Cyber Warfare and International Law: Challenges, Hybrid Warfare and India’s Cyber Security Framework

23 May 2026

Recent tensions involving the United States, Israel, and Iran demonstrate the rise of hybrid warfare, where cyber operations increasingly complement conventional military action and challenge existing international legal frameworks.

Recent cyber incidents during the conflict have been linked to groups such as the Handala Hack Team, which has claimed responsibility for attacks on entities including a U.S.-based medical technology company.

Best Online Coaching for UPSC

About Cyber Warfare

Cyber Warfare

Cyber warfare refers to the use of digital attacks, hacking, and cyber operations by states or non-state actors to disrupt, damage, or gain unauthorized access to another country’s computer systems, networks, or critical infrastructure for strategic, political, or military purposes.

Key Features

Cross-Border Nature: Cyber warfare is transnational in nature, allowing attacks to be launched across borders without physical intrusion.
- Example: The WannaCry ransomware attack affected systems in over 150 countries.
Difficulty in Detection and Attribution: Cyber attacks are often difficult to detect and attribute because attackers hide their identity using encrypted networks and fake digital trails.
Use of Proxy Networks: States frequently employ proxy groups or non-state actors to conduct cyber operations while maintaining plausible deniability.
Targeting Civilian and Military Systems: Cyber warfare can simultaneously disrupt civilian infrastructure and military networks, increasing societal vulnerability.
Below the Threshold of Conventional War: Most cyber operations operate below the threshold of open armed conflict, enabling states to avoid direct military escalation.
- For Example: Frequent cyber intrusions between China and the United States rarely escalate into conventional warfare.
Low-Cost but High-Impact: Cyber warfare is relatively low-cost compared to conventional warfare but can cause massive economic and strategic damage.
- The NotPetya cyberattack caused billions of dollars in global losses.
Targeting Critical Infrastructure: Cyber attacks often focus on critical infrastructure such as power grids, banking systems, healthcare, and transportation networks.
- The Ukraine power grid cyberattack disrupted electricity supply to thousands of citizens.
Information and Psychological Warfare: Cyber warfare is used to spread misinformation, manipulate narratives, and influence public opinion.
- Example: Alleged interference in the 2016 United States Presidential Election involved coordinated cyber-enabled disinformation campaigns.
Speed and Real-Time Execution: Cyber operations can be launched and executed within seconds, making response and defence extremely difficult.
- Example: Distributed Denial-of-Service (DDoS) attacks can instantly disable government or financial websites.
Asymmetric Nature: Cyber warfare allows smaller states and non-state actors to challenge technologically advanced powers without matching conventional military strength.
- Example: Cyber groups linked to North Korea have reportedly targeted global financial institutions.
Continuous and Non-Linear Conflict: Unlike traditional wars, cyber warfare often occurs continuously during both peace and conflict periods.
- Persistent cyber espionage campaigns target defence and research institutions worldwide.
Difficulty in Applying International Law: The absence of universally accepted norms makes cyber warfare legally ambiguous under international law.
- Example: There is ongoing debate over whether major cyber attacks qualify as an “armed attack” under the United Nations Charter.

International Legal Framework Governing Cyber Warfare

United Nations Charter (Article 2(4)): Prohibits the use of force against the territorial integrity or political independence of states, and severe cyber attacks on critical infrastructure may qualify as unlawful use of force.
Principle of State Responsibility: States can be held internationally responsible when cyber operations are attributable to them, violate international obligations, and cause significant harm.
Budapest Convention on Cybercrime: Council of Europe framework seeks to combat cybercrime through international cooperation and harmonisation of domestic cyber laws, though it mainly addresses criminal rather than inter-state cyber activities.
United Nations Convention against Cybercrime: Aims to strengthen global cooperation against cyber-enabled crimes, but has limited provisions regarding state-sponsored cyber warfare and geopolitical cyber conflicts.

Major Challenges in Applying International Law to Cyber Warfare

Difficulty in Attribution: To establish a breach of international law, the act must be attributed to a state. However, cyber operations are, by their nature, secretive and routed through multiple networks and jurisdictions.
- It is much harder to translate that into legally admissible evidence. This creates a gap between political certainty and legal proof.
Threshold Problem: International law lacks a universally accepted standard for determining when a cyber attack becomes a prohibited “use of force” or an armed attack under international law.
Lack of Effective Judicial Forums: The unavailability of an appropriate forum for such disputes is also a practical constraint.
- Sensitive cyber disputes are unlikely to be heard by international courts, including the International Court of Justice, without the consent of states.
- Domestic courts also face similar challenges, particularly because foreign states are often protected by sovereign immunity.
Evidentiary Challenges: Cyber incidents involve technical data, classified intelligence and complex chains of causation.
- It can therefore be extremely difficult in a court setting to show who carried out an operation, how much damage it caused, and how it led to specific harm. This makes legal action both complicated and uncertain.
Strategic and Political Concerns: States often avoid legal proceedings because litigation may escalate tensions, provoke retaliation, or expose sensitive cyber capabilities and intelligence sources.
Limitations of International Conventions: The Budapest Convention on Cybercrime and the United Nations Convention against Cybercrime, which aim to create a broader global framework to address incidents of cybercrime.
- However, these initiatives primarily focus on cybercrime and law enforcement. They fall short in addressing issues of state responsibility when cyber operations are part of geopolitical conflict.
Mismatch Between Technology and Law: Rapid advancements in cyber warfare capabilities have outpaced the evolution of international legal and accountability frameworks.
Weak Enforcement Mechanisms: Despite the increasing frequency and severity of cyber attacks, legal consequences remain limited due to weak enforcement and jurisdictional challenges.
Reduced Deterrence: The absence of credible accountability mechanisms creates a situation where harmful cyber operations can continue with minimal legal deterrence.

UPSC Online Courses

Why is Cyber Security Important for India?

Growing Dependence on Digital Infrastructure: India is increasingly reliant on digital systems in sectors such as finance, energy, governance, healthcare, and communication, making cybersecurity essential for national stability.
Protection of Critical Infrastructure: Cyber attacks on power grids, banking systems, transport networks, and government platforms can disrupt essential services and threaten economic and national security.
Rising Vulnerability to Cyber Threats: Expansion of digital governance and online services has increased India’s exposure to cyber warfare, ransomware attacks, data breaches, and cyber espionage.
Need for National Cyber Resilience: Strengthening cybersecurity capabilities is necessary to ensure resilience against attacks targeting sensitive government and strategic infrastructure.
Role in Shaping Global Cyber Norms: As a major digital economy, India has a strong stake in international discussions on accountability, attribution, and responsible state behaviour in cyberspace.
Bridging the Gap Between Law and Cyber Conflict: Effective cybersecurity frameworks are essential to ensure that cyber operations causing real harm do not remain beyond the reach of international law and accountability mechanisms.
Safeguarding Sovereignty and Strategic Interests: Robust cybersecurity helps India protect its sovereignty, strategic assets, and digital economy from hostile state and non-state actors.

Institutional Mechanisms in India to Tackle Cyber Warfare

Institution/Mechanism	Role in Cyber Security and Cyber Warfare
Indian Computer Emergency Response Team (CERT-In)	Nodal agency under the Ministry of Electronics and Information Technology responsible for responding to cyber incidents, issuing alerts, and coordinating cyber security measures.
National Critical Information Infrastructure Protection Centre (NCIIPC)	Protects India’s critical information infrastructure in sectors such as power, banking, telecom, transport, and defence from cyber attacks.
National Cyber Coordination Centre (NCCC)	Functions as India’s cyber surveillance and threat intelligence platform to detect, monitor, and coordinate responses against cyber threats.
Defence Cyber Agency (DCA)	Tri-service agency under the Indian Armed Forces tasked with handling cyber warfare operations and strengthening military cyber capabilities.
National Technical Research Organisation (NTRO)	Technical intelligence agency involved in cyber intelligence, surveillance, and protection of strategic digital infrastructure.
Cyber Swachhta Kendra	Botnet cleaning and malware analysis centre aimed at improving cyber hygiene and securing digital systems across India.
Indian Cyber Crime Coordination Centre (I4C)	Established under the Ministry of Home Affairs to coordinate efforts against cybercrime, cyber fraud, and online threats.
National Cyber Security Coordinator (NCSC)	Coordinates national-level cyber security strategy and inter-agency cooperation under the National Security Council Secretariat.
Data Security Council of India (DSCI)	Industry body promoting cyber security standards, skill development, and collaboration between government and private sector.
Cyber Crime Cells of State Police	State-level specialised units investigating cybercrime, digital fraud, hacking, and cyber-related offences.
National Cyber Security Policy, 2013	Provides the policy framework for securing cyberspace, protecting critical infrastructure, and building cyber resilience.
Digital Personal Data Protection Act, 2023	Strengthens protection of personal data and enhances accountability regarding digital data security and privacy.
Cyber Surakshit Bharat Initiative	Government initiative aimed at enhancing cyber awareness and cyber security capacity among government departments.
Indian Cyber Command (Proposed)	India is considering a dedicated cyber command to integrate offensive and defensive cyber warfare capabilities more effectively.

Way Forward

Strengthen Domestic Cyber Resilience: India should enhance its cybersecurity architecture, protect critical infrastructure, and improve preparedness against cyber attacks targeting essential sectors.
Develop Attribution Capabilities: Investment in cyber forensics, intelligence-sharing mechanisms, and indigenous cyber expertise is necessary to accurately identify and respond to cyber threats.
Shape Global Cyber Norms: India must actively participate in UN cyber governance discussions, international cyber law negotiations, and global norm-setting processes related to cyberspace.
Promote Responsible State Behaviour: India should advocate principles such as non-targeting of civilian infrastructure, protection of critical services, and transparency in cyberspace conduct.
Enhance International Cooperation: Expanding cyber intelligence sharing, conducting joint cyber exercises, and strengthening multilateral cyber frameworks can improve collective cybersecurity resilience.

Click to Know UPSC Coaching Centres in India

Conclusion

Cyber warfare has transformed modern conflict by blurring the boundaries between war and peace, civilian and military spaces, and domestic and international domains.
- Although international law formally applies to cyberspace, challenges relating to attribution, evidence, jurisdiction, and enforcement continue to weaken accountability mechanisms.
For India, cybersecurity is not only a technological concern but also a strategic and legal necessity. As cyber operations become central to geopolitical competition, India must strengthen domestic cyber resilience while actively shaping international cyber norms to prevent cyberspace from becoming a largely unregulated arena of conflict.