This post is also available in: heעברית (Hebrew)

Cyber attacks are where the modern battles take place: Military cyber attacks, like those used by Russia during its invasion of Georgia or political cyber espionage such as the NSA programs revealed by Edward Snowden. There have also been state-backed economic cyber espionage, like those China is suspected of and which were the main topic of Chinese President Xi Jinping’s visit to the United States in September.

Another form of attack frequently occurs, but sits outside these three categories: aggressive cyber attacks during peacetime. Consider some recent state practice: In 2012, it was revealed that the United States and likely Israel had been targeting Iran’s nuclear program with cyber attacks: the first time a cyber attack had caused physical real-world damage. In retaliation, Iran launched a major cyber attack in August 2012 on Saudi Aramco, an Arabian oil company, releasing a virus which replicated itself across 30,000 Saudi Aramco computers and took almost two weeks to recover from.

However, it is not always nation-states that perpetrate the cyber attacks. Criminals and ideologically motivated hackers or extremists also conduct attacks, such as the attacks carried out by the hacking collective Anonymous or the Russian jihadist group accused of hacking U.K. phone company TalkTalk. Even if a nation is the source of attack, it need not always target another state directly. States also direct attacks towards state-related facilities and corporations, private companies, and individuals.

“The frequent use of cyber attacks in peacetime suggests an alluring assumption,” writes Fergus Hanson, author of ‘Internet Wars: The struggle for power in the 21st century’. “They offer states a means of expressing displeasure that is more forceful than a diplomatic statement but is short of lobbing a cruise missile into a foreign capital.” This view, however, writes Hanson, is short-sighted. Such cyber attacks, aimed at causing physical damage are always at a risk of miscalculations.  An attack on an infrastructure, for example, could lead to people’s deaths and in turn cause the people of the country attacked demand retaliation. This might lead to a response perceived as disproportionate, prompting a counter-response, or if the attacking state is incorrectly identified and targeted, the aggrieved innocent state could retaliate.

Referring to cyberspace as the next battlefield, as is it often thought to be, must be followed by new state defined terms of its battle conduct. How can a state be sure whether an attack was perpetrated by another nation-state? Does any attack call for retaliation? On what scale should a counter-attack be? Cyber attacks must be distinguished on a national scale so as to not rush too quickly into a war, cyber or physical.