THE WAR WE DON’T SEE: International Legal Frameworks for Psychological and Cyber Warfare.

“If the new and frightful weapons of destruction which are now at the disposal of the nations seem destined to abridge the duration of future wars, it appears likely, on the other hand, that future battles will only become more and more murderous.”

Henry Dunant, A Memory of Solferino, 1862

 ABSTRACT

In today’s digital world, the nature of warfare has shifted dramatically from the traditional battlefield. It’s no longer just about guns, tanks, and soldiers; modern conflicts are increasingly fought in cyberspace and through psychological tactics. Cyber and psychological warfare have become formidable instruments of statecraft, capable of crippling essential infrastructure, breeding distrust, and control or influence the outcomes of political and military confrontations—all without a single shot being fired. However, international law, which was largely shaped in the wake of World War II, finds it challenging to keep up with these unconventional threats.

This article delves into how international legal frameworks are responding—or failing to respond—to the challenges brought about by cyber and psychological warfare. By examining real-world case studies, especially those involving Russia and China, it seeks to offer an analytical and forward-thinking view on the future of international legal standards in the context of conflicts in the digital age.

UNDERSTANDING THE NEW FRONTLINES

l  What is cyber warfare? According to the International Committee of the Red Cross (ICRC), “the term cyber warfare refers to means and methods of warfare that rely on information technology and are used in situations of armed conflict. Cyber operations may be either offensive or defensive.”

These are the actions that are used to damage or disrupt a state’s critical systems. Such actions may include malware attacks, Distributed Denial-of-Service (DDoS) campaigns, ransomware,  targeting military, financial, or infrastructure networks. Such cyber operations may be designed for espionage, sabotage, or strategic advantage—and they often leave behind minimal or no physical traces.

l  What is psychological warfare? Oxford Public International Law says, “although there is no concise definition of the term ‘psychological warfare’(PSYWAR), it has often been associated with the dissemination of propaganda designed to undermine the adversary’s will, with other non-violent warfare acts that influence the military discipline of the adversary, as well as with psychological operations.”

It further syas that PSYWAR aims to influence the mind of the adversary. Traditionally, this method was perceived to be conducted through the dissemination of false rumours; spreading misinformation or disinformation with the intent of eroding the adversary’s fighting morale; the incitement of enemy combatants to surrender, and persuading the enemy population to revolt against its government etc. In the contemporary military field, psychological warfare activities may also include non-violent acts which are performed in the form of sonic booms, the projection of repetitive sounds or music for prolonged periods at high volume, or even the counterfeiting of currency. 

INTERNATIONAL LAW AND THE MODERN CONFLICT- THE LEGAL VACCUMM

1. THE UN CHARTER- The cornerstone of international legal order, The United Nations prohibits the ‘use of force’ against any territorial intergrity of any state under article 2(4), which is further followed by right to self defence to such state on which any ‘armed attack’ has taken place under article 51 of the charter . But the question arises whether cyberattacks or psychological warfares meets the criteria “use of force” or “armed attack.”

There are presently no internationally accepted criteria for determining whether a nation state’s cyberattack is a use of force equivalent to an armed attack, which could trigger a military response but in Cyber Attacks as "Force" under UN Charter Article 2(4) by  Matthew C. Waxman, Columbia Law School, with the help of a case study of 2010, when a flash drive inserted into a US military laptop surreptitiously introduced malicious software into US Central Command's classified and unclassified computer systems, discusses how the National Research Council constituted a committee that stated that cyber attacks should be judged under the UN Charter and customary jus ad bellum principles by considering whether the effects of cyber attacks are equivalent to a military attack. In fact, Secretary of State Hillary Clinton in a 2010 address declared US intentions to defend its cybersecurity in terms similar to those usually used to discuss military security:

“States, terrorists, and those who would act as their proxies must know that the United States will protect our networks. ... Countries or individuals that engage in cyber attacks should face consequences and international condemnation. In an interconnected world, an attack on one nation's networks can be an attack on all.”

Similarly many other scholars and reserachers are also advocating for reinterpretation of charter to address psychological warfare as “force” under UN charter.

2. INTERNATIONAL HUMANITARIAN LAW - International Humanitarian Law (IHL), also known as the law of war or the law of armed conflict, is a set of rules that aim to limit the effects of armed conflict for humanitarian reasons.

In the absence of any state or other international instrument view on whether psychological operations are goverened by IHL, a two group of opinions can be seen- first one being that while psychological operations may be conducted by the military, they would not be considered military operations for the specific legal purposes of IHL. While other suggests that “those communicative acts by armed forces that aim at furthering military objectives could be considered ‘military operations’ under IHL. Adding to this, the obligation not to harm (i.e. respect) humanitarian operations would be violated when information (psychological) operations may be expected to result in violence against humanitarian organizations, for instance by stirring up anger against humanitarian operations, or by creating false perceptions of their operations.

Many organisations such as ICRC believes that cyber warfare should not be happened in legal vaccumm, but rather to be governed by IHL. There is a strong belief that the same rules and principles – including the principles of humanity, military necessity, distinction, proportionality and precautions – apply to all military operations, be they kinetic or cyber, and must be respected.

3. THE TALLINN MANUAL - TALLINN MANUAL ON THE INTERNATIONAL LAW APPLICABLE TO CYBER WARFARE, prepared by the International Group of Experts at the Invitation of The NATO Cooperative Cyber Defence Centre of Excellence is a non-binding,academic helpbook that examines the international law relating to cyber warfare. While not being a binding legal instrument, it is the most influential interpretive guide on this subject. Manual interprets traditional principles(instead of introducing new modern rules), and acknowledges that cyber operations/ warfares can amount to a "use of force" or even an "armed attack" if their consequences are comparable to conventional military actions. However, below this threshold, much of cyber activity remains in a legal "grey zone," where state practice and opinio juris are evolving but not settled yet.

Unfortunately there is no such manual or any other such collaborative work yet that discusses standalone psychological warfare as a potential use of force or armed attack. Only references and inferences can be drawn.

CASE STUDIES: CYBER AND PSYCHOLOGICAL WARFARE IN PRACTICE

In Russia and Ukraine conflict, several cases of cyber warfare have been observed. These cyber-attacks are directed at different parts of Ukraine’s infrastructure such as government agencies, military networks and vital sectors like energy and communication.The intention behind such actions was to make ukraine unsteady and so that Russia could gain control over Ukranina territory. 

Since 2014, Ukraine has faced persistent and evolving cyber-attacks, primarily attributed to Russian state-sponsored actors. Early incidents like the “Snake” virus and attacks on media and telecommunications aimed at espionage and propaganda laid the groundwork. In 2015, the Black Energy cyberattack targeted Ukraine's power grid, causing blackouts for 250,000 people—one of the first known cyber operations to have direct physical consequences.

The 2017 NotPetya attack, disguised as ransomware, aimed at large-scale disruption and affected institutions globally. Cyber conflict continued with phishing campaigns, election interference, and breaches in critical sectors. A major escalation occurred just before the 2022 invasion, when a cyberattack on Viasat’s KA-SAT satellite disrupted internet services in Ukraine and parts of Europe, hampering military communications.

Russia has also used data-wiping malware, phishing, and propaganda tactics to destabilize Ukrainian institutions and public morale. Notably, between February and October 2024, destructive attacks targeted Ukraine’s energy, healthcare, and emergency services infrastructure. Additionally, DDoS attacks in early 2022 impaired government and banking systems, aiming to instill fear and confusion.

Overall, cyber operations have been a key, multifaceted component of Russia’s hybrid warfare strategy against Ukraine, inflicting both digital and psychological damage on civilian and state infrastructure.

CHINA'S PSYWAR AND INDIA Similarly, China’s psychological tactics against India can be decoded to understand how psychological operations are deliberately employed as strategic instruments to shape perception, undermine morale, and exert influence without conventional military engagement.

For instance, one such post on Chinese site Weibo showed an image of a rocket launch in China alongside a photo of the bodies of Covid victims being cremated in India along with a text that read: "Lighting a fire in China VS lighting a fire in India." - which could be seen as a clear attempt to belittle India’s crises response and demoralize the public sentiment.

LEGAL CHALLENGES AND GREY AREAS

1. Problem of anonymity- Such warfares often happens in full anonymity to conceal their identities and locations. This makes it difficult for victim states to respond effectively as they do not know whom to held accountable in the first place.

2. Global Interconnectedness and state’s sovereignity- A state’s sovereignity extends to its cyber infrastructure as well and any external unauthorised intrusion shall lead to the violation of such state sovereignity. But the application of this principle is difficult as far as cyberspace is concerned because of the global interconnectedness of the internet and obstacles in identifying the origin of such attack.

3. Non state actors-  At present, international legal frameworks focuses majorly on states behaviour, which fails to practically address the increasing threat poses by non-State actors. Consequently, traditional laws fail to keep pace with the rapidly changing threat environment.

4. Criteria for “Harm”- Existing legal frameworks has its focus majorly on ‘physical’ harm. Whereas cyber and psychological operations often causes indirect or long-term damages—like societal polarization or economic disruption—which may not ignite a legal response as per current legal framework.

5. Limited jurisdiction- ICC and ICJ have limited jurisdiction over cyber and psychological warfares unless there comes a concrete evidendce for the attack and a state responsibilty towads violation of international law.

GLOBAL EFFORTS TO GOVERN THE DIGITAL BATTLESPACE- Collective efforts are been continously taking place by several international institutions and instruments to combat cyber and psychological warfares that are increasingly occuring in contemporary times. For example, the UN Group of Governmental Experts (GGE) and the Open-Ended Working Group (OEWG) are both international processes focused on discussing and developing norms for responsible state behavior in cyberspace. The GGE is a smaller, expert-level group, while the OEWG is open to all UN member states. Both groups have been instrumental in shaping discussions on international cybersecurity and building consensus around key issues like international law, norms, and capacity building.

Budapest Convention is an international treaty focused on addressing cybercrimes. Primarily known as the Council of Europe Convention on Cybercrime, it was the first international treaty to focus specifically on cybercrime.

Public awareness campaigns and media literacy under educational reforms are also focused upon to equip citizens with the skills to critically analyze information, detect misinformation, and resist manipulation. Collaboration between governments, tech companies, and civil society is crucial to promote fact-checking and counter-disinformation.

A WAY FORWARD

1.Legal innovation- There is an urgent need to reintroduce existing treaties and rules to include evolving digital threats. For example, “use of force” under article 2(4) of UN Charter should be redefined to include cyber and informaional warfare as potential use of force and armed attack. International Humanitarian Laws are also need to be expand to cover virtual harm as well.

2.Role of the tech industry- Companies like Meta,X(formerly TikTok) etc. must take greater responsibilty for more unfiltered transparency and reporting any manipulation attacking any state.

3.Multilateral aggrements- Regional or thematic agreements—such as bilateral pacts on cyber non-aggression—could serve as building blocks.  The Tallinn Manual is one such model for collaborative security thinking.

Conclusion

Cyber and psychological warfare are no longer hypothetical. They are now active tools of war,conflict and influence. International law and frameworks, though strained, remains a vital pillar in defending against these threats. Existing treaties like the UN Charter and Geneva Conventions still offer valuable principles if creatively interpreted. With necessary additions to the exiting laws, international frameworks can really fit the existing gap.

The path forward lies in combining legal innovation with multilateral cooperation, technological accountability, and public awareness. Though challenges abound, there is also opportunity: to shape a digital world that upholds peace, transparency, and the rule of law.

In this struggle, the question is not whether the law can adapt—but whether states, institutions, and societies have the will to make it do so. The answer will define the nature of conflict—and peace—in the 21st century.

REFERENCES

1.      http://casebook.icrc.org/a_to_z/glossary/cyber-warfare

2.     https://opil.ouplaw.com/display/10.1093/law:epil/9780199231690/law-9780199231690-e385?rskey=2CwADk&result=124&prd=OPIL&print

3.      https://scholarship.law.columbia.edu/cgi/viewcontent.cgi?article=1882&context=faculty_scholarship

4.      https://sgp.fas.org/crs/natsec/IF11995.pdf

5.      https://digital-commons.usnwc.edu/cgi/viewcontent.cgi?article=3054&context=ils

6.     https://blogs.icrc.org/law-and-policy/2023/10/12/foghorns-of-war-ihl-and-information-operations-during-armed-conflict/

7.     https://commons.erau.edu/cgi/viewcontent.cgi?article=1761&context=jdfsl

8.     https://www.icrc.org/sites/default/files/document/file_list/icrc_ihl-and-cyber-operations-during-armed-conflicts.pdf

9.      https://papers.ssrn.com/sol3/papers.cfm?abstract_id=5019998

10.  https://www.bbc.com/news/world-asia-china-56963996

11.  https://cenjows.in/wp-content/uploads/2024/06/Ms_Sanchaly_Bhattachary_IB_June_2024_CENJOWS.pdf

12.  https://www.researchgate.net/publication/392242947_Cyber_Conflict_and_International_Security_Legal_Challenges_and_Strategic_Solutions_in_Cyberspace