Waging Cyber War With DDoS Attacks: Legal Aspect

The cyber war has been ongoing for more than five months. The DDoS attacks appeared as one of the primary weapons used by both sides participating in the fight. 

Since the Second World War, we have known The Geneva Conventions establishing international legal standards for humanitarian treatment in war. But cyber warfare is a legal precedent in the world, and its course now does not find an adequate legal assessment both in the national law of each related country and in international law governing cyberspace. Thus, we can only proceed from existing laws explaining the legal consequences of DDoS attacks, which inherently do not correspond to the current state of affairs. 

Even before Russia invaded Ukraine, there were thoughts about the inadequacy regime of Current International Law for Cyberspace.

According to the previously accepted understanding, Distributed Denial of Service (DDoS) and similar attacks are criminal under the law in many countries. According to the Computer Fraud and Abuse Act in the US, it is illegal. In some countries, compliance is expected if the government has signed the United Nations Convention against Transnational Organized Crime.

The ability to trace DDoS attacks to a country that has signed the treaty ensures the DDoS attack is a crime.  

In the abstract, DDoS attacks are considered a crime Russia can prosecute, including requests for submission to other countries for the extradition of suspected persons. But the government of Russia, a country that should be declared a state sponsor of terrorism, will not have the power to make such requests. 

Therefore, we highly recommend to all our disBalancers to stay in Ukraine or other countries supporting Ukraine or confronting Russia to be safe. At the same time, it is crucial to monitor the country’s political position regarding its support for Ukraine or connections with Russia to be able to respond to changes promptly and immediately.

In the case of the country’s rapprochement with Russia, one should immediately consider the possibility of moving to another country.

Attacks on Russian sites and web resources from the territory of Russia or its friendly countries are solely at the discretion of users who run Liberator on their devices. Users should also be aware that non-compliance with data protection security measures while using the Liberator can lead to deanonymization in the territory of unfriendly countries, followed by legal liability.