GNSS Cybersecurity Threats: An International Law Perspective - Inside GNSS

GNSS Cybersecurity Threats: An International Law Perspective

 

Hostile cyber operations such as jamming and spoofing of GNSS signals are a growing concern. While they do not cause major damages to the satellite navigation system as such, they can have severe effects on critical national infrastructures and many other systems. Here, we address how international telecommunications law as well as the international law on the prevention of war apply in this context.

Warfare is increasingly shifting from physical to virtual. States are already conducting, or at least are preparing, to wage war in cyberspace. According to the Tallinn Manual on the International Law Applicable to Cyber Warfare, cyberspace is “the environment formed by physical and non-physical components, characterized by the use of computers and the electro-magnetic spectrum, to store, modify, and exchange data using computer-networks.” To achieve objectives in or through cyberspace cyber capabilities might be employed (“cyber operations”). In the context of cyber operations that are undertaken to achieve the objective to cause injury or death to persons or damage or destruction to objects, some refer to the term “cyber-attack”, others refer to the term “cyber warfare”. Cyber operations directed towards particular radio signals or services are broadly referred to as “interference”. Overall, there is not yet commonly agreed terminology. Use of the above-mentioned terms does not necessarily imply that the cyber operations in question can be qualified as an attack, an act of war, or as interference in terms of law. To avoid confusion and legal pre-judgements, in the following the more generic term hostile cyber operations is used. 

Hostile cyber operations pose significant threats to space assets. Global navigation satellite satellites (GNSS) are specifically vulnerable in this respect considering the very low power of their signals and services. Due to their importance for military operations, for critical national infrastructure and key economic sectors, they may also constitute primary targets in future warfare. Several incidents of hostile cyber operations against GNSS, namely caused by jamming and spoofing, have been reported. Other types of operations against space assets, such as hacking or eavesdropping of communications satellite systems, are also technically possible, even if no cases have been publicly reported so far. 

Cases of jamming are often not intentional and often have only very short-term and geographically limited impacts. They only concern the national sphere of a State and are not caused by other State actors. However, hostile cyber operations are also conducted by States or non-State actors attributable to them. This is where international law becomes relevant. 

This article explores the international law applicable to hostile cyber operations against GNSS. Some commentators argue that international law falls silent in the face of the challenges of the digital age. However, it is common consensus among States that existing international law is also applicable to cyber operations, though most of the rules that may come into play were developed before the digital age. It is thus required to assess how to apply existing rules to hostile cyber operations. 

Legal Framework Applicable to Hostile Cyber Operations

Legal aspects associated to hostile cyber operations against GNSS mainly concern international telecommunications law, namely the ITU body of agreements and regulations on the use of radio frequencies, as well as the international law on the prevention of war (ius contra bellum).

The ITU Legal Framework

The functioning of GNSS is dependent on the use of dedicated radio frequencies. The international legal framework governing the use of radio frequencies is primarily determined by the ITU Constitution and the ITU Radio Regulations (ITU RR). In its Art. 44 (2), the ITU Constitution states that:

“Radio frequencies and any associated orbits […] are limited natural resources and that they must be used rationally, efficiently and economically […] so that countries or groups of countries may have equitable access to those orbits and frequencies.” 

As regards the utilization of this limited natural resource, Art. 45 (1) of the ITU Constitution provides that:

“All stations, whatever their purpose, must be established and operated in such a manner as not to cause harmful interference to the radio services or communications of other Member States or of recognized operating agencies, or of other duly authorized operating agencies which carry on a radio service, and which operate in accordance with the provisions of the Radio Regulations.” 

Article 1.169 of the ITU Radio Regulations (RR) defines harmful interference as:

“Interference which endangers the functioning of a radio navigation service or of other safety services or seriously degrades, obstructs, or repeatedly interrupts a radio communication service operating in accordance with Radio Regulations.”

According to Art 1.166 of the ITU RR, the term interference means: 

“The effect of unwanted energy due to one or a combination of emissions, radiations, or inductions upon reception in a radio communication system, manifested by any performance degradation, misinterpretation, or loss of information which could be extracted in the absence of such unwanted energy”. 

In the context of GNSS, interference is to be considered as harmful interference to the extent that unwanted energy endangers the functioning of a radio navigation service provided by such systems or prevents the proper use of such service. 

No ITU definition or rule specifically distinguishes between intentional and unintentional harmful interference. With multiple technologies, systems and operators operating in frequency bands for the radio-navigation service or nearby, the potential for unintentional interference is generally growing. Hostile cyber operations against GNSS, however, clearly fall in the category of intentional harmful interference.

Under the ITU Radio Regulations, States have the obligation to stop harmful interference to stations of other countries, independent whether the interference is caused by public or private stations. In addition, States have to observe the general obligation under Article 15 (4) of the ITU Constitution that: 

“It is essential that Member States exercise the utmost goodwill and mutual assistance in the application of the provisions of Article 45 of the Constitution and of this Section to the settlement of problems of harmful interference.” 

In case of harmful interference, States can request the Radiocommunication Bureau for assistance and the Radio Regulations Board (RRB) may be asked to intervene, Article 13 of the Radio Regulations: 

“When an administration has difficulty in resolving a case of harmful interference and seeks the assistance of the Bureau, the latter shall, as appropriate, help in identifying the source of the interference and seek the cooperation of the responsible administration in order to resolve the matter, and prepare a report for consideration by the Board, including draft recommendations to the administrations concerned.

When an administration so requests, the Bureau shall, using such means at its disposal as are appropriate in the circumstances, conduct a study of reported cases of alleged contravention or non-observance of these Regulations and shall prepare a report for consideration by the Board, including draft recommendations to the administrations concerned.”

Cases of unintentional interference can usually be solved by way of these procedures. However, the RRB lacks appropriate enforcement measures of any decisions taken in case of intentional harmful interference. When Iran in 2012 caused harmful interference to communications satellites operated by EUTELSAT, the ITU published the following statement: 

“(We are) extremely concerned and alarmed to witness a continuing situation in which satellites operating in accordance with the Radio Regulations and duly recorded in the ITU Master International Frequency Register (MIFR) are the targets of harmful interference. The attention of the Radio Regulations Board (RRB) and of recent World Radio Conferences has been called to such issues, and WRC-12 confirmed that any transmission which has the intent to cause harmful interference to stations of other administrations is an infringement of the ITU Constitution, Convention or Radio Regulations, and, that any station operating in the territory of an administration is under the authority of that administration, even if the station is not authorized. ITU appeals to all its 193 Member States to exercise the utmost goodwill and provide mutual assistance in the application of Article 45 of the ITU Constitution with a view to definitively settling any ongoing and future issues of harmful interference.”

Through the ITU, and eventually other through competent international organizations as well as diplomatic interventions, pressure can be increased on a State to stop harmful interference and to comply with its international law obligations. Not all cases will, however, be resolved by such means. 

International Law on the Prevention of War

Under international law on the prevention of war, hostile cyber operations against GNSS can eventually be considered as a threat or use of force (Art. 4 (2) UN Charter), giving rise to countermeasures by the State affected. Countermeasures by the affected State may also be employed in response to hostile cyber operations against GNSS that constitute a breach of any other international obligation (internationally wrongful act). Subject to specific conditions, hostile cyber operations may even be considered as an armed attack, allowing States affected to undertake individual action under the right of self-defence (Art. 51 UN Charter). Bearing in mind the potentially severe consequences of hostile cyber operations against GNSS, actions of the affected State in response may be based on the so-called plea of necessity. Collective action in response to hostile cyber operations against GNSS may be authorized by the UN Security Council under Chapter VII of the UN Charter when it determines that the respective cyber operation is a threat to the peace, breach of the peace, or act of aggression.  

Threat or Use of Force

Article 2 (4) of the UN Charter states that 

“All Members shall refrain in their international relations from the threat or use of force against the territorial integrity or political independence of any state, or in any other manner inconsistent with the purposes of the United Nations.”

On the meaning of this provision, the International Court of Justice (ICJ) held in the Legality of the Threat or Use of Nuclear Weapons case that the rules governing the use of force “apply to any use of force, regardless of the weapons employed.” The rules governing the use of force may, accordingly, also apply to hostile cyber operations against GNSS.

The question is therefore not whether the prohibition of the threat or use of force is applicable to hostile cyber operations against GNSS but rather when it applies. The Tallinn Manual, which was prepared by an International Group of Experts at the invitation of the NATO Cooperative Cyber Defence Centre of Excellence, provides guidance on this matter. The expert group found that “the mere fact that a computer (rather than a more traditional weapon, weapon system, or platform) is used during an operation has no bearing in whether that operation amounts to a ‘use of force’”. They continued that, “in the cyber context, it is not the instrument used that determines whether the use of force threshold has been crossed, but rather (…) the consequences of the operations and its surrounding circumstances.” In line with these findings, “a cyber operation constitutes a use of force when its scale and effects are comparable to non-cyber operations rising to the level of a use of force”. In absence of a conclusive definitional threshold, several factors were determined for assessing whether to qualify a cyber operation as a use of force. These factors include:

• severity;

• immediacy;

• directness;

• invasiveness;

• measurability of effects;

• military character;

• state involvement;

• presumptive legality.

Based on these considerations, a hostile cyber operation against GNSS can be qualified as an illegal use of force when its scale and effects meet a threshold that is comparable to non-cyber operations rising to the level of a use of force. This needs to be carefully considered on a case-by-case basis, bearing in mind the above factors. In case a cyber operation is to be considered as ‘use of force’, also the threat of such operation is illegal under international law. 

Armed Attack and the Right of Self-Defense

The classification of hostile cyber operations as a threat or use of force is not tantamount to an armed attack. Only the latter would grant the State affected the right to self-defense. Within the framework of the right of self-defense, a State can react to an armed attack with its own use of force, without itself violating the prohibition of the use of force. As the ICJ held in the Military and Paramilitary Activities in and against Nicaragua case, an armed attack must constitute the “most grave forms of the use of force”. In other words, an armed attack “only exists when force is used on a relatively large scale, is of a sufficient gravity, and has a substantial effect.”

Whether this threshold for an armed attack is exceeded is subject to consideration in each individual case. However, an armed attack can be assumed if: “an act or the beginning of a series of acts of armed force of considerable magnitude and intensity […] which have as their consequence […] the infliction of substantial destruction upon important elements of the target State namely, upon its people, economic and security infrastructure, destruction of aspects of its governmental authority, i.e. its political independence, as well as damage to or deprivation of its physical element namely, its territory” occurs. (A Constantinou, The Right of Self-Défense under Customary International Law and Article 51 of the UN Charter, 2000)

In order to cross the threshold of an armed attack, hostile cyber operations against GNSS must therefore have significant and immediate destructive effects, either on the GNSS itself or indirectly. If hostile cyber operations can be considered an armed attack, states are not limited in their right to self-defense to own cyber operations. According to the principle of proportionality, the right self-defense is however limited to what is necessary for repelling of an armed attack. Conversely, if a hostile cyber operation is not to be considered an armed attack, affected States must resort to measures other than the use of force, such as countermeasures or measures compatible with the plea of necessity. A State shall, furthermore, not exercise its right of self-defense when the UN Security Council has already taken measures necessary to maintain international peace and security under the system of collective security laid down in Chapter VII of the UN Charter. 

Countermeasures 

A State may always initiate countermeasures in response to hostile cyber operations against GNSS short of armed attacks, as far as such operations constitute a violation of international obligations and are conducted by or attributable to a State (internationally wrongful act). Countermeasures are possible in response to threat or use of force, harmful interference, or violation of an obligation under international law. Countermeasures are acts or omissions of the affected State against the responsible State which, in principle, would violate international obligations of the former towards the latter, but are justified as countermeasures because of the internationally wrongful act. An affected State may therefore be entitled to act contrary to its international law obligations to ensure that the other State refrains from hostile cyber operations. Limitations on the use of countermeasures in the context of cyber operations include that

• countermeasures may only be taken against States;

• the State must be responsible for the violation (attribution of acts and omissions of non-State actors are of particular concern in this context);

• the countermeasures are taken in order to persuade the responsible State to resume compliance with its international obligations;

• countermeasures must be proportionate to the injury to which they respond. 

Plea of Necessity

A State affected by hostile cyber operation against GNSS, which represents a serious and imminent danger to an essential interest of the affected States, may invoke the so-called plea of necessity. Actions in response to such serious and imminent peril to an essential interest may also include actions which would otherwise be illegal under international law when doing so is the sole means of safeguarding it. According to the official commentary to the Draft articles on Responsibility of States for Internationally Wrongful Acts, “[t]he term “necessity” (état de nécessité) is used to denote those exceptional cases where the only way a State can safeguard an essential interest threatened by a grave and imminent peril is, for the time being, not to perform some other international obligation of lesser weight or urgency.” 

Unlike countermeasures, the plea of necessity does not require that the peril is attributable to another State, nor does it require the prior unlawful conduct of another State. Thus, a State may resort to the plea of necessity in response to hostile cyber operations against GNSS, if the exact nature and origin of such operations are unclear or if the operations cannot be reliably attributed to another State. To safeguard against possible abuse, these special features make it necessary that the plea of necessity is subject to strict limitations. These limitations include:

• that necessity may only be invoked to safeguard an essential interest;

• that, whatever the interest may be, it needs to be threatened by a grave and imminent peril;

• that this peril needs to be imminent;

• that States are obliged to resort to other (otherwise lawful) means available, even if they may be more costly or less convenient;

• that the conduct of a State to safeguard an essential interest must not seriously impair an essential interest of the other State or States concerned, or of the international community as a whole;

• that necessity cannot be invoked, if the State in question has contributed to the situation of necessity.

Collective Security

If the UN Security Council determines that there is a threat to peace, a breach of peace or an attack, it will decide which measures are to be taken to maintain or restore international peace and security. Within this context, the UN Security Council may authorize measures which may not necessarily involve the deployment of armed forces or measures by air, sea or land. In fact, measures approved by the UN Security Council as a reaction could also include cyber operations.

Depending on the individual case and its specific implications, the UN Security Council may determine that hostile cyber operations against GNSS pose a threat to peace, a breach of peace or an act of aggression. While the Security Council must determine that one of these cases is met, it has become standard practice for the Security Council to make a general statement in the respective resolution that it is acting under Chapter VII of the UN Charter. 

GNSS Vulnerability and Recent Cases 

Reports of cyber operations against GNSS so far almost exclusively concern jamming and spoofing of GNSS signals. 

Jamming refers to the interruption of a receiver’s communication with a satellite by superimposing the signals sent to or from the satellite. In practice, this is done by using a signal with the same frequency but with significantly higher power. From a technical point of view, the term satellite jamming thus refers to the flooding or overpowering of the targeted radio frequencies with electronic noise, so that the disturbed signals do not reach their destination. 

Spoofing, in contrast, refers to the mimicking of the characteristics of a true signal so that the user receives the counterfeit (spoofed) signal instead of the real one. In June 2012, a team at the University of Texas at Austin demonstrated the controlled capture of a civil drone using spoofing technology.

Neither jamming nor spoofing directly cause physical damage or destruction of the station emitting or receiving GNSS signals. As a direct consequence, they result in 

• partial or complete loss of Positioning, Navigation and Timing (PNT) services; and

• jumps in time, position, or direction resulting in reduced accuracy. 

However, the partial and complete loss of PNT services or jumps in time, position, or direction may have severe secondary effects, some of which may affect critical national infrastructures or other important systems and applications. 

In the following, some examples of reported cases are provided. 

In January 2007, there was an approximately two-hour GPS outage in San Diego, California. Due to the failure, the system for tracking arriving aircraft at the airport did not function correctly. In the harbour, the traffic management system failed. The Naval Medical Centre reported a malfunction of its medical paging system. In addition, disbursement orders at ATMs were rejected. According to reports, the failure was related to unintentional interference caused by a U.S. Navy training exercise. 

In March 2011, a De Havilland DHC-7 U.S. spy aircraft carrying out joint exercises with South Korea was allegedly forced to perform an emergency landing in reaction to GPS jamming from the vicinity of the exercise.

In March 2016, a South Korean representative informed the general public that GPS signals in Seoul and Incheon were being jammed by radio waves from beyond the national border. According to South Korea, the disruptive signals were emanating from Haeju and Mount Kumgang in North Korea. In a letter dated April 2016 to the UN Security Council, South Korea held that the alleged GPS downlink jamming by North Korea “poses a threat to the security of the Republic of Korea and undermines the safety of civil transportation, including aircraft and vessels”. In June 2016, the board of the International Civil Aviation Organization (ICAO) decided to send a warning to North Korea with regard to the GPS jamming in South Korea.

Between June and October 2017, over 600 spoofing incidents were reported in the Black Sea. Spurious GPS signals allegedly placed seagoing vessels hundreds of miles from their true position. Whilst some commentators presumed that Russia was testing a new system for spoofing GPS, others concluded that the spoofing was probably not done on purpose, but rather resulted from a GPS re-radiator transmitter located at an airport. 

In October 2018, the Finnish and Norwegian aviation authorities issued a warning to commercial pilots operating flights in the Arctic Circle. According to this warning, GPS signals in the region were severely disturbed, so pilots were advised to use other navigation methods to land at the northernmost airports of the countries. A respective jamming of GPS signals has allegedly been discovered in the Norwegian border areas close to Russia’s Kola Peninsula. Some Norwegian representatives speculated that this was just a careless side effect of Russian military exercises. Others presumed that they were part of a larger geopolitical strategy. 

In the same month, just days before the start of Trident Juncture, NATO’s largest military exercise since the Cold War, Norway issued a similar warning and again indicated a Russian involvement in disrupting the signals. 

Irrespective whether or not the above-mentioned incidents were deliberately caused by hostile cyber operations of States, they provide clear evidence on the potential secondary effects of jamming and spoofing of GNSS signals on critical national infrastructures and many other systems and applications.

A UK Government study on critical dependencies on satellite-derived time and position signals concluded that GNSS signals “are inherently weak and vulnerable to interference. Receivers struggle in built-up environments. Meanwhile, the threats posed by accidental and deliberate interference and cyber-attack are steadily evolving.” According to the study, critical infrastructures vulnerable for hostile cyber operations against GNSS include:

• Communications—using GNSS for timing, synchronization and provision of reference frequencies;

• Emergency services—using GNSS data from a caller’s phone to locate the emergency; and navigating there rapidly and successfully;

• Energy—using time synchronization for the transmission of electricity across a country or region;

• Finance—using GNSS precision timing for transactions driven by algorithmic trading;

• Food—using GNSS signals for precision agriculture, as well as for just-in-time supply chains; 

• Transport—using GNSS for air-, road-, rail-, and marine-navigation, whilst a country as a whole relies on the logistics and travel networks enabled by these sectors. 

On GNSS vulnerabilities of air traffic for cyber operations such as jamming or spoofing, ICAO endorsed Recommendation 6/7 on assistance to States in mitigating GNSS vulnerabilities at the 12th Air Navigation Conference in 2012. The Recommendation provides that States shall develop a mechanism with the ITU and other appropriate UN bodies to address specific cases of harmful interference of GNSS signals reported by States to ICAO. According to Recommendation 6/8 of the same 2012 Air Navigation Conference, it is the responsibility of ICAO Member States to 

• assess the likelihood and effects of GNSS vulnerabilities in their airspace and apply, as necessary, recognized and available mitigation methods; 

• provide effective spectrum management and protection of GNSS frequencies to reduce the likelihood of unintentional interference or degradation of GNSS performance; 

• report to ICAO cases of harmful interference with GNSS that may have an impact on international civil aviation operations; 

• develop and enforce a strong regulatory framework governing the use of GNSS repeaters, pseudolites, spoofers, and jammers.

Classifying Hostile Cyber Operations

Bearing in mind the potential effects of GNSS jamming and spoofing on critical infrastructures, the questions arise as to whether these effects reach the threshold of harmful interference, of the threat or use of force, or of an armed attack and what actions can lawfully be undertaken by affected States. 

GNSS jamming and spoofing are clearly cases of interference, since they cause performance degradation, misinterpretation, or loss of information. As they endanger the functioning of the radio navigation services provided by the GNSS, they are also to be considered as harmful interference in terms of the ITU’s legal framework. 

The potential effects of cyber operations against GNSS on critical infrastructures can have such scale and effects that they can reach a threshold comparable to non-cyber operations rising to the level of a use of force. However, it might be difficult to identify the originator of the cyber operations in question. In case the operations are undertaken by non-State actors, attribution of the action to a State may also not be easy. Furthermore, damages are often not a direct consequence of the cyber operations. As an example, decisions made by a pilot in the course of manual navigation due to GNSS signal outage or degradation caused by jamming could lead to a collision. Nonetheless, it might be difficult to establish a direct causal link between the act of jamming and the collision, as it is rather the direct consequence of the decisions made by the pilot. However, if a navigation system of an autonomous system is intentionally spoofed to cause a collision, a direct causal relationship between the act of spoofing and the collision may be established. 

In extremely rare circumstances, the scale and effect of jamming or spoofing of GNSS signals may cross the threshold of an armed attack giving rise to the right of self-defence. When assessing whether the threshold of an armed attack is reached, it should be taken into account that the right of self-defence is one of the rare exceptions of the prohibition to use force under international law and therefore requires a narrow interpretation. An armed attack should thus not easily be assumed in the context of hostile cyber operations against GNSS. Cyber operations that involve a temporary or geographically limited interruption of non-essential services should not qualify as an armed attack. Even if the source of the attack can be located and attributed to a State, additional conditions must be fulfilled before the right of self-defense can be actually exercised, particularly the condition that the attack must still be ongoing.

An U.S. Air Force official recently made clear that in case U.S. satellites were attacked (by hostile cyber operations), there is no ambiguity that “the right to use force in self-defence applies”. This does not mean that a State can easily resort to the right of self-defense. It rather means that, in the view of the U.S. Air Force, the right of self-defense is generally applicable in the context of hostile cyber operations against space assets. 

In response to jamming or spoofing which does not reach the threshold of an armed attack, but which is otherwise contrary to international law, States may resort to countermeasures to cause the responsible State to resume compliance with its international obligations, namely, not to cause harmful interference. Such countermeasures may also include own hostile cyber operations. For example, an affected State may be entitled to also jam or spoof signals of the State which is the originator of hostile cyber operations to cause it to resume compliance with its international obligations. However, the State resorting to countermeasures must notify the originator of such jamming and/or spoofing activities and must offer negotiations. Additionally, States shall not resort to the right of countermeasures when the internationally wrongful act has already ended. Accordingly, it is required that the jamming and/or spoofing is still ongoing or is likely to be repeated. On the potential use of countermeasures in response to hostile cyber operations against space assets, an U.S. Air Force official stated that “below an armed attack, the most applicable response is a countermeasure”. At the same time, he admitted the shortcomings of the use of countermeasures in response to hostile cyber operations against space assets, such as the requirement of proportionality.

If the hostile cyber operation against GNSS signals has been carried out by non-State actors that cannot be attributed to any State, the affected State cannot respond by resorting to countermeasures, as these are only allowed against States. In such case, the affected State can however take action based on the plea of necessity, arguing that the hostile cyber operations against GNSS constitute a grave and imminent peril to essential interests of the State. The notion of essential interest is vague in international law and its interpretation may vary from State to State. In case a GNSS or other system which rely on GNSS signals is designated as a critical infrastructure, this may indicate its essentiality. Nonetheless, a mere unilateral description of infrastructure as critical should not be sufficiently determinative. Furthermore, even if jamming or spoofing of GNSS signals may target an infrastructure of essential interest, the harm posed to that interest must be grave. A minor degradation of service or mere inconvenience therefore would not suffice to resort to the plea of necessity. If jamming or spoofing of GNSS signals targets critical infrastructure in a manner that causes severe negative impacts on a State’s security, economy, public health, safety, or environment, e.g. ground flights nation-wide or halt all train traffic, clear grounds for the plea of necessity should be given. 

Collective actions in response to jamming or spoofing of GNSS signals, including forcible or non-forcible (cyber-)measures, may be authorized by the UN Security Council when it determines that the jamming or spoofing constitutes a threat to the peace, breach of the peace, or an act of aggression. Even though the UN Security Council did so far not qualify hostile cyber operations accordingly, it would be within its authority. In view of the above-mentioned cases, it can however be doubted whether the UN Security Council will ever reach such decision with its current composition.

Conclusions 

Hostile cyber operations such as jamming and spoofing of GNSS signals are becoming a growing concern. Even though jamming and spoofing do not cause substantial damages to the satellite navigation system as such, they potentially have severe (secondary) effects on critical national infrastructures and many other systems and applications. Technology demonstrations such as the capturing of a drone using spoofing technology further underline how these technologies can be employed as means of cyber warfare. 

International telecommunications law as well as the international law on the prevention of war are generally applicable in the context of hostile cyber operations. 

Under the ITU legal framework, jamming and spoofing qualify as harmful interference if they cause performance degradation, misinterpretation, or loss of information of the targeted systems, signals and services. While States are generally obliged to eliminate harmful interference, the ITU lacks effective enforcement measures. Intentional harmful interference caused by hostile cyber operations may not always be prevented by the measures available. 

The application of the laws on the prevention of war, in contrast, strongly depends on the concrete effects of the hostile cyber operation in the individual case. While hostile cyber operations may potentially have severe (secondary) effects, these should not be overestimated in terms of the applicable public international law. As with the use of conventional weapons, only activities with most severe impacts may qualify as armed attacks conferring the right to self-defence. Nor are such activities necessarily a threat to the peace, breach of the peace, or act of aggression potentially giving rise to collective action authorized by the UN Security Council. Below the level of an armed attack or a threat to the peace, breach of the peace, or act of aggression, hostile cyber operations may however be qualified as threat or use of force or as the breach of any other international obligation. In such case, the State affected may take countermeasures within the limits of proportionality. The State resorting to countermeasures must notify the originator State of such jamming and/or spoofing activities and must offer negotiations. 

As the scope of international law is limited to State actors (and other subjects of international law such as international organizations) attribution will, in practice, be difficult when hostile cyber operations are undertaken by non-State actors. 

Additional Resources

(1) Charter of the United Nations, 24 October 1945, 1 UNTS XVI, under http://www.un.org/en/charter-united-nations/  

(2) Constitution and Convention of the International Telecommunication Union, 1 July 1994, 1825 UNTS 1826, under https://treaties.un.org/doc/Publication/UNTS/Volume%201825/volume-1825-I-31251-English.pdf 

(3) Curran et. al., A Look at the Threat of Systematic Jamming of GNSS, Inside GNSS September/October 2017, 46, under https://www.insidegnss.com/auto/sepoct17-CURRAN.pdf 

(4) Dovis (ed), GNSS—Interference Threats and Countermeasures, 2015

(5) Fouche and Adomatis, Joining Finland, Norway says Russia may have jammed GPS signals in Arctic, 2018, under https://www.reuters.com/article/us-nordic-russia-defence/joining-finland-norway-says-russia-may-have-jammed-gps-signal-in-arctic-idUSKCN1NI267

(6) Goff, Reports of Mass GPS Spoofing Attack in the Black Sea Strengthen Calls for PNT Backup, Inside GNSS 24 July 2017, under https://www.insidegnss.com/node/5555 

(7) Goff, South Korea Developing an eLoran Network to Protect Ships from Cyber Attacks, Inside GNSS 23 August 2017, under https://www.insidegnss.com/node/5598

(8) International Civil Aviation Organization, Recommendation 6/7 of the 12th Air Navigation Conference (2012)—Assistance to States in mitigating global navigation satellite system vulnerabilities

(9) International Civil Aviation Organization, Recommendation 6/8 of the 12th Air Navigation Conference (2012)—Planning for mitigation of global navigation satellite system (GNSS) vulnerabilities

(10) International Court of Justice, Legality of the Threat or Use of Nuclear Weapons, Advisory Opinion, I.C.J. Reports 1996, p. 226, under http://www.icj-cij.org/files/case-related/95/095-19960708-ADV-01-00-EN.pdf 

(11) International Court of Justice, Military and Paramilitary Activities in and against Nicaragua (Nicaragua v. United States of America). Merits, Judgment, I.C.J. Reports 1986, p. 14, under http://www.icj-cij.org/files/case-related/70/070-19860627-JUD-01-00-EN.pdf 

(12) International Law Commission, Articles on Responsibility of States for Internationally Wrongful Acts with commentaries, Annex to General Assembly resolution 56/83 of 12 December 2001, under http://legal.un.org/ilc/texts/instruments/english/commentaries/9_6_2001.pdf 

(13) International Telecommunication Union Radio Regulations, Edition of 2016, under https://www.itu.int/pub/R-REG-RR/en 

(14) Nilsen, Construction workers frustrated with GPS jamming near border to Russia, 2019, under https://rntfnd.org/2019/02/11/gps-jamming-interferes-with-construction/

(15) Nilsen, Norway Jammed Again—Replacing South Korea as Nation with the “Most Jammed GPS?”, 2019, under https://rntfnd.org/2019/01/11/norway-jammed-again-replacing-south-korea-as-nation-with-most-jammed-gps/

(16) Nilsen, Norway tired of Russia’s electronic warfare troubling civilian navigation: “Unacceptable and risky”, 2019, under https://rntfnd.org/2019/01/21/norway-protests-regular-russian-jamming-gps-barents-observer/

(17) Rawnsley, North Korean Jammer Forces Down U.S. Spy Plane, Wired 9 December 2011, under https://www.wired.com/2011/09/north-korean-jammer-forces-down-u-s-spy-plane/ 

(18) Roscini, Cyber Operations and the Use of Force in International Law, 2014

Schmitt / Vihul (eds), Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations, 2017

(19) Scott, Spoofing—Upping the Anti, Inside GNSS July/August 2013, 18, under https://insidegnss.com/wp-content/uploads/2018/01/IGM_TLS07_13.pdf 

(20) Scott, Spoofs, Proofs & Jamming – Towards a Sound National Policy for Civil Location and Time Assurance, Inside GNSS September/October 2012, 42, under https://insidegnss.com/spoofs-proofs-jamming/ 

(21) Tsagourias and Buchan, Research Handbook on International Law and Cyberspace, 2017

(22) UK Government Office for Science, Satellite-derived Time and Position: A Study of Critical Dependencies, 2017, under https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/676675/satellite-derived-time-and-position-blackett-review.pdf 

(23) Ward, Interference & Jamming – (Un)intended Consequences, Inside GNSS March/April 2012, 28, under https://www.insidegnss.com/auto/IGM_TLS07_12.pdf 

(24) Wright, Grego and Gronlund, The Physics of Space Security: A Reference Manual, 2005, under https://www.ucsusa.org/sites/default/files/legacy/assets/documents/nwgs/physics-space-security.pdf

Authors

Ingo Baumann is the column editor for GNSS & the Law, and the co-founder and partner of BHO Legal in Cologne, Germany, a boutique law firm for European high technology projects mainly in the space sector. Ingo studied law at the Universities of Muenster and Cologne. His doctoral thesis, written at the Institute for Air and Space Law in Cologne, examined the international and European law of satellite communications. Baumann worked several years for the German Aerospace Centre (DLR), including as head of the DLR Galileo Project Office and CEO of the DLR operating company for the German Galileo Control Center.

Erik Pellander is research assistant at BHO Legal since 2011. Before. Erik working at the Institute of Air and Space Law, Cologne, as well as at the legal department of the German Space Agency (DLR). During his studies, he was a scholarship student of the German Academic Exchange Service (DAAD) at the National Law School of India University in Bangalore. Erik was the winner of the 2010 European Regional Round of the Manfred Lachs Space Law Moot Court Competition and is author of several publications in the area of space law and international environmental law.

Nana Baidoo is associate lawyer at BHO Legal since 2018. His practice focuses on public procurement law, contract law and export control law, particularly with regard to aerospace, defence and security programs. Nana studied law at the Universities of Muenster and Bristol (UK). In the course of his legal clerkship, Nana passed through training stations at the ICT/Aerospace/Defence teams of a leading German law firm as well as at Airbus Defence & Space’s export compliance division. Nana is a reserve officer of the German Armed Forces in the rank Major, member of the German Reservists Association (VdRBw), and German delegate for the CIOR Young Reserve Officers Committee. 

Ingo Baumann is the column editor for GNSS & the Law, and the co-founder and partner of BHO Legal in Cologne, Germany, a boutique law firm for European high technology projects mainly in the space sector. Ingo studied law at the Universities of Muenster and Cologne. His doctoral thesis, written at the Institute for Air and Space Law in Cologne, examined the international and European law of satellite communications. Baumann worked several years for the German Aerospace Centre (DLR), including as head of the DLR Galileo Project Office and CEO of the DLR operating company for the German Galileo Control Center.