Important international law questions for formulating cyber strategy and policy include whether and when a cyber-attack amounts to an “act of war,” or, more precisely, an “armed attack” triggering a right of self-defense, and how the international legal principle of “sovereignty” could apply to cyber activities. International law in this area is not settled. There is, however, ample room within existing international law to support a strong cyber strategy, including a powerful deterrent. The answers to many international law questions discussed below depend on specific, case-by-case facts, and are likely to be highly contested for a long time to come. This means that the United States should continue to exercise leadership in advancing interpretations that support its strategic interests, including its own operational needs, bearing in mind that we also seek rules that will effectively constrain the behaviors of others.
International Law | Internet Law | Law | Military, War, and Peace | National Security Law
National Security Law Program
Center on Global Governance
Matthew C. Waxman,
Cyber Strategy & Policy: International Law Dimensions,
Available at: https://scholarship.law.columbia.edu/faculty_scholarship/2025