Technology and war have always coexisted in an uneasy juxtaposition, each feeding off the other, creating the basis for both humanity’s progress and for awful, bloody setbacks. A century after the outbreak of World War I, it is worth remembering that one of the reasons why the war assumed such monstrous dimensions was that strategists had been blithe about the impact of technological progress. Machine guns, tanks, gas, aeroplanes and modern warships unleashed a degree of carnage that was simply not anticipated in advance by war planners. The danger we face today is that digital technology is not tamed through social norms, and the world sleepwalks into a future where aggressive state behaviour in cyberspace causes increasing damage and ill-will among nations. Military strategists have been busy adapting their force structures to the cyber era, but the evolution of war’s legal standards lags behind.Humanity has a tendency to learn lessons post hoc, but good policy-making is as much about proactively mitigating against bad consequences before it is too late. Becausesuccess here is measured by the absence, not presence, of an event, such policy is harderto sell. This report aims to achieve such a ‘sell’ by highlighting the inadequacies of existingLOAC in cyberspace, and suggesting potential principles for a future body of internationallaw concerning conflict in cyberspace. Any zone of ambiguity in the law, history and logic teach us, will be exploited by states operating in an insecure environment. Currently, this zone of ambiguity in cyberspace is large, but it can be narrowed. That is the task that statesmen face. Cyberspace is functionally distinct from all other military domains (air, sea, land and space). It isn’t just a physical but also an informational realm. And because of the close proximity of kinetic operations (resulting in physical damage of the kind that LOAC was designed to regulate) and espionage operations in cyberspace, the lines between armed attack, the use of force and intelligence operations are blurring. We need a specific set of definitions that clarifies cyber hostilities. Currently there is no internationally agreed upon set of standards regarding what counts as an armed attack in cyberspace. This increases the likelihood of misunderstandings that can unintentionally lead to conflict. It also incentivises offensive tactics in cyberspace, as states push the boundaries of the acceptable in order to test other states’ commitment to defend their national security, and their strategies for doing so. In an era in which the meaning of armed attack is diluted by the presence of a new operational domain with novel properties, it is imperative that clear constraints on state behaviour are established. The worry that states will end up conducting cyber-attacks at arm’s length through proxies, allowing them to disavow responsibility later, is legitimate. By creating a legal responsibility to assist law enforcement enquiries by victim nations, such states will be forced to show their hands one way or another. By design, the Internet relies on a firm bedrock of trust for its optimal operation. Common protocols, mutual identification and the security of encrypted data transmission are necessary and sufficient conditions for commerce and other exchanges to take place on a disparate network like the Internet lacking a ‘Leviathan’, or central overseer. If insecurity and aggression become defining features of the Internet, it will lose most of its potential as a force for good in the world. By contrast, if cyberspace no longer presents an arena of warfare with unclear rules, and militaries can approach this domain with a degree of regulatory certainty, then states can focus their energies on pursuing cyber criminals. The world will be better off for it.