Forget tanks and fighters. The greatest threat in modern conflicts is not the visible military, but the "virtual Trojan horse" - the invisible code that changes the rules of war.
Given that technical and legislative advances in law are not always possible to "prosecute" in regulating the growing number of cyber-attacks perpetrated between states, international law continues to provide guidelines for governing the behavior of states in cyberspace. A key question is to what extent cyber attacks should be classified as an unlawful use of force. Although existing international agreements and treaties between states do not specifically address cyber operations, the general principles and provisions of the United Nations Charter are often interpreted to extend their applicability to military actions conducted through cyber means.2 3
The Tallinn Manual – as a "key legal compass"
A direct cyber attack is aimed at computer or information systems in order to destroy them, steal data, or steal computing capacity for offensive computer operations. Such attacks on hardware, software, or data, which do not only target people, represent the deployment of cyberweapons and reflect a more strategic and destructive intent. These types of cyber attacks vary in their ability and effectiveness, with perpetrators being based anywhere in the world, from state enemies and terrorist organizations to organized crime and individuals attacking transportation systems, power grids, financial institutions, and government websites.4
According to the Tallinn Manual (hereinafter referred to as "the Manual")5, a cyber operation that results in the destruction of property is considered an attack under international law, and this classification depends on the scope and consequences of the operation.6 An attack that results in the destruction of property, e.g. decommissioning power plants or traffic control systems. So it is not just a violation of privacy, but a strategic and destructive act with global consequences.
The manual clearly articulates and defines what is considered cyber infrastructure sovereignty. It states: “States primarily have sovereignty over any cyber infrastructure located on their territory and over the activities associated with this cyber infrastructure.“ 7 Manuál 2.0 prezentuje názory odborníkov v ich osobnej rovine. Nie je teda záväznou medzinárodnou dohodou ani oficiálnym vyhlásením NATO. Projekt však ťažil z neoficiálnych príspevkov jednotlivcov z mnohých štátov a mal viac ako 50 recenzentov taktiež, z mnohých štátov, čo viedlo k vytvoreniu dobre prepracovaného manuálu.8
Montevideo Convention on the Rights and Duties of States - Border Control in Intangible Space
In accordance with the classification of cyber attacks under international law, their interaction with the Montevideo Convention is crucial for a comprehensive understanding of their legal meaning. The Montevideo Convention states that for an entity to be considered a state, four prerequisites must be met: a defined territory, a permanent population, an effective government, and the ability to establish relations with other states.9 These criteria remain the prevailing norms of international law for a state, which are particularly relevant when cyber operations originate from and involve entities seeking state recognition.10
Due to the increase in cyber attacks, it is common to analyze such operations as possible acts of cyber warfare and to consider the perpetrators accordingly as potential cyber war actors. Fulfillment of the Montevideo conditions cements the entity's status, granting it international legal recognition of its right to wage cyber warfare alongside traditional kinetic warfare.
International law is thus in a quandary. How should we classify these attacks: Is this an illegal use of force? Although existing treaties do not directly refer to cyber operations, the general principles of the UN Charter are often applied to cyber military actions. But we are still dealing with fundamental questions: How can we protect the sovereignty of a state's cyber infrastructure if an attack is carried out from beyond its borders? And most importantly: Can an entity that acquires the status of a state under the Montevideo Convention acquire the right to conduct cyber warfare in addition to conventional warfare?
Global legislation is trying to keep up with reality. While technical and legislative solutions often fail, international law, as interpreted for example by the Tallinn Manual 2.0, at least offers us guidance on how to govern states' behavior in cyberspace. However, it is important to note that this manual is only an expert opinion and not a binding international agreement.
Let's get ready. The future of conflicts is taking place on the screens of our devices. It's time to rethink what it means to be under attack!
The English version of this text was published on comeniusblogu.
The author is a student of the second year of the master's study program of the Faculty of Law, Comenius University Bratislava.
1 Charter of the United Nations. Article 2 par. 4, Article 51.
2 AL-ARIDI, A. The virtual trojan horse in modern conflicts. In Teisė. 2018. Vol. 107, p. 66–80.
3 WAXMAN, M.C. Cyber-attacks as “Force” under UN charter article 2(4). In Scholarship Archive [online]. [cit. 7.10.2025]. Online: <https://scholarship.law.columbia.edu/faculty_scholarship/847>.
4 EFRONY, D. – SHANY, Y. A rule book on the shelf? Tallinn Manual 2.0 on Cyberoperations and subsequent state practice. In American Journal of International Law. 2018. Vol. 112, no. 4, s. 583–657.
5 SCHMITT, M. N. (Ed.). (2017). Tallinn manual 2.0 on the international law applicable to cyber operations. Cambridge University Press. ISBN: 9781107177222.
6 Ibid. Pravidlo 92.
7 Ibid. Pravidlo 1.
8 „In this regard, Tallinn 2.0 does not reflect the views of any state or group of states. IGE tried hard to be objective. However, this does not mean that the views of the states were not taken into account. On the contrary, the Dutch Ministry of Foreign Affairs sponsored the 'Hague Process', in which 50 countries (including all five permanent members of the UN Security Council) and international organizations gathered in The Hague in three meetings to assess draft manual chapters, hear input from key members of the IGE and provide oral and written comments to the team." In SCHMITT, M. Tallinn Manual 2.0 on the International Law of Cyber Operations: What it is and isn’t. Just Security [online]. 2017. [cit. 2025-10-09]. Online: <https://www.justsecurity.org/37559/tallinn-manual-2-0-international-law-cyber-operations/>.
9 Montevideo Convention on the Rights and Duties of States, Article 1.
10 KRASS, C. Implementing integrated deterrence in the cyber domain: The role of lawyers. In Yale Journal of International Law [online]. 2023. [cit. 2025-10-07]. Online: <https://yjil.yale.edu/posts/2023-08-29-implementing-integrated-deterrence-in-the-cyber-domain-the-role-of-lawyers>.
11 NIYOBUHUNGIRO, J. Challenges of state sovereignty and the right of state to self-defence: The case of cyber-attacks. In Proceedings of the 2nd International Conference Postgraduate School. 2018. s. 668–671.