Plea of Necessity: Legal Key to Protection against Unattributable Cyber Operations

Abstract

Cyber operations represent one of the main security threats today. The number of cyber operations attacking critical infrastructure is increasing year by year and states are looking for means to defend against this threat. However, the origin of hostile cyber operations is often located in the territory of another state, and attacked states must therefore grapple with the question of international law in their search for an effective defence mechanism. If states wish to defend themselves actively, the sovereignty of another state may be infringed, and such an infringement must be justified by an instrument of international law. These instruments of international law are retorsion, countermeasures, self-defence and plea of necessity. Application of plea of necessity, unlike the other alternatives mentioned, is not premised on the attributability of the cyber operation to the state, and it is precisely the attribution of cyber operation that poses one of the main problems of taking legal defensive measures. The article is divided into two parts. The first part is devoted to the relationship between retorsion, countermeasures, self-defence and plea of necessity. The second part discusses the conditions for the application of plea of necessity in the cyber context. The text takes into account the available state practice, in particular the national positions on the application of plea of necessity in the cyber context published in the last three years.