사이버 공격에 대한 전쟁법 적용의 한계와 효율적 대응방안

Korean society has severely been depending on computer networks and information systems since late 1990s. However lots of cyber attacks have made damages against these computer systems and disturbed their functions. Some of these attacked presumed to be sponsored by adversed state. There has been no clear concept on cyber attack and cyber war. Some commentators and scholars have argued that cyber attack, having large scopes, long durations, high intensity should be regarded as an armed attack. They have also argued that the a state suffered the cyber attack should response against it with a cyber war as a self defence, according to the U.N. Charter. However, it is hardly to say that cyber attack should have the equivalent with an armed attack. It is also hard to prove a state has committed cyber attacks, resulting huge damages, with clear and convincing evidences. Therefore it is difficult for the victim state to claim a liability against the attacking state. Some scholars and commentators has argued, to respond the severe cyber attack, which could be considered as a cyber war, the victim state can use kinetic force. However the use of kinetic weapons in responding against cyber attacks shall not be appropriate because it shall not be permitted under the law of war principles such as necessity and proportionality. Therefore it would be better to respond a cyber attack with constant efforts such as monitoring cyber attacks and threats on computer networks and information systems, reducing vulnerabilities and establishing sound policies, without cyber war. When we could choose a cyber war in responding against cyber attack, we should follow domestic war making process, because cyber war is a kind of a war. Under the Constitution of Republic of Korea, the president shall declare war with approval of National Assembly. When a high level decision maker want to launch cyber war, he/she shall urge the president should declare war with approval of National Assembly. This would bring chaos in Korean society and make withdrawal of foreign invest money and people would feel fear about real war. Following these domestic war making process, it could lead this society to lose the chance to respond against cyber attacks with appropriate time and measures. Therefore it would be better for us not to respond cyber attacks with cyber war. To make appropriate countermeasures against cyber attacks, we shall support and enhance the cyber security activities performed by the National Intelligence Service. The agency has been in charge of securing and monitoring governmental computer systems and networks, protecting critical information infrastructures, and supporting private partnership programs and international cooperations. To support and enhance these activities, we shall revise and amend related Acts, Presidential Decrees, and Regulations. However it would increase concerns on appearing of big brother, therefore the cyber security activities performed by the National Intelligence Services shall be controled by National Assembly. When we amend the related Acts and Presidential Decrees, we shall inscribe clauses describing that National Assembly shall have the authority to monitor and approve the cyber security activities, and National Intelligence Service shall report the activities periodically.