Access to this full-text is provided by Springer Nature.
Content available from AI and Ethics
This content is subject to copyright. Terms and conditions apply.
ORIGINAL RESEARCH
AI and Ethics (2025) 5:47–53
https://doi.org/10.1007/s43681-024-00628-x
United States Central Intelligence Agency (CIA) contended
that intelligence involves knowledge and foreknowledge of
the world which drives decisions by policymakers. The Tal-
linn Manual, which is one of the rst documents that out-
lines the rules for nation-state cyber warfare has stated that
espionage as an act undertaken clandestinely or under false
pretences that uses cyber capabilities to gather or attempt to
gather information [2].
Previously, espionage was usually done by states sending
their most skilled agent into the territory of their physical
adversaries. The development of technology has changed
the way espionage is conducted where states now spy on
their enemies by using more sophisticated methods such
as drones and spy balloons. For years, state and non-state
actors have been engaging in spying to gain information,
assess potential threats, and prepare for attacks [3]. Essen-
tially, throughout history, states have continued to engage in
clandestine activities against each other through spying and
sabotaging [4]. This type of practice has long been viewed
as an attribute of warfare, state intelligence and combatant
engagement. The race towards digitalisation and the emer-
gence of disruptive technologies are now viewed to be an
1 Introduction
Cyber espionage is coined as a type of cyber warfare that
includes disruptions, surveillance, damage, and deletion of
information. Cyber espionage threats are powerful enough
to immobilise a state and disrupt the running of critical
national infrastructures, where the sabotage of one sector
may result in total system failure, data leakage, and even
system harm. If one sector fails, it would cause a domino
eect on other critical sectors which could result in a national
catastrophe. The European Union Agency for Cybersecurity
(ENISA) denes it as a type of threat committed by using a
computer network to gain illicit access to condential infor-
mation usually held by state governments or organisations
[1]. Such information or intelligence refers to information
which is of military, political and economic value. The
Wan Rosalili Wan Rosli
rosalili2301@gmail.com; w.r.wanrosli@bradford.ac.uk
1 School of Law, Faculty of Management, Law and Social
Sciences, University of Bradford, Bradford, UK
Abstract
Cyber espionage has signicantly been viewed as a risk towards nation-states, especially in the area of security and
protection of Critical National Infrastructures. The race against digitisation has also raised concerns about how emerging
technologies are dening how cyber activities are linked to waging warfare between States. Real-world crimes have since
found a place in cyberspace, and with high connectivity, has exposed various actors to various risks and vulnerabilities,
including cyber espionage. Cyber espionage has always been a national security issue as it does not only target States but
also aects public–private networks, corporations and individuals. The challenge of crimes committed within the cyber
realm is how the nature of cybercrimes distorts the dichotomy of state responsibility in responding to cyber threats and
vulnerabilities. Furthermore, the veil of anonymity and emerging technologies such as articial intelligence have further
provided opportunities for a larger scale impact on the state for such crime. The imminent threat of cyber espionage is
impacting the economic and political interactions between nation-states and changing the nature of modern conict. Due
to these implications, this paper will discuss the current legal landscape governing cyber espionage and the impact of the
use of articial intelligence in the commission of such crimes.
Keywords Cyber espionage · Articial intelligence · Cyber operations · Warfare · International law
Received: 1 July 2024 / Accepted: 16 November 2024 / Published online: 8 January 2025
© Crown 2025
Waging warfare against states: the deployment of articial
intelligence in cyber espionage
Wan Rosalili WanRosli1
1 3
Content courtesy of Springer Nature, terms of use apply. Rights reserved.
AI and Ethics (2025) 5:47–53
expansion of the term cyber warfare. This also meant that
nation-states began to move their focus to the protection
of sectors within the critical national infrastructure which
required special cyber protection and security.
In combination with the growing sophistication of cyber
actors and activities, it further expands opportunities for
coordinated and advanced attacks that can speedily disrupt
the operational eciency of designated critical national
infrastructure e.g., the operation of the nancial markets,
electricity, security infrastructure and general elections [5].
When cyber espionage is part of a broader military cam-
paign it can also lead to disruption of public infrastructure
and property [6]. Cyber espionage attacks can be motivated
by monetary value or may also be deployed in conjunction
with military operations, or as an act of cyber terrorism or
cyber warfare.
Espionage has become an imminent threat and risk to
nations, especially in understanding how technology shares
and inuences the relationship between states. Many nations
and international bodies around the world have created their
own denition of cyber espionage and it has been proven to
be dicult to reach a consensus due to the secretive nature
of espionage and its relation to warfare. On the other hand,
states have also argued that cyber espionage tactics may be
used by intelligence services to protect national security by
preventing terrorist attacks [7]. It can also be used in war
where the information collected from the enemy can be used
successfully to gain warfare advantage [8]. With the real-
ization of the opportunities that cyberspace oers, govern-
ments across the world are building on cyber-forces, which
are tasked with accomplishing their national cybersecurity
policy goals and intelligence agendas [9].
Against this backdrop, the implications for international
security are serious and far-reaching. As nation-states con-
tend for dominance in cyberspace and geopolitical tensions
escalate, the risk of Articial Intelligence (AI) -enabled
cyber activities will unarguably exacerbate tensions. The
potential for misattributed attacks, unintended escalation,
and the increase of cyber operations threatens to destabi-
lise the balance of power and heighten the risks of conict
escalation [10]. It is imperative to therefore identify the
emergent contours of warfare in the digital age and develop
sound strategies for safeguarding international security.
2 International law and the waging of wars
between states
Espionage has always been a feature of interstate relations
deeply rooted in secret intelligence-gathering activities con-
ducted between states. Article 2 of the 1945 Charter of the
United Nations (UN Charter) explicitly explained that all
member states should refrain from using force or threats that
encroach on another state's territorial integrity or political
independence. Despite the availability of an international
framework for the governance of espionage, specic treaties
and conventions addressing the intrusion are notably absent.
The commission of espionage however is dealt with under
principles of international humanitarian law, sovereignty
and customary practices.
The concept of espionage also violates the duty of non-
intervention which was also mandated under the UN Char-
ter. Jamnejad and Wood [11] explains that the principle of
non-intervention includes the right to sovereignty, territo-
rial integrity and political independence of every State. The
principle has also been accepted to apply to cyber opera-
tions. However, the non-intervention principle only applies
to States as it is an inter-state doctrine. Any activities con-
ducted by non-state actors do not apply unless through the
doctrine of attribution in international law. Within the con-
text of state-sponsored cyber operations, which target indi-
viduals and companies, the non-intervention principle does
not apply as it does not aect the state’s exclusive rights
to sovereign functions [12]. To date, in so far cyber opera-
tions such as cyber espionage, states have only responded to
attacks violating the states' ability to exercise their sovereign
powers [12]. This can be seen by the response of the Not-
Petya attack targeting Ukraine's critical national infrastruc-
tures which was labelled as an act disregarding Ukrainian
sovereignty as appose to the spear shing attack campaign
aimed at private universities, companies and NGOs by Iran
which was not to be said a violation of international law
[13].
The principle of non-intervention and its requirement
of fullling the element of violation of sovereignty proves
challenging as the nature of cyberspace which allows covert,
anonymous and remote operations which can also go beyond
borders. Furthermore, careful investigations and coopera-
tion between international partners are crucial in order to
track and nd the perpetrators. Recent attacks have shown
more coercive and intrusive patterns where these intrusions
often target the critical national infrastructure of States such
as transportation, energy and manufacturing [13]. However,
Oorsprong [14] highlighted that espionage could hardly be
considered as an international crime as underlying reasons
for collecting the information would usually not constitute
to interference or violate the non-intervention principle.
Regardless of the argument of how cyber operations such
as cyber espionage would go against international law prin-
ciples, the majority of states have always viewed espionage-
like acts to be an important element in maintaining peace,
stability and security between nation-states. Interestingly,
Hernandez [15] and Scott [16] have also highlighted that
the practice of espionage between states is legal on the basis
1 3
48
Content courtesy of Springer Nature, terms of use apply. Rights reserved.
AI and Ethics (2025) 5:47–53
of anticipatory or pre-emptive self-defence. Such belief is
derived from the power of knowing the ability and strength
of other states can be determined, and the balance of power
and status quo can be achieved which results in non-con-
frontational behaviour [17].
Apart from nation-states engaging in espionage, non-
state actors also have the ability to take part in espionage
activities. However, nation-states will always play a central
role in conicts among states due to the nancial, techno-
logical and cyber capabilities to conduct sophisticated oper-
ations and share geopolitical dynamics in cyberspace. Rauta
[17] contends that these proxy groups and non-state actors
engage in warfare through sponsorship of the state to pre-
vent attribution. These entities would carry out covert activ-
ities, data mining, and cyber-attacks to advance the strategic
interest on behalf of the sponsoring state. It must be noted
that actions or behaviour which could be triggering an act of
war would be instances where unfriendly economic or com-
mercial actions or any behaviour that insults national price.
However, acts of cyber espionage are stealthier rather than
traditional warfare which is more transparent. This in turn
blurs the line of retaliation and response due to the targets
are usually private companies and not directly towards the
State.
In another sphere, the dichotomy between developed and
developing nations adds another division to the conversa-
tion. Spectres of superiority and dominance between states
have contributed to the ongoing geopolitical and cyber-dip-
lomatic struggles globally. Superiority is being determined
by one nation’s economic, political and military strength
which has led to conversations and debates on cyber gov-
ernance [18]. States such as China and Russia have resorted
to diverse covert activities to gain economic and techno-
logical power. The advancement of technology has broken
traditional barriers, and the cyberspace environment now
oers states the opportunity to take advantage of such cyber
capabilities [19]. This has inherently sparked the need for a
unied framework to govern cybercrime in the form of the
world’s rst international cybercrime treaty [20].
3 Proliferation of articial intelligence (AI)
in cyber espionage
The convergence of law and technologies has brought about
various implications and challenges. The use of emerging
technologies aorded by AI has proven to be the holy grail
in combatting crimes within the real world and cyberspace.
It also has become an integral part of society, driving inno-
vations across sectors including legal or illegal cyber opera-
tions. The deployment of AI in the ght against cybercrime
has also facilitated the investigation of crimes committed
in cyberspace, especially for entities that hide behind the
shadows of cyberspace and their digital footprints. The
Swiss Federal Intelligence Service (FIS) Annual Situation
Report (2023) highlighted that espionage is driven by vari-
ous motives which involve various aims such as economic
and political superiority. The FIS also contended that the
availability of new emerging technologies acts as a sand-
box for various actors to develop new solutions to problems
including the need for states to focus on lingering military
conict [21].
The use of AI aids in detecting cyber espionage including
the use of biometric recognition technologies such as facial
detection to sift through data available online and provide
immediate notication [22]. The emergence of Generative
AI (GenAI) has completely changed the landscape of com-
mission and protection against cyber espionage. GenAI has
revolutionised tools and solutions used by States to safe-
guard their systems from inltration [23]. Such technology
provides defence against automation, cybersecurity report-
ing, threat intelligence, identication of attacks, incidence
response and malware detection. Apart from that, GenAI
has also unleashed both known and unknown cyberattack
vectors in the form of automated hacking, code-adapting
malware and AI-crafted phishing e-mails.
The increased dependency on AI has provided law
enforcement agencies with the tools to ght cybercrime
more eectively. New emerging technologies such as build-
in cyber espionage search engines which eliminates cum-
bersome elements of extracting information-laden threats
and discovering digital footprints of oenders in order to
link the relevant information which is time-consuming [23].
The use of such technology has broken barriers of time-con-
suming work with the capability of shifting through unlim-
ited volumes of data, the least amount of time and minimal
resources to track down leads for any vulnerabilities and
threats against the State [23]. This has also led to the eradi-
cation of threats of violence and improve security measures
within the State.
The duality impact of AI must also be recognised. AI
has proven to be lethal, especially in coordinating cyber-
attacks via sophisticated algorithms that can penetrate even
the most complex security systems, data theft of sensitive
information such as state secrets or military capability infor-
mation, and disruption of multisector services [24]. Sam-
uel-Okon et al. [25] contend that AI-driven malware can
evade traditional detection methods and cause extensive
damage as it has the capability to adapt and evolve caus-
ing widespread data breaches. AI algorithms can analyse a
vast amount of data derived from various sources such as
public records, network trac and social media in order to
identify potential targets. These algorithms can also develop
stealthy tools to inltrate and bypass security defences and
1 3
49
Content courtesy of Springer Nature, terms of use apply. Rights reserved.
AI and Ethics (2025) 5:47–53
National Counterintelligence Executive has also high-
lighted that cyber espionage heightens the risk to interna-
tional peace and security [31]. The United Nations Special
Rapporteur on Counterterrorism and Human Rights have
also called for a legal response to spyware proliferation.
However, it must be noted that the line between lawful and
unlawful cyber espionage or intrusions remains unclear.
With the current economic and political global landscape,
states have now turned to engage in diverse cyber activities
on the pretext of national security [32]. Apart from relying
on traditional laws such as national legislation and statutes
to govern cybercrimes, states have now moved to various
other mechanisms in addressing cybersecurity matters such
as devising cybersecurity strategies in the form of state poli-
cies in order to maintain cyber resilience across sectors [32].
A cybersecurity strategy uses a top-down approach which
contains objectives and protocols in order to protect a state's
critical national infrastructure. The strategy is designed to
maximise the security and resilience of a nation by outlining
the duties and obligations of major stakeholders within the
state ecosystem [33]. States also view that having a strategy
in place is a proactive approach to mitigate the risks and
threats of cyber-attacks. Furthermore, such strategies also
recognises the ever-evolving advancement of technologies
and continuously devise ways for the state to adapt and
align with national security.
The Assange and Snowden leak has revealed the gravity
of intrusion and data breach to states which motivates them
to seek a harmonised approach to regulate and mitigate the
risk of cyber espionage. States have now moved towards the
curtailing of remote access cyber espionage by deploying
state-of-the-art technologies to restrict such operations. In
2023, aware of the risk on inltration and the risk of espio-
nage to national security, the United States passed the Presi-
dential Initiative for Democratic Renewal which intends to
control the misuse of technology and digital authoritarianism
[32]. The Initiative also aims at combatting digital domina-
tion which includes an executive order to prohibit the use of
spyware which poses a risk to national security. Apart from
that, the United States also enacted the Espionage Act which
restricts the access and disclosure of information which can
be used against the United States or provide undue advan-
tage to a foreign state which would compromise national
security [34]. The former United States National Security
Agency contractor, Edward Snowden was charged under
this Act, but has yet to face trial due to being granted the
right of asylum in Russia.
Traditional legislation governing cyber espionage can be
found in every country in one form or another. In China,
cyber espionage is governed under the National Intelligence
Law 2017 which aims to strengthen and safeguard national
intelligence work and preserve state security and interest
intrusion detection systems. Moisset [26] contends that AI
algorithms can assist in prioritising targets based on factors
such as potential intelligence value, susceptibility to exploi-
tation and signicance. Catalano et al. [27] highlighted that
adversarial machine learning also enables attackers to evade
signature-based detection.
AI is no longer conned to science ction but is now a
critical component of military strategy. Nations are actively
integrating AI into their defense capabilities, leading to
a paradigm shift in how wars are fought. In recent years,
characterized by rapid technological advancement, the
emergence of AI and cyber espionage has become a den-
ing feature of modern warfare and international security
[28]. As nations increasingly harness the power of AI to
bolster their defense capabilities and conduct intelligence
operations, the landscape of conict has evolved to another
dimension—one where states use various means to try and
gather information from other states without consent [28].
The emergence of GenAI has also changed the landscape
of the commission and protection against cyber espionage.
GenAI-aided attacks have now unleashed both known and
unknown cyberattack vectors. Gupta et. al highlighted that
GenAI acts as a double-edged sword in cybersecurity as it
facilitates and benets both sides of the coin [28]. Nation
states have now moved to GenAI tools to safeguard their
systems from inltration. Information gathered from Large
Language Models (LLM) trains intelligence data such as
risk, vulnerabilities and prediction of attacks [28]. States
now have the capability to process large information to
enhance their intelligence response and even predict emerg-
ing and future threats [29]. Furthermore, such advanced
technology is also important in developing eective ethical
guidelines for strengthening cyber defense within a system
[30]. According to Gupta, the use of GenAI provides sup-
port in cyber defense automation, cybersecurity reporting,
threat intelligence, identication of cyber-attacks, incident
response guidance and even malware detection [30].
The worldwide movement to govern the use of AI has
also impacted the way the State responds to the use of GenAI
in the commission of cyber espionage. The legal guidelines
and practices such as the EU AI Act aim to give clear guide-
lines on the misuse and responsibility of users when using
such technology. Such moves have leveraged the use of
such technology and have also pushed states to give clear
guidelines on the use of such emerging technology.
4 The legal response to cyber espionage
Eective governance of cybercrimes and cyber opera-
tions have been at the forefront of every nation, especially
in eradicating national security threats. The Oce of the
1 3
50
Content courtesy of Springer Nature, terms of use apply. Rights reserved.
AI and Ethics (2025) 5:47–53
group that is linked to the Russian Intelligence Service.
Their primary aim is to target U.S. political organisations
and European military organisations through zero-day vul-
nerabilities and malware drop websites disguised as new
sources.
The response to such invasive actions can be both
military and non-military. Non-military responses would
include diplomatic measures such as demarches and expel-
ling diplomats, legal actions such as cybercrime legisla-
tion and international legal cooperation, cyber defence and
counterintelligence and also economic sanctions. However,
the unequal level of digital capacity between nation-states
also serves as a barrier to eorts of harmonisation of the
law and better governance of cyber espionage. The chal-
lenges dier across regional boundaries considering limited
resources, technical capabilities, and other social realities.
A general lack of awareness of cybersecurity best practices
also leaves many states vulnerable.
5 International security and cyber
espionage governance
The ever-evolving threat of cyber espionage cannot be
denied especially within the realm of cybersecurity with
implications that could range from national security to
political and economic stability. This type of cyber opera-
tion has been a common practice by states and non-state
actors who practice recognisance activities to measure the
strength and capability of other adversaries. From using
old tactics such as sending agents into other jurisdictions
to gather intelligence to the emergence of new technologies
which transcend the recognition of borders and time, cyber
espionage has time and time again proven to be a risk that
needs to be managed.
Calls for criminalisation and clear classication of this
cyber operation have led to eorts to harmonise interna-
tional perspectives due to domestic laws being insucient
to address the challenges to national security, privacy and
data protection and extraterritorial jurisdiction. The appar-
ent global digital divide and access to justice for all must
also be addressed. The best way forward would be to have
a treaty to govern and clearly outline the use of emerging
technology in the commission of cyber espionage. How-
ever, eorts to materialise an international treaty to govern
such cybercrime pose a multitude of challenges due to the
dierent interests and priorities of states especially in the
area of sovereignty and security. Scholars have highlighted
that a more realistic approach would be to completely pro-
hibit cyber espionage and have in place norms and practices
agreed upon by all states. Greiman (2018) further states that
if States want non-binding responsibilities in cyberspace,
[35]. Interestingly, the law also attempts to balance the secu-
ritization of sectors to the protection of human rights and the
interest of individual citizens. In Russia, the Criminal Code
of the Federation, Law NO. FZ-190 criminalise espionage
and it is seen as treason. The law includes acts of assisting
foreign states, disclosure of national secrets or anything that
would be detrimental to the security of the Russian Federa-
tion [36].
The European Union has also taken steps to regulate
cyber espionage when recently the European Parliament
called for a stricter approach to the use and abuse of spy-
ware. Furthermore, in February 2024, the United Kingdom
and France, hosted nation states, regional organizations and
other stakeholders in an inaugural conference to tackle the
proliferation and irresponsible use of commercial cyber
intrusion tools and services [37]. The conference also led
to the signing of the cyber declaration—The Pall Mall Pro-
cess: Tackling the Proliferation and Irresponsible Use of
Commercial Cyber Intrusion Capabilities [38].
The Dutch Military Intelligence and Security Service
(MIVD) highlighted that Western governments, defence
companies and international organisations are now being
targeted with cyber espionage [39]. MIVD also contended
within it 2024 annual report that Chinese spies has recently
targeted Dutch semiconductor, aerospace and maritime
industries in order to gather intelligence in strengthening its
armed forces. However, China have always routinely denied
any form of allegations relating it to cyber espionage [40].
The rst quarter of the year has also seen Western govern-
ments especially within Europe being under siege by cyber-
attacks and operations of espionage. The United Kingdom
Ministry of Defence has also suered cyberattacks which
exposed the sensitive data of thousands of its troops [40].
The breach targeted the weakness of a third-party contractor
who runs the payroll systems for the Ministry which leaked
more than 270,000 data of former and current armed forces
members. Germany was also targeted when a 38-min audio
recording of four top military personnel discussing the sup-
port for Ukraine including using missiles to attack Russia
[40].
The legal response to cyber espionage takes many forms
and challenges. Apart from what has been discussed above,
such attacks depend on the type of cyber operations and
whether the implications are conned to the national level
or have impacted internationally. For example, an Iranian-
based group named Helix Kitten has been notorious for
targeting companies or organisations within the sectors of
transportation, nance, hospitality and telecommunications
and using sophisticated methods via structured spear-phish-
ing attacks to targeted personnel. Another national state
actor, which is an organisation that is supported by a specic
nation is a group labelled as Fancy Bear, a Russian-based
1 3
51
Content courtesy of Springer Nature, terms of use apply. Rights reserved.
AI and Ethics (2025) 5:47–53
of Interpretation of Customary International Law, pp. 105–136.
Cambridge University Press, Cambridge (2022)
4. Fjäder, C.: The nation-state, national security and resilience in the
age of globalisation. Resilience 2(2), 114–129 (2014). h t t p s : / / d o i
. o r g / 1 0 . 1 0 8 0 / 2 1 6 9 3 2 9 3 . 2 0 1 4 . 9 1 4 7 7 1
5. Baker, M.S., Baker, J., Burkle, F.M., Jr.: Russia’s hybrid warfare
in Ukraine threatens both healthcare & health protections pro-
vided by international law. Ann. Glob. Health 89(1), 1–6 (2023)
6. Harknett, R.J., Smeets, M.: Cyber campaigns and strategic out-
comes. J. Strateg. Stud. 45(4), 534–567 (2022). h t t p s : / / d o i . o r g / 1 0
. 1 0 8 0 / 0 1 4 0 2 3 9 0 . 2 0 2 0 . 1 7 3 2 3 5 4
7. Byman, D.: How to think about state sponsorship of terrorism. In:
Survival: August 2023, pp. 101–121. Routledge (2023).
8. Byman, D., Wittes, B.: Reforming the NSA: how to spy after
Snowden. Foreign A. 93, 127 (2014)
9. Liebetrau, T.: Organizing cyber capability across military and
intelligence entities: collaboration, separation, or centralization.
Policy Des. Pract. 6(2), 131–145 (2023). h t t p s : / / d o i . o r g / 1 0 . 1 0 8 0 /
2 5 7 4 1 2 9 2 . 2 0 2 2 . 2 1 2 7 5 5 1
10. Eglo, F.J., Smeets, M.: Publicly attributing cyber attacks: a
framework. J. Strateg. Stud. 46(3), 502–533 (2023). h t t p s : / / d o i .
o r g / 1 0 . 1 0 8 0 / 0 1 4 0 2 3 9 0 . 2 0 2 1 . 1 8 9 5 1 1 7
11. Jamnejad, M., Wood, M.: The principle of non-intervention.
Leiden J. Int. Law 22(2), 345–381 (2009)
12. Moulin, T.: Reviving the principle of non-intervention in cyber-
space: the path forward. J. Conict Secur. Law 25(3), 423–447
(2020)
13. Hüsch, P.: Non-intervention thresholds in cyberspace—in the
shadow of the sovereignty debate? Nord. J. Int. Law 92(3), 371–
393 (2023)
14. Oorsprong, F., Ducheine, P., Pijpers, P.: Cyber-attacks and the
right of self-defense: a case study of the Netherlands. Policy Des.
Pract. 6(2), 217–239 (2023). h t t p s : / / d o i . o r g / 1 0 . 1 0 8 0 / 2 5 7 4 1 2 9 2 . 2
0 2 3 . 2 1 7 9 9 5 5
15. Hernandez, R.K.C.: Insecurity Within the Security Community:
A Comparative Analysis of NATO and the Five Eyes Alliance.
Webster University (2021)
16. Scott, E.C.: Corporate espionage by drone: why corporations need
better physical and legal protections. Miss. LJ 91, 171 (2022)
17. Roscini, M.: International Law and the Principle of Non-Inter-
vention: History, Theory, and Interactions with Other Principles.
Oxford University Press, Oxford (2024)
18. Rauta, V.: Towards a typology of non-state actors in ‘hybrid war-
fare’: proxy, auxiliary, surrogate and aliated forces. Camb. Rev.
Int. A. 33(6), 868–887 (2020). h t t p s : / / d o i . o r g / 1 0 . 1 0 8 0 / 0 9 5 5 7 5 7
1 . 2 0 1 9 . 1 6 5 6 6 0 0
19. Ifeanyi-Ajufo, N.: Going beyond borders: jurisdiction in cyber-
space. GIMPA Law Rev. 3, 133–156 (2017)
20. Marcén, A.G.: The Budapest convention and the UN cybercrime
convention negotiations. In: Global Cybersecurity and Interna-
tional Law, pp. 174–192. Routledge (2024).
21. The Federal Council.: Switzerland’s Security 2023”: The Federal
Intelligence Service publishes its latest situation report. Admin.
ch. (2023). h t t p s : / / w w w . a d m i n . c h / g o v / e n / s t a r t / d o c u m e n t a t i o n / m
e d i a - r e l e a s e s . m s g - i d - 9 5 9 8 4 . h t m l
22. Rawat, R., Mahor, V., Chirgaiya, S., Garg, B.: Articial cyber
espionage based protection of technological enabled automated
cities infrastructure by dark web cyber oender. In: Al-Turjman,
F., Nayyar, A., Devi, A., Shukla, P.K. (eds.) Intelligence of Things:
AI-IoT Based Critical-Applications and Innovations. Springer,
Cham (2021). https:/ /doi.or g/10.10 07/97 8-3-030-82800-4_7
23. Gohil, T.: Emerging threats and Unseen Risks: Protecting your
Business Data from the Evolving Lanscape of Cyber Espionage.
LinkedIn (2024). h t t p s : / / w w w . l i n k e d i n . c o m / p u l s e / e m e r g i n g - t h r e
a t s - u n s e e n - r i s k s - p r o t e c t i n g - y o u r - b u s i n e s s - - r h c j c % 3 F t r a c k i n g I d =
therefore their actions and practice must demonstrate their
willingness to achieve that goal.
The increasing reliance on articial AI by state intelli-
gence would depend on the capability and operationalisa-
tion of intelligence activities. States will invest and focus on
advancing their technological resources which will enhance
their cyber power and international presence. This means
that in the coming years, there will be an urgent need to
nation states, international organizations and other stake-
holders to consider a normative framework for the use of
such capabilities. Furthermore, AI governance is vital as a
way forward to invest in the development of AI resources.
The passing of the AI Act has provided an opportunity for
other states to also initiate their own strategies, policies and
legal framework in governing AI and other emerging tech-
nologies. Apart from nding ways to regulate technologies,
enhancing cybersecurity measures and deterring emergent
threats are also critical in ensuring eective governance of
cyber espionage. Collaborative intelligence is also essen-
tial to identify emerging risks and threats more eectively.
Finally, by fostering cybersecurity awareness, investment
in state-of-the-art defensive technologies and strengthening
international cooperation, states can mitigate the risks of
cyber espionage and create a more secure and trusted digital
ecosystem.
Funding The author has no relevant nancial or non-nancial interests
to disclose. No funding was received to assist with the preparation of
this manuscript.
Open Access This article is licensed under a Creative Commons
Attribution 4.0 International License, which permits use, sharing,
adaptation, distribution and reproduction in any medium or format,
as long as you give appropriate credit to the original author(s) and the
source, provide a link to the Creative Commons licence, and indicate
if changes were made. The images or other third party material in this
article are included in the article’s Creative Commons licence, unless
indicated otherwise in a credit line to the material. If material is not
included in the article’s Creative Commons licence and your intended
use is not permitted by statutory regulation or exceeds the permitted
use, you will need to obtain permission directly from the copyright
holder. To view a copy of this licence, visit h t t p : / / c r e a t i v e c o m m o n s . o
r g / l i c e n s e s / b y / 4 . 0 / .
References
1. ENISA Threat Landscape 2020—Botnet (2020). [Report/Study].
ENISA. h t t p s : / / w w w . e n i s a . e u r o p a . e u / p u b l i c a t i o n s / e n i s a - t h r e a t - l a
n d s c a p e - 2 0 2 0 - b o t n e t
2. Schmitt, M.N. (ed.): Tallinn manual on the international law
applicable to cyber warfare. Cambridge University Press, Cam-
bridge (2013)
3. Føllesdal, A.: The signicance of state consent for the legiti-
mate authority of customary international law. In: Merkouris,
P., Kammerhofer, J., Arajärvi, N. (eds.) The Theory, Practice,
and Interpretation of Customary International Law. The Rules
1 3
52
Content courtesy of Springer Nature, terms of use apply. Rights reserved.
AI and Ethics (2025) 5:47–53
34. Devanny, J., Martin, C., Stevens, T.: On the strategic conse-
quences of digital espionage. J. Cyber Policy 6(3), 429–450
(2021). https:/ /doi.or g/10.10 80/23 738871.2021.2000628
35. Greiman, V.A.: Cyber law and regulation. In: Lehto, M., Neit-
taanmäki, P. (eds.) Cyber Security: Critical Infrastructure Protec-
tion, pp. 59–78. Springer, New York (2022). h t t p s : / / d o i . o r g / 1 0 . 1 0
0 7 / 9 7 8 - 3 - 0 3 0 - 9 1 2 9 3 - 2 _ 3
36. Davies, P. H. J., Steward, T.: No War for Old Spies: Putin, the
Kremlin and Intelligence. RUSI (2022, May 20). h t t p s : / / r u s i . o r g h
t t p s : / / r u s i . o r g
37. Poireault, K.: Governments and Tech Giants Unite Against Com-
mercial Spyware. Infosecurity Magazine (2024, February 7). h t t p
s : / / w w w . i n f o s e c u r i t y - m a g a z i n e . c o m / n e w s / g o v e r n m e n t s - t e c h - g i a
n t s - a g a i n s t /
38. The Pall Mall Process: Tackling the Proliferation and Irrespon-
sible Use of Commercial Cyber Intrusion Capabilities (Lancaster
House, London, 6 Feb. 2024). (2024, February 6). France Diplo-
macy—Ministry for Europe and Foreign Aairs. h t t p s : / / w w w . d i p
l o m a t i e . g o u v . f r / e n / f r e n c h - f o r e i g n - p o l i c y / d i g i t a l - d i p l o m a c y / n e w s
/ a r t i c l e / t h e - p a l l - m a l l - p r o c e s s - t a c k l i n g - t h e - p r o l i f e r a t i o n - a n d - i r r e s
p o n s i b l e - u s e - o f
39. Reuters: Dutch Intelligence Say Chinese Cyber Espionage goes
than it suspected (2024). h t t p s : / / w w w . r e u t e r s . c o m / t e c h n o l o g y / c y
b e r s e c u r i t y / d u t c h - i n t e l l i g e n c e - s a y s - c h i n e s e - c y b e r - e s p i o n a g e - g o e
s - w i d e r - t h a n - i t - s u s p e c t e d - 2 0 2 4 - 0 6 - 1 1 /
40. Koninkrijksrelaties, M. van B. Z. en.: Annual report 2023 now
available—News item—AIVD.English.aivd.nl (2024, June 25).
h t t p s : / / e n g l i s h . a i v d . n l / l a t e s t / n e w s / 2 0 2 4 / 0 6 / 2 6 / a n n u a l - r e p o r t - 2 0 2
3 - n o w - a v a i l a b l e
Publisher's Note Springer Nature remains neutral with regard to juris-
dictional claims in published maps and institutional aliations.
f H n r 4 C g K R T 2 m V V Q 8 3 S w T y g % 2 5 3 D % 2 5 3 D / ? t r a c k i n g I d = f H n
r 4 C g K R T 2 m V V Q 8 3 S w T y g % 3 D % 3 D
24. Rosli, W.R.W.: Violent extremism and articial intelligence: a
double-edged sword in the context of ASEAN. Commonwealth
Cyber J. 46, 46–58 (2024)
25. Samuel-Okon, A.D., Olateju, O.O., Okon, S.U., Olaniyi, O.O.,
Igwenagu, U.T.I.: Formulating global policies and strategies for
combating criminal use and abuse of articial intelligence. Arch.
Curr. Res. Int. 24(5), 612–629 (2024)
26. Moisset, S.: How Security Analysts Can Use AI in Cybersecurity.
freeCodeCamp.Org (2023, May 24). h t t p s : / / w w w . f r e e c o d e c a m p .
o r g / n e w s / h o w - t o - u s e - a r t i c i a l - i n t e l l i g e n c e - i n - c y b e r s e c u r i t y /
27. Catalano, C., Chezzi, A., Angelelli, M., Tommasi, F.: Deceiving
AI-based malware detection through polymorphic attacks. Com-
put. Ind. 143, 103751 (2022). h t t p s : / / d o i . o r g / 1 0 . 1 0 1 6 / j . c o m p i n d .
2 0 2 2 . 1 0 3 7 5 1
28. Touvron, H., Lavril, T., Izacard, G., Martinet, X., Lachaux, M.-A.,
Lacroix, T., Rozière, B., Goyal, N., Hambro, E., Azhar, F., Rodri-
guez, A., Joulin, A., Grave, E., & Lample, G.: LLaMA: Open
and Ecient Foundation Language Models (arXiv:2302.13971)
(2023). arXiv. http:// arxiv.o rg/abs/ 2302. 13971
29. Patil, S.G., Zhang, T., Wang, X., Gonzalez, J.E.: Gorilla:
Large Language Model Connected with Massive APIs (2023).
arXiv. http:// arxiv.o rg/abs/ 2305. 15334
30. Gupta, M., Akiri, C., Aryal, K., Parker, E., Praharaj, L.: From
ChatGPT to Threatgpt: impact of generative AI in cybersecurity
and privacy. IEEE Access 11, 80218–80245 (2023)
31. Akkad, D.: Digital nightmare: the arab dissidents ruined by phone
hacking. Middle East Eye (2022, July 28). h t t p s : / / w w w . m i d d l e e a
s t e y e . n e t / b i g - s t o r y / d i g i t a l - n i g h t m a r e - a r a b - d i s s i d e n t s - l i v e s - t o r n - a
p a r t - h a c k i n g
32. Anstis, S.: Regulating transnational dissident cyber espionage.
Int. Comp. Law Q. 73(1), 259–274 (2024)
33. Miller, S.: Espionage: ends and means. In: The Ethics of National
Security Intelligence Institutions, pp. 89–104. Routledge (2024).
1 3
53
Content courtesy of Springer Nature, terms of use apply. Rights reserved.
1.
2.
3.
4.
5.
6.
Terms and Conditions
Springer Nature journal content, brought to you courtesy of Springer Nature Customer Service Center GmbH (“Springer Nature”).
Springer Nature supports a reasonable amount of sharing of research papers by authors, subscribers and authorised users (“Users”), for small-
scale personal, non-commercial use provided that all copyright, trade and service marks and other proprietary notices are maintained. By
accessing, sharing, receiving or otherwise using the Springer Nature journal content you agree to these terms of use (“Terms”). For these
purposes, Springer Nature considers academic use (by researchers and students) to be non-commercial.
These Terms are supplementary and will apply in addition to any applicable website terms and conditions, a relevant site licence or a personal
subscription. These Terms will prevail over any conflict or ambiguity with regards to the relevant terms, a site licence or a personal subscription
(to the extent of the conflict or ambiguity only). For Creative Commons-licensed articles, the terms of the Creative Commons license used will
apply.
We collect and use personal data to provide access to the Springer Nature journal content. We may also use these personal data internally within
ResearchGate and Springer Nature and as agreed share it, in an anonymised way, for purposes of tracking, analysis and reporting. We will not
otherwise disclose your personal data outside the ResearchGate or the Springer Nature group of companies unless we have your permission as
detailed in the Privacy Policy.
While Users may use the Springer Nature journal content for small scale, personal non-commercial use, it is important to note that Users may
not:
use such content for the purpose of providing other users with access on a regular or large scale basis or as a means to circumvent access
control;
use such content where to do so would be considered a criminal or statutory offence in any jurisdiction, or gives rise to civil liability, or is
otherwise unlawful;
falsely or misleadingly imply or suggest endorsement, approval , sponsorship, or association unless explicitly agreed to by Springer Nature in
writing;
use bots or other automated methods to access the content or redirect messages
override any security feature or exclusionary protocol; or
share the content in order to create substitute for Springer Nature products or services or a systematic database of Springer Nature journal
content.
In line with the restriction against commercial use, Springer Nature does not permit the creation of a product or service that creates revenue,
royalties, rent or income from our content or its inclusion as part of a paid for service or for other commercial gain. Springer Nature journal
content cannot be used for inter-library loans and librarians may not upload Springer Nature journal content on a large scale into their, or any
other, institutional repository.
These terms of use are reviewed regularly and may be amended at any time. Springer Nature is not obligated to publish any information or
content on this website and may remove it or features or functionality at our sole discretion, at any time with or without notice. Springer Nature
may revoke this licence to you at any time and remove access to any copies of the Springer Nature journal content which have been saved.
To the fullest extent permitted by law, Springer Nature makes no warranties, representations or guarantees to Users, either express or implied
with respect to the Springer nature journal content and all parties disclaim and waive any implied warranties or warranties imposed by law,
including merchantability or fitness for any particular purpose.
Please note that these rights do not automatically extend to content, data or other material published by Springer Nature that may be licensed
from third parties.
If you would like to use or distribute our Springer Nature journal content to a wider audience or on a regular basis or in any other manner not
expressly permitted by these Terms, please contact Springer Nature at
onlineservice@springernature.com
