
The Petya ransomware cyberattack hit computers of Russian and Ukrainian companies on 27 June 2017. Photo by Donat Sorokin/TASS/Getty.
Hostile cyber operations by one state against another state are increasingly common. This paper analyzes the application of the sovereignty and non-intervention principles in relation to states’ cyber operations in another state below the threshold of the use of force.
The author would like to express her sincere thanks to Elizabeth Wilmshurst, Distinguished Fellow, Chatham House, for her invaluable comments, guidance and support in writing this paper.
The analysis in this paper draws upon a number of roundtable meetings held under the Chatham House Rule in 2019 to encourage open and constructive discussion. I would like to thank the participants at those meetings, who gave generously of their time and provided valuable insights. Many thanks also to James Green, Sean Watts, Nicholas Tsagourias, Douglas Wilson, Russell Buchan, Pål Wrange, Joyce Hakmeh, Ruma Mandal and the anonymous peer reviewer for their helpful comments on or relating to the paper. I am also grateful to Jack Kenny for research assistance, to Mike Tsang for editing, and to Chanu Peiris for coordinating the paper.
The views expressed in this publication are the sole responsibility of the author.