An Unconventional Approach: Syria and Cyber Attacks

  • E-mail E-mail
  • Google+
  • Submit to Reddit Reddit

While the debate on the U.S. approach to Syria’s chemical weapons dominated the headlines, one headline that quickly disappeared concerned a Syrian-based cyber attack against the New York Times. The Syrian Electronic Army (S.E.A.), “a group of hackers who support President Bashar al-Assad of Syria,” laid claim to intentionally bringing down the New York Times website for most of the day on August 27.[1] The offensive included “an online attack on the company’s domain registrar” and “also forced employees of The Times to take care in sending emails.”[2] Notably, the S.E.A. claims no ties to the Syrian government, though President al-Assad reportedly referred to the group as “a real army in a virtual reality.”[3]

The S.E.A. previously attempted similar attacks against websites of other notable news sources, including the Washington Post, CNN, and the Financial Times.[4] Perhaps most notably, the S.E.A. hacked the Twitter account for the Associated Press last April, posting a fake tweet which read, “Breaking: Two Explosions in the White House and Barack Obama is injured.”[5] While the tweet was soon revealed to be false, the attack resulted in a 145-point dip in the Dow Jones Industrial Average.[6]

Until now, no cyber attack has conclusively been attributed to a state.[7] However, with the growing prowess and technical capabilities of the S.E.A. and the continuing turmoil in Syria, being able to directly attribute the S.E.A. attacks to the Syrian government may have bolstered claims by the U.S. for a military strike on Syrian targets.

The U.N. charter prescribes only two scenarios in which a state can legitimately use force against another state: (1) when the U.N. Security Council approves a collective security action;[8] or (2) in self-defense in response to an armed attack.[9] With the unanimous Security Council agreement to remove all chemical weapons from Syria, the U.S. ultimately backed down from its call for a military strike against Syria.[10] But for the Security Council agreement, to claim self-defense, the U.S. needed to only show that an attack, such as a cyber attack, rose to the level of an “armed attack.”[11]

The U.S. has argued that “[c]onsistent with the United Nations Charter, states have an inherent right to self-defense that may be triggered by certain aggressive acts in cyberspace.”[12] Such an argument, though, should “be restricted to those attacks which cause physical damage to property or persons of sufficient scale and effect.”[13]

The cyber attacks against the New York Times, Washington Post and CNN would likely not rise to the level of an armed attack as they appear neither adequately aggressive, nor did they cause any physical damage. The websites were disrupted for a number of hours, at most a day, ultimately resulting in a mere inconvenience for those seeking the news online. However, the April attack on the Associated Press Twitter account comes much closer to that of an armed attack because of the severity of the impact to the stock market. In the three minutes between the posting of the tweet and the revelation that it was a false posting, $136 billion in equity market value disappeared.[14] In another two minutes, the market had returned to its pre-tweet levels.[15] But what if it had not? What if the misinformation was not revealed and the stocks had tumbled for longer, causing a much deeper and darker fall? Would that economic loss constitute sufficient damage to property to merit an armed attack?

No state has yet argued that a specific cyber attack rose to the level of an armed attack,[16] justifying the use of self-defense. However, with the international growth in capability and willingness to engage, that day seems to be fast approaching. States would be wise to remain wary of the new capabilities of their fledgling cyber entities. Next time the headlines might not disappear so quickly.


[1] See Christine Haughney and Nicole Perlroth, Times Site is Disrupted in Attack by Hackers, N.Y. Times (Aug. 27, 2013), available at http://www.nytimes.com/2013/08/28/business/media/hacking-attack-is-suspected-on-times-web-site.html?_r=2.

[2] Id.

[3] Id.

[4] Id.

[5] See Laura Smith-Park and Dominique Van Heerden, What is the Syrian Electronic Army?, CNN (Apr. 25, 2013), available at http://www.cnn.com/2013/04/24/tech/syrian-electronic-army.

[6] Id.

[7] See Heather H. Dinniss, Cyber Warfare and the Laws of War 53 (2012).

[8] See U.N. Charter arts. 39, 41, 42.

[9] Id. at art. 51.

[10] See Associated Press, U.N. Says Destruction of Syria’s Chemical Weapons Underway, CBS News (Oct. 6, 2013), available at http://www.cbsnews.com/news/un-says-destruction-of-syrias-chemical-weapons-underway/.

[11] See Oona A. Hathaway et al., The Law of Cyber-Attack, 100 Calif. L. Rev. 817, 844 (2012).

[12] President of the United States of America, International Strategy For Cyberspace: Prosperity, Security, and Openness in a Networked World 10 (2011), available at http://www.whitehouse.gov/sites/default/files/rss_viewer/international_strategy_for_cyberspace.pdf.

[13] Dinniss, supra note 7, at 113.

[14] See Max Fisher, Syrian Hackers Claim AP Hack that Tipped Stock Market by $136 Billion. Is it Terrorism?, Washington Post (Apr. 23, 2013), available at http://www.washingtonpost.com/blogs/worldviews/wp/2013/04/23/syrian-hackers-claim-ap-hack-that-tipped-stock-market-by-136-billion-is-it-terrorism/.

[15] Id.

[16] See Hathaway et al., supra note 11 at 840.


Posted by Stephen A. Moore on Tue. October 8, 2013 8:00 AM
Categories: Cyberwarfare, Syria, U.N. Security Council

Comments for this post are now closed.

UNC School of Law | Van Hecke-Wettach Hall | 160 Ridge Road, CB #3380 | Chapel Hill, NC 27599-3380 | 919.962.5106


If you are seeing this, you are either using a non-graphical browser or Netscape 4.x (4.7, 4.8, etc.) and this page appears very plain. If you are using a 4.x version of Netscape, this site is fully functional but lacks styles and optimizations available in other browsers. For full functionality, please upgrade your browser to the latest version of Internet Explorer or Firefox.