Law in orbit: International legal perspectives on cyberattacks targeting space systems

Space sector systems enable numerous critical functions and are often integrated into existing telecommunications infrastructure to enhance network connectivity coverage and capacity. Amid escalating cyber threats, this paper examines the application of international law to cyber operations targeting space infrastructure, addressing a critical gap in discourse. While declarations by global entities affirm the applicability of international law to cyberattacks, the complexities of cyberspace, compounded by the unique aspects of space infrastructure, pose challenges in implementation. Recognizing the absence of global cyber law and a lack of customary international law regarding cyber operations on space infrastructure, this study provides one of the first legal examinations via case analysis of cyberattacks on space infrastructures, both terrestrial and orbital, through the lens of international humanitarian law, the law of armed conflict, and outer space law. This paper adopts a comprehensive approach, considering perspectives from differing national stances as we review three main principles of international law: the general principle of sovereignty, the prohibition of intervention, and the prohibition of the use of force. Based on our analysis of three hypothetical but realistic cyber operation scenarios, international law can apply to cyberattacks on space infrastructure, and violations can occur if all conditions of a given law are met and attribution can be made to a state actor. Yet, applying these laws in a cyber context has proven to cause some complexities and disagreements, and it would be a mistake to ignore the reality that there is still significant ambiguity and varying interpretations, which could impede the unequivocal enforcement and application of these laws in such scenarios.