《塔林手冊2.0》與網路戰：以俄羅斯針對烏克蘭之網路行動為例之國際人道法案例分析

張芝祥; Chih-Hsiang Chang

請用此 Handle URI 來引用此文件： http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/91520

完整後設資料紀錄

DC 欄位	值	語言
dc.contributor.advisor	張文貞	zh_TW
dc.contributor.advisor	Wen-Chen Chang	en
dc.contributor.author	張芝祥	zh_TW
dc.contributor.author	Chih-Hsiang Chang	en
dc.date.accessioned	2024-01-28T16:22:03Z	-
dc.date.available	2024-01-29	-
dc.date.copyright	2024-01-27	-
dc.date.issued	2023	-
dc.date.submitted	2023-08-16	-
dc.identifier.citation	Books Michael Bothe, Karl Josef Partsch and Waldemar A Solf. (1982). New rules for victims of armed conflicts: commentary on the two 1977 protocols additional to the Geneva Conventions of 1949: Martinus Nijhoff Publishers. Geoffrey S. Corn, Victor Hansen, Richard Jackson, Christopher Jenks, Eric Talbot Jensen and James A. Schoettler. (2018). The law of armed conflict: an operational approach (2nd ed.): Aspen Opco Llc. International Committee of the Red Cross. (2015). International rules and standards for policing. International Committee of the Red Cross. (2016). Commentary on the First Geneva Convention: Convention (I) for the Amelioration of the Condition of the Wounded and Sick in Armed Forces in the Field. Cambridge: Cambridge University Press. International Committee of the Red Cross. (2021). Commentary on the Third Geneva Convention: Convention (III) relative to the Treatment of Prisoners of War. Cambridge: Cambridge University Press. Janne Hakala and Jazlyn Melnychuk. (2021). Russia’s strategy in cyberspace: NATO Strategic Communications Centre of Excellence. Heather Harrison Dinniss. (2012). Cyber Warfare and the Laws of War: Cambridge University Press. Garth Jowett and Victoria O'Donnell. (2012). Propaganda and Persuasion (5th ed.): SAGE Publications, Inc. Fred Kaplan. (2016). Dark territory: The secret history of cyber war: Simon and Schuster. Michelle Mack. (2008). Increasing Respect for International Humanitarian Law in Non-International Armed Conflicts: International Committee of the Red Cross. John Mackinlay. (2013). Globalisation and insurgency: Routledge. Brian McQuinn. (2012). After the Fall: Libya's Evolving Armed Groups: Small Arms Survey, Graduate Institute of International Studies. N Melzer. (2009 ). Interpretive guidance on the notion of direct participation in hostilities under international humanitarian law (ICRC Ed.): International Committee of the Red Cross. Claude Pilloud, Yves Sandoz, Christophe Swinarski and Bruno Zimmermann. (1987). Commentary on the Additional Protocols of 8 June 1977 to the Geneva Conventions of 12 August 1949 (ed. Vol. 26): Cambridge University Press. Tilman Rodenhäuser. (2018). Organizing rebellion: Non-state armed groups under international humanitarian law, human rights law, and international criminal law: Oxford University Press. Przemysław Roguski. (2020). Application of international law to cyber operations: a comparative analysis of states’ views: The Hague Program on International Cyber Security. Michael N. Schmitt. (2013). Tallinn Manual on the International Law Applicable to Cyber Warfare: Cambridge University Press. Michael N. Schmitt. (2017). Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations: Cambridge University Press. Hannah Smith. (2020). Online Influence and Hostile Narratives in Eastern Asia. Jeremy M Weinstein. (2006). Inside rebellion: The politics of insurgent violence: Cambridge University Press. Richard Ashby Wilson. (2017). Incitement on trial: Prosecuting international speech crimes: Cambridge University Press. World Bank. (2011). World Development Report 2011: Conflict, Security, and Development: The World Bank. Kim Zetter. (2015). Countdown to zero day: Stuxnet and the launch of the world's first digital weapon: Crown. Rafal Zgryziewicz. (2016). DAESH RECRUITMENT-HOW THE GROUP ATTRACTS SUPPORTERS: NATO Strategic Communications Centre of Excellence. Book sections Kai Ambos. (2016). Art. 25-Individual Criminal Responsibility. In K. Ambos and O. Triffterer (Eds.), The Rome Statute of the International Criminal Court: A Commentary (3rd ed., pp. 979-1029): C.H. Beck – Hart – Nomos Department of Defense and Office of General Counsel. (1999). An Assessment of International Legal Issues in Information Operations. In M. N. Schmitt and B. T. O'Donnell (Eds.), Computer network attack and international law (Vol. 76, pp. 459-529): Naval War College Press. Ahmed S. Hashim. (2011). 1. Evolution of the Iraqi Insurgency: from Conventional to Partisan Warfare during operation Iraqi Freedom Insurgency and Counter-Insurgency in Iraq (pp. 1-58). Ithaca, NY: Cornell University Press. Ahmed S. Hashim. (2011). 3. The Insurgents’ Way of Warfare Insurgency and Counter-Insurgency in Iraq (pp. 125-213). Ithaca, NY: Cornell University Press. George Jamil, Lorena Furbino, Leandro Santos, Marcus Alves, Rafael Santiago and Silvia Loyola. (2013). A design framework for a market intelligence system for healthcare sector: a support decision tool in an emergent economy Handbook of Research on ICTs and Management Systems for Improving Efficiency in Healthcare and Social Care (pp. 288-305): IGI Global. Ieva Karpavičiūtė. (2022). European Strategic Autonomy in Lithuania's Foreign Policy Discourse European Strategic Autonomy and Small States' Security (pp. 121-137): Routledge. Wolfram Lacher. (2012). Organized crime and conflict in the Sahel-Sahara region Perilous Desert: Insecurity in the Sahara (Vol. 13, pp. 61-85): JSTOR. Laura C Rivero, Jorge H Doorn and Viviana E Ferraggine. (2002). Database integrity: fundamentals and current implementations Database integrity: challenges and solutions (pp. 17-65): IGI Global. Sandesh Sivakumaran. (2012). 5. Identifying a Non-International Armed Conflict: Armed Conflicts and Internal Tensions and Disturbances The Law of Non-International Armed Conflict. (pp. 155-211): Oxford University Press. Blake E Strom, Andy Applebaum, Doug P Miller, Kathryn C Nickels, Adam G Pennington and Cody B Thomas. (2018). Mitre att&ck: Design and philosophy Technical report: The MITRE Corporation. Journal Articles Stewart Bertram. (2015). Authority and Hierarchy within Anonymous Internet Relay Chat Networks. Contemporary Voices: St Andrews Journal of International Relations, 6(3), 15-34. Una Aleksandra Bērziņa-Čerenkova, James Pamment, Vladimir Sazonov, Francesca Granelli, Sean Aday, Māris Andžāns, John-Paul Gravelines, Mils Hills, Miranda Holmstrom, Adam Klus, Irene Martinez-Sanchez, Mariita Mattiisen, Holger Molder, Yeganeh Morakabati, Aurel Sari, Gregory Simons and Jonathan Terra. (2019). Hybrid Threats: 2007 cyber attacks on Estonia. Hybrid Threats. A Strategic Communications Perspective. NATO Strategic Communications Centre of Excellence, Riga, Latvia, 52-69. Andrew S Bowen. (2020). Russian military intelligence: Background and issues for Congress. Congressional Research Service. Curtis A Bradley and Jack L Goldsmith. (2005). Congressional authorization and the war on terrorism. Harvard Law Review, 118(7), 2047-2133. Roderic Broadhurst, Peter Grabosky, Mamoun Alazab, Brigitte Bouhours and Steve Chon. (2014). An analysis of the nature of groups engaged in cyber crime. International Journal of Cyber Criminology, 8(1), 1-20. Djemila Carron. (2016). When is a conflict international? Time for new control tests in IHL. International Review of the Red Cross, 98(903), 1019-1041. James Cockayne. (2013). Chasing shadows: strategic responses to organised crime in conflict-affected situations. The RUSI Journal, 158(2), 10-24. International Committee of the Red Cross. (2020). International humanitarian law and cyber operations during armed conflicts: ICRC position paper submitted to the Open-Ended Working Group on Developments in the Field of Information and Telecommunications in the Context of International Security and the Group of Governmental Experts on Advancing Responsible State Behaviour in Cyberspace in the Context of International Security, November 2019. International Review of the Red Cross, 102(913), 481-492. Jeremy K Davis. (2022). Developing Applicable Standards of Proof for Peacetime Cyber Attribution. Tallinn Papers(13). John de Boer and Louise Bosetti. (2015). The crime-conflict “nexus”: State of the evidence. Occasional Paper, 5(9), 1-25. David Décary-Hétu and Benoit Dupont. (2012). The social network of hackers. Global Crime, 13(3), 160-175. Knut Dörmann. (2004). Applicability of the Additional Protocols to computer network attacks. in Computer Network Attack and International Law: War Studies, 76, 1-12. Zahra Dsouza. (2018). Are cyber security incident response teams (CSIRTs) redundant or can they be relevant to international cyber security. Federal Communications Law Journal, 69(3), 201-226. Nicolas Falliere, Liam O Murchu and Eric Chien. (2011). W32. stuxnet dossier. White paper, symantec corp., security response, 5(6), 1-68. Heather Harrison Dinniss. (2015). The nature of objects: Targeting networks and the challenge of defining cyber military objectives. Israel Law Review, 48(1), 39-54. Eric M Hutchins, Michael J Cloppert and Rohan M Amin. (2011). Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains. Leading Issues in Information Warfare & Security Research, 1(1), 80. Rebecca Ingber. (2017). Co-Belligerency. Yale Journal of International Law, 42, 68-120. Eric Talbot Jensen. (2016). The Tallinn Manual 2.0: Highlights and Insights. Georgetown Journal of International Law, 48, 735-778. David Kushner. (2013). The real story of stuxnet. ieee Spectrum, 50(3), 48-53. Kubo Mačák. (2015). Military objectives 2.0: The case for interpreting computer data as objects under international humanitarian law. Israel Law Review, 48(1), 55-80. Michael McGuire. (2012). Organised crime in the digital age. London: John Grieve Centre for Policing and Security. Marko Milanovic and Michael N Schmitt. (2020). Cyber attacks and cyber (mis) information operations during a pandemic. Journal of National Security Law & Policy, 11, 247-284. Piret Pernik. (2018). Preparing for Cyber Conflict: Case Studies of Cyber Command. Tallinn: International Centre for Defence and Security, 1-37. Kosmas Pipyros, Christos Thraskias, Lilian Mitrou, Dimitris Gritzalis and Theodoros Apostolopoulos. (2018). A new strategy for improving cyber-attacks evaluation in the context of Tallinn Manual. Computers & Security, 74, 371-383. Octavian Paul Rotaru and Mircea Petrescu. (2004). A Database Integrity Pattern Language. Leonardo Journal of Sciences, 5, 46-62. Marco Sassòli. (2003). Legitimate targets of attacks under international humanitarian law. HPCR Policy Brief, 1-10. Michael Schmitt. (2012). Classification of cyber conflict. Journal of conflict and security law, 17(2), 245-260. Michael N Schmitt. (1999). Computer Network Attack and the Use of Force in International Law: Thoughts on a Normative Framework. Columbia Journal of Transnational Law, 37, 885-937. Michael N Schmitt. (2014). Rewired warfare: rethinking the law of cyber attack. International Review of the Red Cross, 96(893), 189-206. Michael N Schmitt. (2015). The notion of ‘objects’ during cyber operations: a riposte in defence of interpretive and applicative precision. Israel Law Review, 48(1), 81-109. Michael N Schmitt and Liis Vihul. (2014). The nature of international law cyber norms. Tallinn Papers(5), 1-31. Antonius JC Selhorst. (2016). Russia's Perception Warfare. Militaire Spectator, 185(4), 148-164. Scott J Shackelford, Michael Sulmeyer, Amanda N Craig Deckard, Ben Buchanan and Brian Micic. (2017). From Russia with love: Understanding the Russian cyber threat to US critical infrastructure and what to do about it. Nebraska Law Review, 96, 320-338. Linda Slapakova, Theodora Vassilika Ogden and James Black. (2021). Strategic and Legal Implications of Emerging Dual-Use ASAT Systems. NATO Legal Gazette(42), 178-193. Stefan Soesanto. (2022). The IT army of Ukraine: structure, tasking, and eco-system. CSS Cyberdefense Reports, 1-32. Melvin RJ Soudijn and Birgit CH T Zegers. (2012). Cybercrime and virtual offender convergence settings. Trends in organized crime, 15(2-3), 111-129. Harmen Van der Wilt. (2012). War Crimes and the Requirement of a Nexus with an Armed Conflict. Journal of International Criminal Justice, 10(5), 1113-1128. Wolff Heintschel von Heinegg. (2012). The Tallinn manual and international cyber security law. Yearbook of international humanitarian law, 15, 3-18. Conference papers and proceedings International Committee of the Red Cross. (2003). International humanitarian law and the challenges of contemporary armed conflicts Paper presented at the 28th International Conference of the Red Cross and Red Crescent, Geneva, Switzerland. International Committee of the Red Cross. (2011). International humanitarian law and the challenges of contemporary armed conflicts Paper presented at the 31th International Conference of the Red Cross and Red Crescent, Geneva, Switzerland. International Committee of the Red Cross. (2015). International humanitarian law and the challenges of contemporary armed conflicts Paper presented at the 32nd International Conference of the Red Cross and Red Crescent, Geneva, Switzerland. Marjolein Cupido. (2021). Causation in international crimes cases:(re) concenptualizing the causal linkage. Paper presented at the Criminal Law Forum. International Law Association Committee. (2010). Final report on the meaning of armed conflict in International Law. Paper presented at the The Hague Conference. M. Zekeriya Gunduz and Resul Das. (2018). Analysis of cyber-attacks on smart grid applications. Paper presented at the 2018 International Conference on Artificial Intelligence and Data Processing (IDAP). Leonie Haiden and Jente Althuis. (2018). The definitional challenges of fake news. Paper presented at the International Conference on Social Computing, Behavior-Cultural Modeling, and Prediction and Behavior Representation in Modeling and Simulation. Rafiullah Khan, Kieran McLaughlin, David Laverty and Sakir Sezer. (2017). STRIDE-based threat modeling for cyber-physical systems. Paper presented at the 2017 IEEE PES Innovative Smart Grid Technologies Conference Europe (ISGT-Europe). Ewan Lawson and Kubo Mačák. (2021, JANUARY 21–22 ). Avoiding Civilian Harm From Military Cyber Operations During Armed Conflict. Paper presented at the ICRC Expert Meeting, Geneva. N Melzer. (2005, October 23 – 25). Summary Report. Paper presented at the Third Expert Meeting on the Notion of Direct Participation in Hostilities, Geneva. Rain Ottis. (2008). Analysis of the 2007 cyber attacks against Estonia from the information warfare perspective. Paper presented at the Proceedings of the 7th European Conference on Information Warfare. Michael N Schmitt. (2012). “Attack” as a term of art in international law: The cyber operations context. Paper presented at the 2012 4th International Conference on Cyber Conflict (CYCON 2012). Jeremy Straub. (2020). Modeling attack, defense and threat trees and the cyber kill chain, att&ck and stride frameworks as blackboard architecture networks. Paper presented at the 2020 IEEE International Conference on Smart Cloud (SmartCloud). Michael Yip. (2011, 14 - 17 Jun). An investigation into Chinese cybercrime and the applicability of social network analysis. Paper presented at the ACM WebSci '11, Koblenz, Germany. Government documents Canadian Centre for Cyber Security. (2022). Cyber threat bulletin: Cyber threat activity related to the Russian invasion of Ukraine (CAT. D96-88/2022E-PDF). Canada. Retrieved from https://www.cyber.gc.ca/sites/default/files/cyber-threat-activity-associated-russian-invasion-ukraine-e.pdf. CERT-EU. (2023). Russia’s war on Ukraine: One year of cyber operations, 24 February 2022 – 24 February 2023. European Union. Retrieved from https://cert.europa.eu/static/MEMO/2023/TLP-CLEAR-CERT-EU-1YUA-CyberOps.pdf. Defence Command Denmark. (2016). Military manual on international law relevant to Danish Armed Forces in international operations. Denmark. Retrieved from https://www.forsvaret.dk/globalassets/fko---forsvaret/dokumenter/publikationer/-military-manual-updated-2020-2.pdf. European Commission Directorate-General for Communications Networks, Content and Technology. (2018). A multi-dimensional approach to disinformation : report of the independent High level Group on fake news and online disinformation. European Union. Retrieved from doi: 10.2759/739290. European Union Agency for Network and Information Security. (2014). Cooperation with Law Enforcement Agencies - Advising in Cyber Crime Cases: Handbook, Document for teachers. European Union. European Union. Retrieved from https://www.enisa.europa.eu/topics/training-and-exercises/trainings-for-cybersecurity-specialists/online-training-material/documents/cooperation-with-law-enforcement-agencies-advising-in-cyber-crime-cases-handbook. Federal Bureau of Investigation and National Security Agency. (2020). Russian GRU 85th GTsSS deploys previously undisclosed Drovorub malware. (U/OO/160679-20 \| PP-20-0714). United States. Retrieved from https://media.defense.gov/2020/Aug/13/2002476465/-1/-1/0/CSA_DROVORUB_RUSSIAN_GRU_MALWARE_AUG_2020.PDF. Foreign Agricultural Service. (2022). Ukraine Agricultural Production and Trade. United States. Retrieved from https://www.fas.usda.gov/sites/default/files/2022-04/Ukraine-Factsheet-April2022.pdf. Joint Communication to the European Parliament and the Council. (2022). EU Policy on Cyber Defence. (JOIN (2022) 49 final). European Union. Retrieved from https://www.eeas.europa.eu/sites/default/files/documents/Comm_cyber%20defence.pdf. New Zealand Defence Force. (2017). Manual of armed forces law. (DM 69). New Zealand. Retrieved from https://ihl-databases.icrc.org/en/national-practice/manual-armed-forces-law-volume-4-law-armed-conflict. U.N. Human Rights Council. (2012). Report of the International Commission of Inquiry to investigate all alleged violations of international human rights law in the Libyan Arab Jamahiriya. (A/HRC/17/44). United Nations. Retrieved from https://documents-dds-ny.un.org/doc/UNDOC/GEN/G12/101/23/PDF/G1210123.pdf?OpenElement. U.N. Human Rights Council. (2012). Report of the independent international commission of inquiry on the Syrian Arab Republic, Annex III. (U.N. Doc.A/HRC/21/50). United Nations. Retrieved from https://documents-dds-ny.un.org/doc/UNDOC/GEN/G12/160/66/PDF/G1216066.pdf?OpenElement. U.N. Security Council. (2014). The International Commission of Inquiry on the Central African Republic—Final Report. (U.N. Doc S/2014/928). United Nations. Retrieved from https://documents-dds-ny.un.org/doc/UNDOC/GEN/N14/712/29/PDF/N1471229.pdf?OpenElement. Working papers, reports and other web contents Robin Geiss and Henning Lahmann. (2021, February 12). Protecting the global information space in times of armed conflict. [Working paper]. Retrieved from http://dx.doi.org/10.2139/ssrn.3784565 Eian Katz. (2021, June 5). War of Lies: Protecting Civilians from Disinformation during Armed Conflict. Retrieved from http://dx.doi.org/10.2139/ssrn.3860972. Gary Corn. (2020, April 2). Coronavirus Disinformation and the Need for States to Shore Up International Law. Lawfare. Retrieved from https://www.lawfaremedia.org/article/coronavirus-disinformation-and-need-states-shore-international-law. Alla Hurska. (2022, April 19). Ukraine’s other front: the battle in the cyber domain. The Jamestown Foundation. Retrieved from https://jamestown.org/program/ukraines-other-front-the-battle-in-the-cyber-domain/. Microsoft Digital Security Unit. (2022). Special report: Ukraine: An overview of Russia’s cyberattack activity in Ukraine. Retrieved from https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE4Vwwd. Christian Ruhl, Duncan Hollis, Tim Maurer and Wyatt Hoffman. (2020, Feburary 26). Cyberspace and geopolitics: Assessing global cybersecurity norm processes at a crossroads. Carnegie Endowment for International Peace. Retrieved from https://carnegieendowment.org/2020/02/26/cyberspace-and-geopolitics-assessing-global-cybersecurity-norm-processes-at-crossroads-pub-81110 Camille Borrett, Timothy Gschwend and Kerstin Zettl-Schabath. (2023, Feburary 6). Advanced persistent threat profile: APT28. Retrieved from https://strapi.eurepoc.eu/uploads/Eu_Repo_C_APT_profile_APT_28_4856c0a0ac.pdf. Microsoft Threat Intelligence. (2023, June 14). Cadet Blizzard emerges as a novel and distinct Russian threat actor. Microsoft Security Blog. Retrieved from https://www.microsoft.com/en-us/security/blog/2023/06/14/cadet-blizzard-emerges-as-a-novel-and-distinct-russian-threat-actor/. Andrea G Rodríguez. (2022, March 22). Lessons from the Ukrainian cyber front. European Policy Centre. Retrieved from: https://www.epc.eu/en/Publications/Lessons-from-the-Ukrainian-cyber-front~476f1c. Michael N Schmitt. (2022, May 9). UKRAINE Symposium – Are We at War? Articles of War. Retrieved from: https://lieber.westpoint.edu/are-we-at-war/. Peter Wallensteen. Interview with Peter Wallensteen. (2009). International Review of the Red Cross, 91(873), 7-19.	-
dc.identifier.uri	http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/91520	-
dc.description.abstract	起始於2022年二月的俄羅斯侵略烏克蘭之武裝衝突中，許多異常的網路行動分別鎖定烏克蘭政府與民間企業的重要基礎設施及網路基礎設施以惡意軟體或駭客行動進行網路攻擊。發起這些網路行動的駭客往往與俄羅斯政府有密切關聯，極可能屬於俄羅斯入侵烏克蘭的作戰計畫之一環，而有適用國際人道法之可能。本論文乃將由來自各國之國際法學者與電腦科技專家經數次學術討論會議所擬定之《塔林手冊2.0》的規則假借為國際人道法之成文法，涵攝於烏俄戰爭中出現較具代表性的網路行動，以便探討在現行的國際法體系與規則下，國際人道法對於網路攻擊之管轄權範圍、適用國際人道法之涵攝結果、與現仍未有定論或存有歧見之相關法律爭議。本論文以隸屬國際人道法分支的「戰時法」(jus in bello)為母題，將所涉及之國際人道法上的重要法律概念設定為子題，以2022年爆發的烏俄戰爭中所觀察到的網路行動為例，將《塔林手冊2.0》提出之重要原則與概念逐一涵攝以揭示目前未有定見之爭議，進而梳理出將《塔林手冊2.0》之規則適用於已實際發生的武裝衝突之困難。本論文認為，雖《塔林手冊2.0》已提出許多衡量標準與具體實例，但從針對各項規則的評論與解釋可知，學術界對於網路攻擊造成之後果的評估仍欠缺共識，尤其於因果關係與分別未遂及既遂的標準，尚未形成具體化或一致的準則；又因國際刑事法院與常設仲裁法院目前未審理過關於可歸責於國家之網路攻擊的案例，未累積出足以參考的案例法，連帶造成舉證責任之強度與分配尚且不明。本論文建議，各國應針對武裝衝突期間如何保護數位資訊另行締訂新的國際條約或針對日內瓦公約進行修訂或補充，以具體化國際人道法之規定；各國政府亦應與法律與科技專家進行定期密切合作，針對技術規範與法律規範間之差距共同進行評估與修正；國際社會亦應考慮建立國際法庭以外之新機制以調解或調查關於網路戰的爭議。	zh_TW
dc.description.abstract	Since Russia's invasion of Ukraine on February 2022, numerous abnormal cyber operations targeting critical infrastructure and information and communications technology infrastructure of the Ukrainian government and private enterprises have been observed. The cyber operators behind these operations are often closely affiliated with the Russian government and likely form parts of the overall military plan of the invasion, potentially falling under the scope of international humanitarian law. By adopting the rules proposed in the Tallinn Manual 2.0 and applying them to cyber operations observed during the Russo-Ukrainian War, this thesis aims to explore the jurisdictional scope of international humanitarian law concerning cyber attacks, the legal implications, and unresolved or controversial legal disputes under the current framework of international law. This thesis focuses on the application of jus in bello, also known as the law of war, in the cyber context, analyzing the relevant principles and concepts presented in the Tallinn Manual 2.0 to uncover existing controversies. The purpose of this thesis is to identify the challenges in applying the rules from the Tallinn Manual 2.0 to armed conflicts in the real world. This thesis argues that despite the Tallinn Manual 2.0 providing various standards and concrete examples, there is still a lack of consensus among the academic community regarding the assessment of consequences resulting from cyber attacks. Particularly concerning the causal link and distinguishing attempted attacks from successful ones, specific and consistent criteria have yet to be established. Additionally, since the International Criminal Court and the Permanent Court of Arbitration have not yet handled cases related to State-attributable cyber attacks, there is a lack of case law for reference, leading to uncertainty in determining and allocating the burden of proof. This thesis proposes that States should enter into new international treaties or revise and supplement the 1949 Geneva Conventions and Additional Protocols in order to specifically address the importance of protection of digital information during armed conflicts, thereby concretizing the of international humanitarian law norms. Governments should also engage in periodic and close cooperation with legal and technology experts to assess and amend discrepancies between technical norms and legal norms. The international community should consider establishing new mechanisms outside of international courts to mediate or investigate disputes related to cyber warfare, creating impartial organizations composed of expert representatives to address the current shortcomings in the international legal framework.	en
dc.description.provenance	Submitted by admin ntu (admin@lib.ntu.edu.tw) on 2024-01-28T16:22:03Z No. of bitstreams: 0	en
dc.description.provenance	Made available in DSpace on 2024-01-28T16:22:03Z (GMT). No. of bitstreams: 0	en
dc.description.tableofcontents	Detailed table of contents 中文摘要 I Abstract III Table of contents V Detailed table of contents XII List of tables XXIX Chapter 1 Introduction 1 1.1 The motive 1 1.2 The purposes of the research 5 1.3 The literature review 6 1.4 The scope and limitations 12 1.5 The structure of this thesis 14 Chapter 2 A brief introduction of the Tallinn Manual and the cyber activities observed during the Russian invasion of Ukraine 16 2.1 The blurred boundary between the cyberspace and the physical reality 16 2.2 The birth of the Tallinn Manual: an endeavor to apply international humanitarian law in the cyberspace and on cyber armed conflict 25 2.2.1 The origin 26 2.2.2 The scope 27 2.2.3 The development 29 2.2.3.1 Members of the International Group of Experts 29 2.2.3.2 The versions of Tallinn Manual and the drafting Processes 30 2.2.3.2.1 Tallinn Manual 1.0 30 2.2.3.2.2 Tallinn Manual 2.0 31 2.2.3.2.3 Tallinn Manual 3.0: an on-going project 34 2.2.4 The core content 34 2.2.4.1 The Rules 35 2.2.4.2 The Commentary 36 2.2.4.3 The sources, citations, and evidence in support of the Rules 37 2.2.5 The features 38 2.2.5.1 The “non-binding” feature of Tallinn Manual 38 2.2.5.2 The “non-official” feature of Tallinn Manual 39 2.2.5.3 The “non-attributable” feature of Tallinn Manual 39 2.3 A big picture of cyber operations allegedly conducted by Russia observed in Ukraine 40 2.3.1 The factual characteristics of the alleged cyber operations conducted by Russia in Ukraine 42 2.3.2 The organizations and individuals as active actors in cyberspace in the midst of Russia’s invasion of Ukraine 44 2.3.3 A preliminary inquiry of the applicability of the Tallinn Manual 2.0 to Russia’s invasion of Ukraine 59 Chapter 3 The basic elements of armed conflict in the cyber context and actors involved 62 3.1 The law of armed conflict generally 62 3.1.1 The applicability of the law of armed conflict to cyber activities 62 3.1.1.1 The rules 63 3.1.1.2 The definition of “nexus” in case law 66 3.1.1.3 An extensive discussion: the difficulty to distinguish the “nexus” with an armed conflict from the “nexus” with organized crime during NIAC 69 3.1.2 Case scenarios: how to assess the nexus with an armed conflict 73 3.2 Distinguishing international and non-international armed conflict in the cyber context 80 3.2.1 The rules regarding IAC 81 3.2.1.1 IAC in general 81 3.2.1.2 IAC in the cyber context 82 3.2.1.3 The internationalization: from NIAC to IAC in the cyber context 83 3.2.1.4 Unsettled legal issues regarding the perquisites of IAC in the cyber context 86 3.2.1.4.1 “Co-belligerency”: the controversy regarding the third State becoming the parties to the existing IAC by providing certain support 86 3.2.1.5 Case scenarios: becoming parties to an existing IAC 90 3.2.1.5.1 Did the involvement of EU-CRRT render EU member States new parties to the IAC between Russia and Ukraine? 91 3.2.1.5.2 Did the involvement of USCYBERCOM render the United States a new party to the IAC between Russia and Ukraine? 93 3.2.2 The rules regarding NIAC 96 3.2.2.1 NIAC in general 96 3.2.2.1.1 Classification of the most relevant specific indicators determining the degree of organization in case law 100 3.2.2.2 NIAC in the cyber context 104 3.2.2.3 Unsettled legal issues regarding the perquisites of NIAC in the cyber context 107 3.2.2.3.1 Geographical limitations 107 3.2.2.3.2 Organized armed groups and virtual organizations 109 3.2.2.3.2.1 To apply case law by means of specific indicators 110 3.2.2.3.2.2 A debate about the degree of an organization: can a group of hackers or hacktivists amount to an organized armed group? 126 3.2.2.3.3 Implication of organizational cybercrime regarding the organizational structure of virtual organizations 128 3.2.2.3.3.1 A challenge in the cyber age: reconsideration for the definition and nature of virtual organizations 130 3.2.2.3.3.2 The new form of organization hatched out of cybercrime activities 134 3.2.2.4 Case scenarios: consequences of cyber operations crossing borders 139 3.3 The combatant and the combatant status 140 3.3.1 The rules 140 3.3.1.1 Combatants as “unprivileged belligerents” 143 3.3.1.2 The definition of “belonging” to a Party to the conflict 144 3.3.2 Unsettled legal issues 145 3.3.2.1 The notion of direct participation in hostilities in the cyber context 145 3.3.2.2 To whom are the four conditions in Article 4(A)(2) of 1949 Geneva Convention (III) applied to? 147 3.3.3 Case scenarios: the combatant status 148 3.3.3.1 Hackers affiliated with Russia 148 3.3.3.2 Volunteering hackers fighting for Ukraine 149 3.4 Armed forces 150 3.4.1 The rules 150 3.4.1.1 The composition of armed forces 152 3.4.1.1.1 State armed forces 152 3.4.1.1.2 Organized armed groups and the continuous combat function 153 3.4.1.2 Unsettled legal issues 154 3.4.1.2.1 A paramilitary or law enforcement incorporated into the armed forces of the State 154 3.4.1.2.2 The interpretation of the continuous combat function 155 3.4.1.2.3 The application of the concept of the continuous combat function in the cyber context during an NIAC 156 3.4.2 Case scenarios: which actors compose State armed forces? 157 3.4.2.1 Are hackers of APT 28 and Sandworm members of armed forces of Russia? 159 3.4.2.2 Are the cybersecurity experts sent by EU-CRRT members of armed forces? 160 3.4.2.3 Is USCYBERCOM a command of armed forces of the United States? 163 3.4.2.4 Is CERT-UA a part of the Ukrainian armed forces? 164 3.4.2.5 Is CERT-UA a unit of law enforcement that has been incorporated into Ukrainian armed forces? 166 3.4.3 Case scenarios: which actors are members of organized armed groups? 169 3.4.3.1 Is DEV-0586 an organized cyber armed group? 170 3.4.3.2 Can the IT Army comprising Ukrainian patriotic hackers amount to an organized armed group? 173 3.4.3.3 How may an individual qualify as a member of the IT Army? 185 3.4.4 Difficulties to identify non-State actors as an organized armed group in the cyber context 186 3.5 Civilians’ direct participants in hostilities 188 3.5.1 The rules 188 3.5.2 Unsettled legal issues 192 3.5.2.1 The three constitutive elements of “direct participation in hostilities” in the cyber context 192 3.5.2.2 The concept of levée en masse in the cyber context 196 3.5.2.3 The factors affecting the definition of “for such time as” in Rule 97 of the Tallinn Manual 2.0 198 3.5.2.4 Journalists and journalism 200 3.5.2.5 Civilian patriotic hackers independently undertaking offensive cyber operations against the enemy's forces 202 3.5.3 Case scenarios: direct participation in hostilities 203 3.5.3.1 Did “volunteering hackers” from Ukraine responding to Russia’s invasion take direct participation in hostilities? 203 3.5.3.2 Would participation of voluntary hackers constitute levée en masse in the cyber context? 210 3.5.3.3 Would journalists working for the pro-Russia and pro-Ukraine media be regarded as directly participating in hostilities? 214 3.5.3.3.1 Pro-Russia social media accounts 214 3.5.3.3.2 Pro-Ukraine website “StandForUkraine” 216 Chapter 4 Cyber attacks, targets and attribution 219 4.1 The concept a cyber attack under IHL 219 4.1.1 The definitions of “use of force” and “armed attack” 220 4.1.1.1 The notion of “use of force” 220 4.1.1.2 The notion of “an armed attack” 222 4.1.2 The definition of “cyber attack” in the Tallinn Manual 2.0 224 4.1.2.1 To interpret the “scale and effects” standard adopted by The Tallinn Manual 2.0 227 4.1.2.2 A debate on the nature of the “consequence” of a cyber operation 228 4.1.2.2.1 The permissive approach 230 4.1.2.2.2 The restrictive approach 232 4.1.2.2.3 The deliberations of the Tallinn Manual 2.0 233 4.1.2.3 Unsettled legal issues 233 4.1.2.4 The scope of consequences of cyber attack: the causal link 238 4.2 The “targetability” of military targets in the cyber context 240 4.2.1 The rules regarding attacks against objects 240 4.2.1.1 The definition of “military objectives” and the “dual-use object” principle 241 4.2.1.2 The definition of “nature” in Rule 100 242 4.2.1.3 The definition of “location” in Rule 100 242 4.2.1.4 The definition of “purpose” in Rule 100 244 4.2.1.5 The definition of “use” in Rule 100 246 4.2.1.6 The definition of the term “a definite military advantage” in Rule 100 246 4.2.1.7 An extensive discussion: the precision of the scope of military objectives on different levels 248 4.2.2 The military objective: data 249 4.2.2.1 An on-going debate: computer data as an object? 251 4.2.2.2 The law of treaties: controversies surrounding interpretation of Article 52 of AP I 253 4.2.2.2.1 Position 1: “computer data as object” 255 4.2.2.2.2 Position 2: “computer data not as object” 257 4.2.2.3 Classification of a malicious cyber operation against computer data from different perspective 261 4.2.2.3.1 A legal perspective: malicious cyber operations targeting “operational-level data”, “content-level data”, “metadata” or “personal data” 261 4.2.2.3.2 A technical perspective: malicious cyber operations targeting “data confidentiality”, “data integrity”, or “data availability” 264 4.2.2.4 An extensive discussion: the time of perpetration of a cyber attack 274 4.2.3 The military objective: cyber infrastructure 276 4.2.3.1 Unsettled legal issues regarding cyber attacks against cyber infrastructure 276 4.2.3.1.1 The military personnel’s use of civilian cyber infrastructure 276 4.2.3.1.2 The cyber infrastructure transmitting media reports 277 4.2.4 The military objective: networks 278 4.2.4.1 Unsettled legal issues regarding the concept of a cyber blockade 279 4.2.5 Case scenarios: military objectives 281 4.2.5.1 Cyber operations targeting data 281 4.2.5.1.1 The malware-based attack — file-encrypting attack 281 4.2.5.1.2 The malware-based attack — data theft (data exfiltration) 286 4.2.5.1.3 The malware-based attack — destructive wiper 288 4.2.5.2 DDoS attacks against websites 291 4.2.5.3 DDoS attacks against cyber infrastructure 292 4.2.5.4 Malware-based operations against the power grid 296 4.3 Means and methods of cyber attack 298 4.3.1 The rules 298 4.3.1.1 Definition of means and methods of warfare in cyberspace 299 4.3.2 The hybrid warfare: disinformation campaigns deployed as a means or method of cyber attack 301 4.3.3 Breaches of international humanitarian law during cyber operations other than cyber attacks: terrorizing 304 4.3.4 Case scenarios: means and methods 306 4.4 Cyber espionage 313 4.4.1 The rules 314 4.4.2 Unsettled legal issues regarding certain cyber espionage activities 317 4.4.2.1 Remote operation 317 4.4.2.2 Close-access operation 318 4.4.2.3 Nature of data gathered 319 4.4.2.4 As an integral part of an operation violating international law 319 4.4.2.5 A honeypot containing weaponized files 321 4.4.3 Case scenarios: cyber espionage activities 322 4.4.3.1 Moving laterally on networks and phishing attack 323 4.4.4 Unsettled legal issues regarding the different phases during the process of a complex cyber operation and the perpetration of a cyber attack 326 4.5 Attribution to individuals for the criminal responsibilities of war crimes by cyber means 330 4.5.1 The rules 330 4.5.2 The interpretation of “commit” a crime under IHL 334 4.5.3 The secondary responsibility of war crimes 337 4.5.3.1 The definition of “order”, “induce” and “solicit” in cyber operations 338 4.5.3.2 The definition of “aiding and assisting” and “abetting“ cyber operations 342 4.5.3.3 The definition of “a group of persons acting with a common purpose” 344 4.5.3.4 The superior criminal responsibility 346 4.5.4 The problems of application of legal norms governing the secondary responsibilities in the cyber context 348 4.5.5 Case scenarios: attribution to individuals 351 4.5.5.1 Shall President Vladimir Putin and the Head of GRU Admiral Igor Kostyukov be held culpable for the commission of cyber operations conducted during the invasion against Ukraine? 354 4.5.5.2 Shall Minister of Digital Transformation Mykhailo Fedorov be held culpable for the commission of cyber operations conducted by IT Army during the invasion against Ukraine? 360 4.5.5.3 Shall the Ukrainian IT entrepreneur Yegor Aushev, be held culpable for the commission of cyber operations conducted by IT Army during the invasion against Ukraine? 364 Chapter 5 Conclusions 370 5.1 An overall summary of cyber operations during the Russian invasion of Ukraine 370 5.1.1 The abstract of factual circumstances observed 370 5.1.2 The summary of legal analysis of IHL application 372 5.2 Challenges and difficulties of applying the Tallinn Manual 2.0 rules to the cyber operations in Ukraine 374 5.2.1 The lack of universal threshold to assess a cyber attack 374 5.2.2 The lack of concrete standards for assessing the causal link 375 5.2.3 Fragmented organizations of cyber operators 377 5.2.4 Difficulties of attribution to a certain State 378 5.2.5 Requirements for sufficient evidence of attribution 381 5.2.6 The lack of incentives to establish universal IHL norms to govern cyber operations 382 5.3 A review of the progress made by the Tallinn Manual 2.0 regarding jus in bello in the cyber context 383 5.3.1 The ambiguity of the status of an individual participating in a certain cyber operation 384 5.3.2 The overemphasis of the physical harm and damages of cyber operations 385 5.3.3 The lack of an implicit standard to delineate the causal link 387 5.4 Suggestion and proposals 388 5.4.1 To conduct an overall review and update of the existing treaties regarding IHL 388 5.4.2 To establish a global database to record relevant cyber incidents 389 5.4.3 To create a mechanism for transnational cooperation 390 Bibliography 394 Books 394 Book sections 396 Journal Articles 397 Conference papers and proceedings 401 Government documents 403 Working papers, reports and other web contents 405 Appendix 408 List of tables Table 1 The main security principles and requirements in a smart grid and types of attacks designated against it 265 Table 2 The four types of data integrity and their definitions 267 Table 3 The attack framework combining Cyber Kill Chain, STRIDE, and ATT7CK frameworks 329	-
dc.language.iso	en	-
dc.title	《塔林手冊2.0》與網路戰：以俄羅斯針對烏克蘭之網路行動為例之國際人道法案例分析	zh_TW
dc.title	The Tallinn Manual 2.0 and Cyber Warfare: A Case Study of Russia’s Cyber Operations in Ukraine	en
dc.type	Thesis	-
dc.date.schoolyear	111-2	-
dc.description.degree	碩士	-
dc.contributor.oralexamcommittee	姜皇池;李怡俐	zh_TW
dc.contributor.oralexamcommittee	Huang-Chih Chiang;Yi-Li Lee	en
dc.subject.keyword	國際人道法,武裝衝突,塔林手冊2.0,網路攻擊,網路戰,2022烏俄戰爭,	zh_TW
dc.subject.keyword	international humanitarian law,armed conflict,the Tallinn Manual 2.0,cyber operation,cyber attack,Russian invasion of Ukraine,	en
dc.relation.page	411	-
dc.identifier.doi	10.6342/NTU202303865	-
dc.rights.note	未授權	-
dc.date.accepted	2023-08-16	-
dc.contributor.author-college	法律學院	-
dc.contributor.author-dept	科際整合法律學研究所	-
顯示於系所單位：	科際整合法律學研究所

文件中的檔案：

檔案	大小	格式
ntu-111-2.pdf 目前未授權公開取用	2.2 MB	Adobe PDF

顯示文件簡單紀錄

系統中的文件，除了特別指名其著作權條款之外，均受到著作權保護，並且保留所有的權利。