treaties are thought not to apply during international armed conflicts.120 Critically, international communications law currently contains no direct and specific prohibition against the conduct of information operations by military forces, even in peacetime. As a result, though Articles 35 and 38 of the ITU are potentially useful in developing felony statutes to deal with state-sponsored IW perpetrators, the regime has little utility in crafting a comprehensive legal framework to deal with state-sponsored cyber attacks that have risen to the level of an armed attack.
U.S. Cyber Law Applied to Information Warfare
Cyber law is a relatively new phenomenon. It has to be – in 1988, there were only sixty thousand computers connected to the internet, all at research institutions.121 Initial efforts at cyber security in the U.S. occurred after the first internet worm on November 2, 1988 when a Cornell graduate student infected MIT’s burgeoning network from Ithaca.122 The attack exposed difficulties in U.S. law that would make the prosecution of cyber attackers exceedingly difficult.123 As a direct result, USCERT was founded. Its largely successful track record though is not entirely a commentary on its ability, but goes more to the fact that there have been so few major malicious viruses and worms since 1988.124
121 Jonathan Zittrain, The Future of the Internet and How to Stop It 36 (2008).
123 U.S. General Account Office, GAO/IMTEC-89-57, Virus Highlights Need for Improved Internet Management (1989).
124 Zittrain, supra note 121 at 44.