Iran, as the current chair of the Non-Aligned Movement and acting as a responsible member of the international community, is firmly committed to the goal of strengthening the international legal instruments dealing with cybersecurity. Such an instrument could conceivably be modeled after other international conventions regulating relations among states, obligating state signatories to not use cyberattacks against others.
For several years now, Iran has been the recipient of a protracted wave of state-sponsored cyberattacks. These attacks have attempted to disrupt our computer systems at power grids, government ministries, nuclear facilities, oil terminals, and other important industrial and economic sectors. They have inflicted financial and property damage and caused occasional disruptions.
Obviously, these attacks are illegal from the point of view of recognized principles of international law, including the purposes and principles of the UN Charter. Articles one and two of the Charter provide a framework under which UN member states should interact with each other. Article 2 (4) states: “All Members shall refrain in their international relations from the threat or use of force against the territorial integrity or political independence of any state, or in any other manner inconsistent with the Purposes of the United Nations.”
And yet, unfortunately the US in particular has behaved as if there are no standards in the international community regarding such wrongful acts. It has supported “offensive operations” in cyberspace without bothering with their compatibility with international norms. This callous indifference to general rules of international law was seen in the 2010 “Stuxnet” attack against the control system of Iran’s civilian nuclear facilities, which was reportedly authorized by the White House as part of its “covert operations” against Iran.