Tarah Wheeler’s recent Foreign Policy article “In Cyberwar, There Are No Rules” highlights the absence of norms governing aggressive actions in cyberspace as a potential cause of conflict within this domain. While the author is correct that the international community continues to struggle with the development of norms to regulate behavior in cyberspace, it doesn’t follow that the domain is completely anarchic. Over the past decade, publicly disclosed cyberoperations have appeared to surface a set of implicit rules that restrains state actors from employing cybercapabilities with the potential for widespread disruption. These rules are derived from the strategic realities that serve to temper how cyberoperations are deployed.
Cyberoperations do not occur in a vacuum; interactions take place within the context of preexisting strategic relationships and form part of any actor’s larger campaign in pursuit of its strategic objectives. The employment of cyberoperations is thus subject to long-standing political,