Amgad Bin Shahbain
PHIL 355E – Summer 2025
Matthew Montoya
Case Analysis: Cyberwarfare Actions in Hybrid Warfare and Just War Theory
The cyberattacks observed during the Israel-Hamas conflict illustrate how non-kinetic forms of warfare can amplify the effects of physical clashes. The pro-Iranian faction Cyber Av3ngers executed a DDoS attack that disrupted Israel’s electricity provider (Noga), while Anonymous Sudan interfered with the “Red Alert” missile warning system, inciting panic by exploiting vulnerable APIs. Concurrently, Killnet, a group associated with Russia, focused on Israeli governmental and banking websites. These cyber assaults were aimed at destabilizing communication networks, obstructing emergency responses, and eroding public trust—key objectives in hybrid warfare. The ethical issue arises over whether these cyber operations, when considered apart from the larger conflict, could be deemed justifiable according to Just War Theory (JWT). Conventional JWT evaluates wars based on criteria such as just cause, proportionality, and discrimination—but do these principles pertain to cyber operations that disrupt civilian infrastructure without inflicting direct physical harm? In this case analysis, I will argue that Michael Boylan’s framework of just war principles, along with Mariarosaria Taddeo’s ethics of cyber warfare, suggests that these cyber activities cannot be regarded as part of a just war, as they violate the fundamental jus in bello principles of discrimination and proportionality by indiscriminately assaulting civilian infrastructure and deliberately instilling terror in non-combatants.
Boylan’s Just War Framework and the Ethics of Cyberwarfare
Michael Boylan’s interpretation of Just War Theory offers a solid ethical framework for assessing the conduct of armed conflict (jus in bello). His approach is based on several fundamental principles: Just Cause, Legitimate Authority, Right Intention, Proportionality, Discrimination (Noncombatant Immunity), and Last Resort. Central to Boylan’s philosophy is a universal moral obligation, drawn from his “Personal Worldview Imperative,” which urges rational beings to act in ways that safeguard the “basic goods” essential for human agency. These goods—life, health, sustenance, security—serve as the vital preconditions for any meaningful action. In the realm of conflict, this translates into a rigorous duty to minimize harm to these basic goods, especially for non-combatants, even in a war considered justified. This imperative requires that individuals involved in a conflict actively work to lessen unnecessary suffering and refrain from tactics that fundamentally threaten the bedrock of a civil society.
Utilizing Boylan’s framework to evaluate the cyberattacks in question uncovers a considerable violation of these moral responsibilities. The principle of Discrimination is the most overtly violated. The DDoS attacks on Noga, the electricity supplier, and the subsequent alleged assaults on the Israel Electric Corporation (IEC) had a direct and predictable effect on the civilian populace. Electricity is a critical utility upon which other basic goods, such as health (powering hospitals) and sustenance (powering food refrigeration), rely. Although attackers may argue that the grid constitutes a legitimate military target due to its role in powering defense systems, its primary purpose serves civilians. An assault that disrupts the grid is inherently indiscriminate, as it cannot differentiate between military and non-combatant users. The primary impact is felt by civilians, violating the principle of noncombatant immunity. The manipulation of the “Red Alert” system represents an even clearer breach. This system is designed solely to protect a fundamental good life by ensuring security. Utilizing it to instill terror amounts to a direct psychological attack on non-combatants.
Likewise, the principle of Proportionality is infringed. This principle states that the damage caused must not exceed what is necessary to achieve a legitimate military goal. Cyber operations that disable national power networks, emergency notification systems, or financial infrastructure result in immense societal disruption that far overshadows any conceivable military advantage. For example, the false missile alerts initiated by Anonymous Sudan caused widespread panic without any apparent strategic benefit, far surpassing what could be seen as an acceptable or necessary military action. The repercussions—psychological terror, disruption of emergency services, and the risk of life-threatening stampedes or accidents—are vastly disproportionate to the military objective, however momentary it may have been, to distract defense forces.
Ultimately, the principles of Legitimate Authority and Right Intention are not satisfied either. Hacktivist organizations such as Cyber Av3ngers, Anonymous Sudan, and Killnet function as non-state actors without the formal support or accountability of a recognized governing body. This characterization aligns their actions more closely with vigilantism or terrorism than with legitimate acts of war conducted by a state actor. Additionally, their practice of publicly sharing screenshots and claiming responsibility for the resulting chaos seems more focused on psychological intimidation and self-promotion than on pursuing a just and restorative peace, which Boylan defines as the sole “Right Intention.” Based on Boylan’s framework, these cyber operations lack justification. A legitimate cyber operation would need to be executed by a recognized authority, be specifically aimed at disrupting military communications or resources, intentionally avoid civilian infrastructure, and remain proportional in its impact. The actions in question fall significantly short of these criteria.
Taddeo’s Cyber-Just War Theory and the Burden of Care
Mariarosaria Taddeo is a prominent ethicist who has specifically tailored Just War Theory for contemporary digital contexts. Her research offers a more focused ethical framework for this scenario, emphasizing the necessity to reinterpret and apply traditional jus in bello principles within cyberspace. A key aspect of Taddeo’s examination is the Discrimination principle regarding “dual-use” infrastructure—systems like power grids, financial networks, and telecommunications that fulfill both military and civilian roles. Taddeo asserts firmly that the interconnectedness of cyberspace does not provide attackers with moral permission for indiscriminate assaults. Instead, it imposes a greater responsibility on them to ensure that their attacks are precisely aimed and that potential harm to civilians is minimized. For an attack on a dual-use target to be deemed just, the attacker must prove that the target is predominantly military in nature, that the attack method isn’t inherently indiscriminate, and that all practical measures were taken to avoid incidental damage.
Applying Taddeo’s rigorous interpretation of the discrimination principle, the cyberattacks executed by hacktivist groups are ethically unacceptable. The DDoS attacks directed at Israel’s electrical grid violate the discrimination criteria on several levels. First, the target itself—the national power grid—is fundamentally dual-use. Although it powers military sites, its primary role is to sustain civilian life overall. Taddeo would argue that an assault on such a system cannot be classified as discriminate unless its consequences can be narrowly focused on impacting only the military aspects, which a broad DDoS attack inherently cannot accomplish. The attack method is fundamentally indiscriminate; it operates by flooding a system with excessive traffic, shutting it down for all users. This is akin to bombing a water treatment facility to deny access to water for a military base; the primary casualties will inevitably be from the civilian population.
The attacks on the “Red Color” alert system and Discount Bank represent an even more blatant violation of Taddeo’s principles. The alert system is not a dual-use entity; it is designed purely for civilian protection. Targeting it, or even worse, producing false alerts, constitutes a direct and intentional assault on non-combatants. Such actions serve no valid military function and are aimed solely at causing psychological distress and disturbing civilian life, an act that Taddeo categorizes as a form of information warfare that clearly breaks the Discrimination principle. The attack on the bank similarly targets a civilian object with the intent to disrupt the economic activities of non-combatants. From Taddeo’s viewpoint, the appropriate course of action would have been to completely abstain from these activities. A just actor in cyberspace, based on her analysis, must prioritize the safeguarding of civilians and civilian infrastructure. This necessitates refraining from assaults on dual-use systems unless the military advantage is direct and substantial and the harm to civilians is negligible and unintentional—a standard that these widespread DDoS attacks do not satisfy. Any deliberate targeting of civilian objects or protective systems is unequivocally prohibited under any just interpretation of jus in bello principles.
Conclusion
The cyberattacks mentioned in the article are ethically unjust when evaluated through the perspectives of Michael Boylan and Mariarosaria Taddeo. Applying the principles of Just War Theory, particularly those of discrimination and proportionality, these actions are morally unacceptable as they harm civilians and lack legitimate authority. Boylan argues that such attacks infringe upon critical human goods, including health and security. Taddeo points out that attacking dual-use systems and civilian defense mechanisms, like missile alert networks, contravenes the stricter ethical standards governing cyber warfare. These actions were not precise strikes aimed at military objectives, but rather sweeping attacks designed to disrupt civilian life. Some contend that in hybrid warfare, civilian and military systems are indistinguishable, rendering all infrastructure acceptable targets. However, this perspective overlooks the moral tenets of Just War Theory, specifically the obligation to safeguard non-combatants. The digital aspect of warfare necessitates a greater ethical consideration, not a diminished one. Consequently, these operations evidently breach essential moral principles and signify a concerning move toward unrestricted warfare.