Cyberattacks, a new form of conflict that can lead to cyberwar, provide additional complications in defining war. Contemporary nation-states now suffer and inflict ongoing cyberattacks on a large scale. However, whether all or any of these attacks constitute war rather than conflict or mere breaches of security (criminal or otherwise) is not always entirely clear. This entry reviews some recent examples of cyberattacks that may constitute cyberwar, considers the thresholds that may be met for cyberattacks to be construed as acts of war, and details four types of cyberattacks that may lead to cyberwar.


Recent high-profile cyberattacks include the following:

Because Estonia is a member of the North Atlantic Treaty Organization (NATO) and Russia was assumed to be the aggressor, one might presume that the cyberattack on Estonia was an act of cyberwar. However, there were no deaths or destruction of property. Moreover, computer technicians rectified the problem quickly, and the disruption was minimal. In addition, NATO did not declare war, and Russia denied responsibility. Arguably, therefore, this cyberattack did not constitute an act of cyberwar. Perhaps such attacks should be regarded as a form of covert political action.

Operation Orchard involved the Israeli bombing of a Syrian nuclear facility immediately after an Israeli cyberattack on Syrian air defense systems. Importantly, this cyberattack was the precursor to the bombing, and the latter was an act of war. Therefore, Operation Orchard is considered an act of war. So a cyberattack can be an act of war.

Thresholds and Types

It has been argued that cyberattacks that cause significant loss of life and destruction of physical infrastructure constitute war (cyberwar). However, what is less clear is whether cyberattacks that do not cause significant loss of life and destruction could constitute war. What should we make of, for example, a denial-of-service cyberattack that does not cause damage to physical infrastructure or loss of life but that does bring about a prolonged period in which welfare and other services cannot be provided, leading to severe hardship for large sections of the population?

Some have argued that whether or not a cyberattack constitutes an act of war—or, by parity of reasoning, whether an ongoing series of cyberattacks and counter-cyberattacks constitutes a war—depends on whether certain thresholds have been met. These thresholds have to be specified, at least legally, and presumably also morally, in terms of the nature and/or extent of the injury, loss of human life, and/or physical destruction caused. According to that view, cyberattacks cannot in and of themselves constitute war. Rather, cyberattacks can constitute war only if they cause significant loss of life or, at the very least, substantial damage to physical objects (e.g., buildings).

However, there are four kinds of harm or damage in question. First, there is harm (physical or psychological) done to human beings. Second, there is damage done to buildings, ICT hardware, and other human artifacts (as well as to the natural environment insofar as it supports individual and collective human life). Third, there is cyberharm, which is damage to software and data (as opposed to the physical ICT hardware itself). Fourth, there is institutional harm, which is the undermining of institutional processes and purposes (e.g., major breaches of confidentiality in a security agency, loss of institutional control of a territory).

The last two types of harm (cyberharm and institutional harm) might have thresholds at which war might be justified, independent of the level of the first two kinds of harm (i.e., the level of physical or psychological harm caused to humans and the level of destruction of physical property). Alternatively, the third and fourth types of harm might have thresholds at which a seriously harmful response short of war is morally, and perhaps legally, justified. Such harmful responses might include economic sanctions, but they might also include various forms of covert political action, notably covert political cyberattacks.

Seumas Miller

See also Cybertheft ; Stuxnet Virus

Further Readings

Dipert, Randall. “Ethics of Cyberwarfare.” Journal of Military Ethics, v.9 (2010).

Eberle, Christopher. “Just War and Cyberwar.” Journal of Military Ethics, v.12 (2013).

Ford, S. B. “Jus Ad Vim and the Just Use of Lethal Force-Short-of-War.” In F. Allhoff, et al. (eds.),Routledge Handbook of Ethics and War: Just War in the 21st Century. Abingdon, England: Routledge, 2013.

Miller, Seumas. “Cyber-Attacks and ‘Dirty Hands’: Cyberwar, Cyber-Crimes or Covert Political Action?” In F. Allfhoff, et al. (eds.),Binary Bullets: The Ethics of Cyberwarfare. Oxford, England: Oxford University Press, 2015.

Sanger, David. Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power. New York, NY: Broadway Books, 2013.

Singer, Peter and Allan Friedman. Cybersecurity and Cyberwar: What Everyone Needs to Know. Oxford, England: Oxford University Press, 2014.