사이버전의 국제법적 분석을 위한 기본개념의 연구- Tallinn Manual의 논의를 중심으로 -

Cyber attack is often mentioned even in ordinary media everywhere. Nevertheless, cyber attack has a genuine status with its own meaning in international law. In this respect, cyber attack is understood as a malicious activity through cyber operation using internet or information and communication technologies. A group of international law experts recently published Tallinn Manual on the international law applicable to cyber warfare (hereinafter ‘Tallinn Manual’). This paper is aimed at exploring the basic concepts of cyber warfare on the basis of Tallinn Manual. Tallinn Manual tried to identify existing international law applying to cyberspace, and to confirm the applicability of jus ad bellum and jus in bello to cyber warfare. Unlike the assessment of the ordinary media, Tallinn Manual is not authoritative as such with respect to its subject matter, i.e. international law applicable to cyber warfare partly because it was written by the experts in their individual capacity. Nevertheless the significance of Tallinn Manual may not be disparaged in that its achievements are more or less acceptable to most States and other international law experts. In particular the basic tenet of Tallinn Manual is the same as the findings of the report of the UN Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security (hereinafter ‘UNGGE’). The UNGGE rightly acknowledged that international law, and in particular the Charter of the United Nations, is applicable and is essential to maintaining peace and security and promoting an open, secure, peaceful and accessible information and communication technologies environment. The UNGGE also stated that common understandings on how such norms should apply to State behavior and the use of information and communication technologies by States requires further study. This ‘further study’ may be certainly helped by Tallinn Manual in that it almost thoroughly discusses the legal issues on cyber warfare, many of which are not fully or partly agreed among the authors. In this respect Tallinn Manual may work as a source of thoughts for international law of cyber warfare. This paper in particular discusses the so-called ‘Schmitt criteria’ which may be used for determining whether a cyber operation is use of force and/or armed attack in the context of jus ad bellum. The Schmitt criteria were originally created by Prof. Michael Schmitt, and further developed by him, and adopted in Tallinn Manual. Although the Schmitt criteria should be tested in real cases, they are certainly the starting point for the further study of cyber warfare. This paper concludes that international law experts should pay more attention to cyber warfare in Korea, which is under the constant cyber attack and its threat from nearby countries.