Dignitaries from the United States and Australia, including U.S. Secretary of State John Kerry and Defense Secretary Chuck Hagel, as well as Australian Minister Bishop and Johnson, pictured during the first session of AUSMIN 2014. (Wikimedia Commons) On August 12, the 29th anniversary of the first annual Australia-United States Ministerial Consultations (AUSMIN), the Australian Minister for Foreign Affairs, Julie Bishop, along with Australian Minister for Defense Senator David Johnston met with U.S. Secretary of State John Kerry and Secretary of Defense Chuck Hagel in Sydney. In a joint press release, they reaffirmed the fifty-three year-old ANZUS Alliance’s “important contribution to the peace, security, and prosperity of the Asia Pacific and Indian Ocean regions,” in addition to “its enduring value in addressing contemporary and evolving challenges in the regions and throughout the world.”

The ANZUS statement also focused explicitly on the legal and collaborative dimensions of ensuring global cybersecurity. Representatives from both nations “emphasized that international law, including the United Nations Charter and…international humanitarian law, applies to state conduct in cyberspace” and pledged to act in accordance with their obligations. This pledge conforms to Article VI of the ANZUS treaty, which states that the treaty does not affect the “rights and obligations of the Parties under the Charter of the United Nations.”

But what exactly does this regional commitment mean now that cybersecurity is covered by the ANZUS treaty, especially as the threat of international cyber-attacks that may originate in one region or country of the world but target another becomes increasingly imminent? Answering this question strikes at the very heart of the ANZUS treaty, which is generally regarded as an agreement to consult and collaborate. This reality was reflected by a joint statement in relation to cyber issued in 2011, which stated that, “in the event of a cyber-attack that threatens the territorial integrity, political independence or security of either of our nations, Australia and the United States would consult together and determine appropriate options to address the threat.” This statement further built upon and aligned with Article III of the treaty, which obligates the United States and Australia to “consult together whenever in the opinion of any of them the territorial integrity, political independence or security of any of the Parties is threatened in the Pacific.”

Imagine, however, that Australia—being in an earlier time zone—became aware of an imminent threat to jam vital communications in the United States. Such an attack is considered to pose one of the greatest risks to U.S. cybersecurity while remaining largely feasible for counter-U.S. operatives to carry out. Would, then, Australia be in breach of its ANZUS treaty obligations or its obligations under international law if it immediately launched a cyber-counterstrike in defense of the United States?

Immediate retaliation in self- or collective defense, however, is also enshrined within the language of the ANZUS treaty. Article IV provides that, in the event of “armed attack in the Asia-Pacific against either signatory, the other nation “will act to meet the common danger in accordance with its constitutional processes.” This commitment to a military response to common danger is further is confirmed by the additional provision in Article IV concerning the United Nations, which states that any countermeasures pursued must be reported immediately to the Security Council and “terminated when the Security Council has taken the measures necessary to restore and maintain international peace and security.”

Apart from the provisions of the ANZUS treaty, nations’ right to self-defense is protected under international law. It is preserved in Article 51 of the United Nations Charter and was affirmed by the International Court of Justice (ICJ) in the 1986 case Military and Paramilitary Activities in and against Nicaragua (Nicaragua v. United States of America). The legitimate use of self-defense is permitted not only in situations when an armed attack has occurred but in cases where an attack is imminent. The Caroline test, a formulation of international customary law, provides that, for an imminent threat to justify preemptive self-defense, it must be “instant, overwhelming, and leaving no choice of means, and no moment for deliberation.” According to the Caroline test, any action taken in response to the threat must be proportional to the degree of harm the attack would have caused.

The question, then, is not whether the ANZUS treaty partners can legitimately retaliate against actual or intimated threat. The right to engage countermeasures is recognized under both the ANZUS treaty itself and the UN Charter, as well as generally under international law. The key issue at stake instead concerns the circumstances under which retaliation is justified. The level of force necessary to constitute an armed attack—and what precisely constitutes a proportional response to such attacks—are often vexing and divisive determinations to make under international law when conventional weapons and methods of warfare are used. In a dynamically changing world where technology can shut down government and civilian targets like power plants and hospitals, jam transmissions, immobilize vital services, and open floodgates, determining what constitutes an armed attack is a new and even more challenging issue of international law and cooperation between nations.