ABSTRACT
The proportionality calculation in a cyber operation that shuts down a dual-use power station, will have to factor in both the loss of the civilian function performed by the installation, with consequent negative repercussions on its civilian users, and the fact that the malware might infect other computer systems. Cyber operations present both opportunities and dangers for the principle of proportionality in attack. On the one hand, their potentially less damaging character might offer a better means to minimise incidental damage to civilians and civilian property, which can be seen in the context of the trend towards effects-based warfare. On the other hand, the interconnectivity of military and civilian networks raises the question of the uncontrolled spreading of malware to other computers and networks, which might be difficult to predict and therefore to avoid or minimise.
