Written by Micole Yang
Recently, instances of statecraft through cyberspace have captured headlines worldwide—but the terms and concepts used are not known to enough people. This is partially due to the mainstream media conflating all of them as ‘cyber-attacks’. There is a gap between what most people understand from reading the news and the conceptual legal framework offered by academics. There are clear opinions, grounded in international legal theory, that could form the foundations of a cyberspace legal regime. ‘Cyberspace’ itself is a contested definition—making the meaning of ‘cyber-security’ and ‘cyber-crime’ contingent on getting that first definition right.
For the purposes of this article, I borrow from the American National Security Directive: cyberspace is defined as an “interdependent network of information technology infrastructures, and includes the Internet, telecommunications networks, computer systems, and embedded processors and controllers in critical industries.” From here we can delineate what cyber-attacks are, why cyber-space is unique, what the existing legal regime to govern cyberspace conduct is like, and, ultimately, why we must come to a better understanding of this common space of opportunity and vulnerability.