The prevalence of computers and the pace of technological innovation has advanced civilization significantly but has left many vulnerabilities that can be exploited.
And the jus ad bellum is the body of law that defines when it is reasonable for sovereign states to resort to use of force to defend their resources, people and interests.
The Schmitt analysis is a framework for evaluating a CNA, according to seven parameters, to determine if it constitutes a wrongful use of force, and for governments to decide on a valid course of action after being attacked.
[3] The Estonian Cyber-attacks of 2007, targeting Estonia's Internet resources, appear to be the first cyber attacks to be used as a weapon in a political conflict.
The Russian company Kaspersky said the virus could only have been deployed with nation-state support, and that it would lead to the creation of a new kind of arms race in the world.
Considering the damage caused, along with the invasiveness, lack of clear legitimacy and the speculation that the worm was developed and deployed with help of U.S. government with possible Israeli or German assistance means Stuxnet could be seen as a use of force.
To make use of the established law that has dealt with armed forces, Schmitt proposed comparing the characteristics and consequences of CNAs.
Since infrastructure such as power grids, transportation, and telecommunications are interlinked, an attack on one site might have a catastrophic domino effect.
This utilitarian focus is also predominant in the jus in bello, which strives for humanity while still allowing for in some cases a trade-off between military gains and civilian casualties, for example.
[1][2][10] A relevant factor when performing a Schmitt Analysis is to ask if the perpetrators of the attack attempted to act in accordance to the Law of Armed Conflict (LOAC).
This attempted can imply state involvement in the attack, since private individuals might not be so concerned with international law.