Open Access
UNINTENDED CONSEQUENCES AND SPILLOVER EFFECTS IN OFFENSIVE CYBER OPERATIONS: A SYSTEMATIC LITERATURE REVIEW
4
Institute for Strategic Cyber Studies, University of Heidelberg, Heidelberg, Germany
4
Department of Political Science and Cybersecurity, Qatar University, Doha, Qatar
Abstract
Offensive cyber operations (OCOs) have become a prominent tool in the arsenals of state and non-state actors, offering capabilities ranging from espionage to destructive attacks. However, the interconnected nature of cyberspace introduces a complex challenge: the potential for unintended consequences, commonly referred to as collateral damage. This systematic literature review examines the current understanding of collateral damage stemming from OCOs. We synthesize definitions, analyze the technical and legal challenges associated with predicting and mitigating such effects, and explore the implications for international law, particularly the principles of distinction and proportionality. Our findings reveal a persistent gap between the theoretical frameworks and the practical realities of preventing unintended harm in a highly interdependent digital environment. We highlight critical areas for future research, including improved methodologies for effects assessment, enhanced legal interpretability for cyberspace, and the development of robust strategies to minimize spillover.
Keywords
Offensive cyber operations,
unintended consequences,
spillover effects
References
Aiyer, B.; Caso, J.; Russell, P.; Sorel, M. Mckinsey: New Survey Reveals $2 Trillion Market Opportunity for Cybersecurity Technology and Service Providers. 2022. Available online: https://www.mckinsey.com/capabilities/risk-and-resilience/our-insights/cybersecurity/new-survey-reveals-2-trillion-dollar-market-opportunity-for-cybersecurity-technology-and-service-providers (accessed on 30 January 2024).
IBM Security; the Ponemon Institute. Cost of a Data Breach Report 2022. 2022. Available online: https://www.ibm.com/downloads/cas/3R8N1DZJ (accessed on 31 January 2024).
Hanson, F.; Uren, T. Australia’s Offensive Cyber Capability. 2018. Available online: https://www.aspi.org.au/report/australias-offensive-cyber-capability (accessed on 31 January 2024).
Farwell, J.P.; Rohozinski, R. Stuxnet and the Future of Cyber War. Survival 2011, 53, 23–40. [Google Scholar] [CrossRef]
U.S. Department of Justice. Three North Korean Military Hackers Indicted in Wide-Ranging Scheme to Commit Cyberattacks and Financial Crimes Across the Globe. 2022. Available online: https://www.justice.gov/opa/pr/three-north-korean-military-hackers-indicted-wide-ranging-scheme-commit-cyberattacks-and (accessed on 1 February 2024).
Schelling, T.C. Dispersal, deterrence, and damage. Oper. Res. 1961, 9, 363–370. [Google Scholar] [CrossRef]
U.S. Air Force. Air Force Doctrine Publication 3–60, Targeting. 2021. Available online: https://www.doctrine.af.mil/Portals/61/documents/AFDP_3-60/3-60-AFDP-TARGETING.pdf (accessed on 1 February 2024).
Schmitt, M.N. (Ed.) Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations; Cambridge University Press: Cambridge, UK, 2017. [Google Scholar]
Arquilla, J.; Ronfeldt, D. Cyberwar is coming! Comp. Strategy 1993, 12, 141–165. [Google Scholar] [CrossRef]
Lee, E.A.; Seshia, S.A. Introduction to Embedded Systems: A Cyber-Physical Systems Approach, 2nd ed.; MIT Press: Cambridge, MA, USA, 2017. [Google Scholar]
Romanosky, S.; Goldman, Z. Cyber Collateral Damage. Procedia Comput. Sci. 2016, 95, 10–17. [Google Scholar] [CrossRef]
U.S. Air Force. Intelligence Targeting Guide, Attachment 7. 1998. Available online: https://irp.fas.org/doddir/usaf/afpam14-210/part20.htm (accessed on 1 February 2024).
Romanosky, S.; Goldman, Z. Understanding Cyber Collateral Damage. J. Natl. Secur. Law Policy 2017, 9, 233–257. [Google Scholar]
Dinstein, Y. The Principle of Distinction and Cyber War in International Armed Conflicts. J. Confl. Secur. Law 2012, 17, 261–277. [Google Scholar] [CrossRef]
Ablon, L.; Binnendijk, A.; Hodgson, Q.E.; Lilly, B.; Romanosky, S.; Senty, D.; Thompson, J.A. Operationalizing Cyberspace as a Military Domain, Perspective, RAND Corporation 2019. Available online: https://www.rand.org/content/dam/rand/pubs/perspectives/PE300/PE329/RAND_PE329.pdf (accessed on 30 January 2024).
U.S. Department of Defense. Department of Defense Law of War Manual; William S. Hein & Company: Getzville, NY, USA, 2023.
Maathuis, C.; Pieters, W.; Van den Berg, J. Assessment Methodology for Collateral Damage and Military (Dis)Advantage in Cyber Operations. In Proceedings of the MILCOM 2018—2018 IEEE Military Communications Conference (MILCOM), Los Angeles, CA, USA, 29–31 October 2018; IEEE: Piscataway, NJ, USA, 2018; pp. 1–6. [Google Scholar] [CrossRef]
Maathuis, C.; Pieters, W.; van den Berg, J. Decision support model for effects estimation and proportionality assessment for targeting in cyber operations. Def. Technol. 2021, 17, 352–374. [Google Scholar] [CrossRef]
Grant, T. Building an Ontology for Planning Attacks That Minimize Collateral Damage: Literature Survey. In Proceedings of the 14th International Conference on Cyber Warfare & Security (ICCWS 2019), Stellenbosch, South Africa, 28 February–1 March 2019; pp. 78–86. [Google Scholar]
University of York Centre for Reviews and Dissemination. What Are the Criteria for the Inclusion of Reviews on DARE? 2014. Available online: https://www.ncbi.nlm.nih.gov/books/NBK285222/ (accessed on 31 January 2024).
Similar Articles
- Dr. Marcus Fletcher, Dr. Elena Novak, ASSESSING AND ENSURING CYBERSECURITY AND RESILIENCE IN HEALTHCARE: A RISK AND CONFORMITY FRAMEWORK , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 1 No. 01 (2024): Volume 01 Issue 01
- Dr. Ahmed N. El-Tayeb, Miguel Ángel Ortega, INTEGRATING CYBER THREAT INTELLIGENCE WITHIN COMMERCIAL ENTERPRISES: A STRATEGIC FRAMEWORK FOR ENHANCED SECURITY POSTURE , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 1 No. 01 (2024): Volume 01 Issue 01
- Dr. Rohan Deshmukh, ARCHITECTING A ROBUST CYBER THREAT INTELLIGENCE CAPABILITY: A COMPREHENSIVE FRAMEWORK , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 2 No. 02 (2025): Volume 02 Issue 02
- Prof. Emily Zhang, Luca Romano, DEFENDING AGAINST EVOLVING CYBER THREATS: A HYBRID FRAMEWORK FOR ATTACK PATTERN ANALYSIS AND INTELLIGENCE INTEGRATION , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 2 No. 04 (2025): Volume 02 Issue 04
- Dr. Mateo Alvarez-Ruiz, From Reactive to Predictive Security: Integrating Threat Intelligence with SIEM for Proactive Threat Hunting , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 3 No. 01 (2026): Volume 03 Issue 01
- Dr. Dmitry V. Sokolov, Synergizing Generative AI and Explainable Machine Learning in Security Operations Centers: Mitigating Alert Fatigue and Enhancing Analyst Performance , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 2 No. 10 (2025): Volume 02 Issue 10
- Dr. Tanvi Das, James D. Walker, A FEDERATED MULTI-MODAL SYSTEM FOR INSIDER THREAT DETECTION IN ENERGY INFRASTRUCTURE USING BIOMETRIC AND CYBER DATA , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 2 No. 01 (2025): Volume 02 Issue 01
- Dr. Elena Petrova, Dr. Hassan Al-Mansoori, EVALUATING AND ENHANCING CYBERSECURITY AND RESILIENCE IN HEALTHCARE: A UNIFIED RISK AND COMPLIANCE FRAMEWORK , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 2 No. 05 (2025): Volume 02 Issue 05
- Prof. Dmitry V. Volkov, Dr. Kofi Agyapong, ADAPTIVE TRUST BOUNDARY ENFORCEMENT: A COMPREHENSIVE REVIEW OF ZERO TRUST ARCHITECTURE IMPLEMENTATION AND USABILITY CHALLENGES , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 2 No. 10 (2025): Volume 02 Issue 10
- Dr. Amara Ndlovu, Dr. Faisal Khan, CYBERSECURITY IN VIRTUAL GATHERINGS: RISKS AND REMEDIAL STRATEGIES FOR VIDEO CONFERENCING SOFTWARE , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 2 No. 04 (2025): Volume 02 Issue 04
You may also start an advanced similarity search for this article.