a legal framework to be used to allow our country to respond to such attacks and protect itself from the enemies that are willing to conduct the attacks. The legal and international frameworks have been used for a long time to help make decisions that are affecting a country.Even though there is no except for the definition of the word cyber, it is still one of the most debated topics in the world today. Concepts are used to define it to have a universally agreed framework that can be used by the national cybersecurity manuals. Cyberspace was a concept that was proposed to show how free the internet was and the lawlessness of its operations.

Nonstate actors have been seen to be the gun nuts of cyber attacks even if they have not seen a massive level of success regarding harming the countries. The nonstate digital actors have been engaging in low-level actions that are primarily in denial services. The 21st century has been seen to be the age where they are potential damages of tooth infrastructures due to the advancement in technology.Contrary to the traditional structures and authoritative resumes, state organizations are flat and are always dispatched rather than being radical and responding to a single commander. This makes them different from the state actors, and they are key to other deals. The cyberspace has given both the state actors and the nonstate actors a massive degree of anonymity so that they can operate without anyone noticing activities. The main access that is behind a cyber attack is always over secure, and their identities are not easy to find. This is why it is always necessary to have the speed of access while transmitting the data that would challenge a tenant server. The serenity of a country even makes it difficult to attribute the attacks that are done by there state actors and nonstate actors. Independence of the networks in the computer are also controls in the public structure. This independence gives an incredible susceptibility to the targets four activities that can be referred to as being malicious.Various vital infrastructures are quite vulnerable to all the attacks conducted by both man state and state actors. Assessment of traffic controls and financial markets have been making these ideas quests especially those that are controlled by the internet. these infrastructures are quite vulnerable and massive staggering losses to a property or a life. If such issues take place in a tradition of warfare, it may result in kinetic warfare. Reviewing potential policy responses and capabilities of non-state actors is important in determining the responses regarding unilateral and multilateral sources. Numerous sources have been adapted to be used as doctrines for geopolitical stages and frameworks that occupies more traditional areas. Several sources entertain the adaptation overdue political framework and doctrine that can be used to solve international conflicts. The goal of such a doctrine is to influence the decision-making processes, especially when launching a cyber attack against countries. It depends on the ability of the country that has been attacked to project its willpower to

make its reputation and influencing decision-making processes. It also depends on ability over the country to predict the situation at a global scale. The country cannot just act against another sovereign state especially if they are suspicious of having launched an attack. The use of deterrence applies when there is a strategy of obtaining justice against the country that has launched a cyber attack against the other. It has seven basic steps that have to be followed. The first step is renaissance that takes place when a cyber attack is launched, and the target has been achieved. It was so involved scanning and technical examination of the network. It involves a massive planning phase that undertakes research where the target has to meet the objectives set after being triggered by different situations. An example of an attack that took place at the recognizing step was the Norwegiandefense that was a target too an attack especially when they were participating in the bombing of Libya in the year 2011. Weaponization is the other step which goes on after target have been realized and an operation he is supposed to take place.Weaponization takes place after an operation has been selected and the staging phase begins. It involves creating a malware that can generate a virus to destroy all the tools automatically. That usually requires a sophisticated of skill with very expensive resources that are possessed by the attacker. The delivery is there next step which marks the point of launching the operation and malware is tested at this point and directed towards a target. Because the manure had already been created, it is therefore used as a tool to interfere with the target. Delivery can be done in different ways such as sending a malicious email or having aUSB stuck inside a computer. Some cases, it can involve the use of web pages so has to have a close connection of the system. The delivery process can be done in different ways but have always been done through the internet especially when the attacker accesses the information. If not done through the internet, the delivery of the malware can be done through a closed system or the use of a USB stick. Exploration is the first step of conducting a cyber attack where the intruder is gaining access to the information of a victim. The victim is therefore exploited by the attacker to know all the information through the use of malicious software that is designed to damage or disrupt the information. After their attacker has gained access to the full control of information, it is up to them to determine what to do with it. In most cases, the information is disrupted and used to distribute the virus to even more places. Gaining access to information is one of the key ideas used by the attackers this information could be financially important especially if it involves the whole country.



From the explanations above as well as the descriptions that have been done in the chapters, cybersecurity and cyber attacks have been some of the major concerns for the international nose as they cut across all the domains. This is because they do affect not only the military sphere but also other forms of information communication and technology. When a cyber attack takes place, it’ tampers with economic social and cultural environment of a country. Because this is an area that is constantly developing, it may not be possible to find the best possible frameworks that can successfully apply to cyber-attacks for concepts that can be agreed on universal level address the malicious activities. The process of validating the hypothesis that has been proposed in this thesis shows that cybersecurity is a concern too many countries and nonstate actors play a major role in the cyber attack. Because cyberattack cuts across regions, the estate may be required to respond through the use of realism and constructivism approach in case they are not aware of the best methods to address the problems.The technical aspect cyber attack should not be neglected especially when a country is protecting itself against an external attack. They are various case studies that have shown that this information technology for advancement requires skills that are always evolving to respond to attacks and make sure that an attempt is detected at early stages. various methods are used by experts to avoid infection by a virus or an intrusion of malware that can affect the information system. Both the technical responses and mainstream theories show that there are mechanisms that can be used by countries to improve their capabilities in case of a cyber attack. This defensive capability can be the main differences when an attack shut down the system and operations stop. It is also important to collaborate with other institutions at the international level to agree on the methods to adopt the codes of conduct of operating in such a situation. Most of the cyber attacks take place under some assumptions that countries have to be aware of. The first is that cyber attacks only tech countries that have a connection of some sort. As well, defining the responses that countries display is difficult, and states have to remain cautious about their connectivities. Various case studies in the past have shown some of the best and effective methods that can be used to respond to a cyber attack. This methods had been tested in the past and mainly depend on counteractive measures making them not quite effective. Because the responses to cyber attack always take place as a result of the attack, it is usually difficult to deal with. The best way to do a response maybe attrition which is a country after they have participated in the warfare. This even complicated the matter is especially to the countries that do not have the laws covering cyber-attacks.the best way of understanding the legal backgrounds of cyber-attack is through defining the accepted operations around the globe. It is stated that a cyber operation can be offensive or defensive destruction that is caused by the networks meant to achieve a particular purpose. If a country uses this basic definition of cyber attack to attack the others, it loses meaning and causes more problems between countries.The case of a cyber attack that took place in the year 2008 in Estonia was done against the united states military system was as a result of a counter-attack meant to convert a fireball. It is stated that it was supposed to make the encryption stronger by installing security packages and design malware that could prevent such an attack. Issues that responses to cyber-attack he’s always disclosed my government and mainly depend on the information communication technologies. The most important item to consider is that every state comes up with mechanisms that can help them defend themselves against any form of cyber attack. Also, the legislation that covers cybersecurity have been drafted in different states but cannot be imposed because of such controversies. The other important consideration takes place well various countries respond differently to that cyber-attacks. In the case of Estonia, the country had the national security concepts and ideas of preventing crime when protecting itself against bridges of information communication and technology.It is also important to share the responsibilities done in ensuring that the country is safe from cyber attack. The defense should also be done in collaboration with the other bodies. These important bodies that can contribute to cyber protection include interior ministries who established the proceedings of information technology and the police boarder who is in charge of preventing any attack. In conjunction with the other government bodies, the national defense should synchronize various items that they need to ensure that they maintain your dependence and sovereignty of a country are thereby protecting it from any form of cyber attack. In the united states, the country focuses on the importance of the military especially when they are responding to a cyber attack. The military has always remained ready to prevent any cyber attack and is always ready to retaliate in case of a threat.



In the world that it continuously involves concerning technology, major threats are facing nations because of the digital nature of the operations. In response to these threats, many states and countries us trying to implement serious measures that can help them counter their threats and to also help in advancing the overall in network security in the country. The network in a country is crucial as it is part of a system that guides the nation. Securing the network, he’s one of the first steps in ensuring the better country is operating privately can disable to protect itself from the others. Securing cyberspace is a priority to many countries especially in the administration. There are those that are quite concerned about the economic status. Stealing financial intelligence of countries that are economically viable can help one country to compete and downtime the other one. It is this reason that can care about the information to allow the network insecure. However, if countries do not have the necessary expertise to counter this malice, numerous alternatives can be used.In SaudiArabia, a cyber attack destroyed more than 30000 computers operating oil production company. It is always a concern that day people steal information usually sell them or release them to the public. This even danced more damage to the image of the organization whose information has been released. To deal with this threat, it is important for countries to leverage the process by motivating the private sectors and make productive investments so that they can make the networks diverse and most secure. Dealing with this growing threat requires motivation from the private sectors and investment from companies and the states as a whole.Every country should pursue the best cybersecurity policies to avoid a regulatory approach that may be cumbersome. Instead, they should give key elements and give dynamic security defense such as undertaking a great internal engagement in cybersecurity and encouraging the development of a valued cybersecurity business.


Countries can bring together the non-state actors to help them deal with operations that they cannot handle. This has been proposed in many summit meetings where countries are finding solutions for the threats that they are facing. Saudi Arabia is an example of a country that suffered massively in the hands of cyber attack. As a result, they resolved to use nonstate actors when handling the cases of security problems. Internet security should be boot as a collaborative yea especially in countries that do not have the technological advancement level to match the other developed countries. This can also be a step to achieving security especially if a country shares some of the information to the developed countries. In many cases, creating awareness can also help people know about the truth about cyber threat. Businesses and homes can protect themselves especially if they know that they are also under threat. The government also have to account for standards and develop accountability. Responding to a great super cybersecurity campaign is an economic measure that can be used diplomatically to discourage. The non-state approach can prevent a great approach that can even be more costly to be country. The country should also encourage and allow effective cybersecurity business within their local region. By supporting extensive research, it is imminent that the country will be better in protecting itself against any cyber attack. It is also important that a country protect the cyber supply chain. In this sense, the components of computers should be securely brought into a country. Cybersecurity can take place in different forms including using the gadgets that are made worldwide to pass insecure malware. Therefore an organization should be given the mandate to receive products of high quality and those that are safer for the country. This can discourage cheap or less expensive items but are potentially dangerous. The existence of a controlled cyber defense authority helping to protect against hackers who are trying to access the country.



Aaviksoo, J. (2010). Cyber attacks against Estonia raised awareness of cyber threats. Defense Against Terrorism Review3, 13-22.

Asal, V., Mauslein, J., Murdie, A., Young, J., Cousins, K., &Bronk, C. (2016). Repression, education, and politically motivated cyber attacks. Journal of Global Security Studies1(3), 235-247.

Baron, J., O’Mahony, A., Manheim, D., & Dion-Schwarz, C. (2015). National Security Implications of Virtual Currency: Examining the Potential for Non-state Actor Deployment. RAND Corporation-NDRI Santa Monica United States.

Betz, D. J. (2017). Cyberspace and the State: Towards a Strategy for Cyber-power. Routledge.

Bronk, C., &Tikk-Ringas, E. (2013). The cyber attack on Saudi Aramco. Survival55(2), 81-96. Graham, D. E. (2010). Cyber threats and the law of war. J. Nat’l Sec. L. &Pol’y4, 87. Margulies, P. (2013). Sovereignty and cyber attacks: Technology’s challenge to the law of state responsibility. Melb. J. Int’l L.14, 496.

Bussolati, N. (2015). ‘The Rise of Non-State Actors in Cyberwarfare.’

Castel, M. E. (2012). International and Canadian law rules applicable to cyber attacks by state and non-state actors: Canadian Journal of Law and Technology10(1).

Davis, P. K. (2014). Deterrence, influence, cyber attack, and cyberwar. NYUJ Int’l L. & Pol.47, 327.

DeLuca, C. D. (2013). The Need for International Laws of War to Include Cyber Attacks Involving State and Non-State Actors. Pace Int’l L. Rev. Online Companion, ii.

Dinicu, A. (2014). Cyber threats to national security. Specific features and actors involved. Scientific Bulletin-NicolaeBalcescu Land Forces Academy19(2), 109.

Farwell, J. P., &Rohozinski, R. (2011). Stuxnet and the future of cyberwar. Survival53(1), 23-40.

Geers, K. (2010). The challenge of cyber attack deterrence. Computer Law & Security Review26(3), 298-303.

Gross, J. R. (2015). Hack and Be Hacked: A Framework for the United States to Respond to Non-State Actors in Cyberspace. Cal. W. Int’l LJ46, 109.

Grosswald, L. (2010). Cyber attack Attribution Matters Under Article 51 of the UN Charter. Brook. J. Int’l L.36, 1151.

Hathaway, O. A., Crootof, R., Levitz, P., Nix, H., Nowlan, A., Perdue, W., & Spiegel, J. (2012). The law of cyber-attack. California Law Review, 817-885.

Kadivar, M. (2014). Cyber-attack attributes. Technology Innovation Management Review4(11).

Lewis, J. A. (2010). The electrical grid as a target for cyber attack. Center for Strategic and International Studies.

Libicki, M. C. (2012). The specter of non-obvious warfare. Strategic Studies Quarterly6(3), 88-101.

Liff, A. P. (2012). Cyberwar: a new ‘absolute weapon’? The proliferation of cyber warfare capabilities and regional war. Journal of Strategic Studies35(3), 401-428.

Lindsay, J. R. (2015). Tipping the scales: the attribution problem and the feasibility of deterrence against cyberattack. Journal of Cybersecurity1(1), 53-67.

Mačák, K. (2016). Decoding Article 8 of the International Law Commission’s Articles on State Responsibility: Attribution of cyber operations by non-state actors. Journal of Conflict and Security Law21(3), 405-428.

Messerschmidt, J. E. (2013). Hackback: Permitting retaliatory hacking by non-state actors as proportionate countermeasures to transboundary cyber harm. Colum. J. Transnat’l L.52, 275.

Park, G. K. (2012). Granting an Automatic Authorization for Military Response: Protecting National Critical Infrastructure from Cyber attack. Brook. J. Int’l L.38, 797.

Pipyros, K., Mitrou, L., Gritzalis, D., &Apostolopoulos, T. (2014, July). A cyber-attack evaluation methodology. In Proc. of the 13th European Conference on Cyber Warfare and Security (pp. 264-270).

Roberts, S. (2014). Cyberwars: applying customary laws to war to cyber warfare and non-state actors. N. Ky. L. Rev.41, 535.

Schmidt, N. (2016). Super-empowering of non-state actors in cyberspace. World International Studies Committee 2014.

Shackelford, S. J., & Andres, R. B. (2010). State Responsibility for Cyber Attacks: Competing Standards for a Growing Problem. Geo. J. Int’l L.42, 971.

Sigholm, J. (2013). Non-state actors in cyberspace operations. Journal of Military Studies4(1), 1-37.

Straub, J. (2016). Consideration of the use of autonomous, non-recallable uncrewed vehicles and programs as a deterrent or threat by state actors and others. Technology in Society44, 39-47.

Tereshchenko, N. (2012). US Foreign Policy Challenges of Non-State Actors’ Cyber Terrorism against Critical Infrastructure. International Journal of Cyber Warfare and Terrorism (IJCWT)2(4), 28-48.

Tsagourias, N. (2012). Cyber attacks, self-defense and the problem of attribution. Journal of conflict and security law17(2), 229-244.


Do you need high quality Custom Essay Writing Services?

Custom Essay writing Service