The increasing militarization of cyberspace and the rise of disinformation campaigns are reshaping the landscape of national security, law, and public discourse. While terms like “cyberwar” dominate headlines, their legal implications are often murky. At the same time, state responses to cyber threats—notably the controversial notion of “hackbacks”—raise complex questions at the intersection of international law, domestic constitutional limits, and cybersecurity strategy.
This article delves into the tangled terrain of cyber conflict, disinformation, and digital countermeasures, arguing that a nuanced legal and strategic framework is urgently needed.
The Elusive Concept of Cyberwar
Despite its prevalence in media discourse, “cyberwar” lacks a clear legal definition. While the term evokes images of state-sponsored digital offensives, legal frameworks such as the UN Charter and the Tallinn Manual impose stringent criteria for classifying cyber operations as acts of war.
Under Article 2(4) and Article 51 of the UN Charter, the threshold for an armed attack requires physical destruction or human casualties comparable to kinetic warfare. Cyber operations that disable infrastructure or manipulate data without causing tangible damage typically fall short of this benchmark. Nevertheless, the jurisprudence of national constitutional courts—including Germany’s Federal Constitutional Court (BVerfG)—has acknowledged that certain cyberattacks may mimic the effects of armed force and thus warrant constitutional protections or responses.
The inflationary use of “cyberwar” obscures this legal nuance. In practice, many incidents branded as cyberwarfare—from data breaches to distributed denial-of-service (DDoS) attacks—remain below the legal threshold of war. Yet they can still destabilize societies, erode trust in democratic institutions, and prompt states to consider active defense measures.
Disinformation as Strategic Subversion
Among the most insidious cyber threats is disinformation: the deliberate spread of false or misleading content designed to manipulate public perception, sow discord, and undermine institutional trust. Recent campaigns, such as the Doppelgänger operation that mimicked legitimate news portals to disseminate propaganda, demonstrate the scale and sophistication of state-sponsored influence efforts. According to German intelligence, such campaigns have reached hundreds of thousands of individuals through thousands of cloned websites and social media networks.
Legally, disinformation occupies a grey zone. It is not inherently criminal, and there is no absolute “right to truth” in most legal systems. However, constitutional protections of free personal development and informational self-determination imply a safeguard against covert manipulations of opinion. Courts in Germany have acknowledged that manipulated images or selectively altered information can infringe upon fundamental rights when they create the illusion of authenticity and thereby distort reality.
International law may also come into play: sustained, state-led disinformation efforts that interfere with another country’s political stability could potentially violate the principle of non-intervention. Still, defining the boundary between hostile propaganda and acts of war remains contested.
Disinformation’s potency lies not merely in falsehood but in the blending of fact and fiction, amplified by algorithmic systems that favor emotional and polarizing content. The result is a destabilizing force that challenges traditional legal categories.
Hackbacks: Active Defense or Digital Aggression?
As cyber threats escalate, some policymakers advocate for hackbacks—retaliatory cyber operations intended to disrupt or disable an attacker’s infrastructure. While intuitively appealing as a show of strength, hackbacks are legally and strategically fraught.
International law prohibits the use of force against the territorial integrity or political independence of another state (UN Charter, Art. 2(4)). Even if a cyberattack originates from foreign soil, retaliatory intrusions into the attacker’s systems may violate sovereignty. Moreover, the attribution problem looms large: cyberattacks are notoriously difficult to trace with high confidence, increasing the risk of targeting the wrong actor and escalating international tensions.
Domestically, hackbacks raise constitutional questions. In Germany, for instance, the principle of separation between police and intelligence services complicates any unified authority for conducting offensive cyber operations. There is currently no legal basis for such actions under German law, and proposals to change this have met with resistance.
Strategically, hackbacks can undermine long-term cybersecurity. States might be tempted to hoard zero-day vulnerabilities for potential counterattacks rather than disclose them to improve overall resilience. This mirrors concerns about China’s requirement that discovered vulnerabilities be reported to state agencies, raising fears of exploitation by state-affiliated hacking groups.
The German National Security Strategy of 2022 wisely excludes hackbacks as a viable tool, emphasizing instead the importance of prevention, resilience, and international cooperation.
The Convergence of Cybercrime and State Actors
Cyberwar and disinformation do not exist in isolation from traditional cybercrime. Increasingly, state actors collaborate with or co-opt criminal groups to further strategic goals. Ransomware gangs like Conti and LockBit have been linked to Russian interests, while the North Korean Lazarus Group blurs the line between financial crime and geopolitical sabotage.
This entanglement complicates law enforcement and international accountability. It also creates feedback loops wherein sophisticated tools developed by intelligence agencies (such as NSA exploits leaked by Shadow Brokers) find their way into the hands of criminals, magnifying their destructive potential.
Conclusion: Toward a Legal and Strategic Realignment
The digital domain has become a contested battlespace where traditional legal categories struggle to keep pace with evolving threats. Cyberwar, disinformation, and hackbacks exemplify the ambiguities and dilemmas that democratic states face in securing their information environments.
Rather than resorting to retaliatory aggression, states should invest in defensive resilience, legal clarity, and multilateral frameworks for attribution and accountability. As in classical warfare, the best defense may still lie in deterrence, preparedness, and the principled use of power. In the age of manipulated truths and invisible conflicts, upholding the rule of law and the integrity of information has never been more critical.
Our law firm specialises in criminal defence, white-collar crime and IT law / technology law. Note our activity in digital evidence in IT security and software law.
- Liability of Companies in Phishing and CEO Fraud Incidents - 13. May 2025
- Domain Law in Germany - 10. May 2025
- Art Law in Germany - 10. May 2025