With the proliferation of cyberattacks and other cyber threats, cybersecurity has gained global prominence recently as a buzzword to justify almost anything that countries do to safeguard their cybersecurity.

From country to country, laws are enacted to the extent that cybersecurity can be invoked to justify or defend such measures ranging from cyberattacks on suspected foreign websites to exercising extra-territorial prosecution of the suspected cyber-hackers. The amorphous nature of the term cybersecurity has given governments a "carte blanche" to take all desirable measures with the least political accountability and legal control. 

From the perspective of international law, the concept of cybersecurity is ambiguous and there's currently no clear-cut definition ascribed to it in international law. Before international regulation of cyberspace becomes a reality, nothing prevents states from applying their own intrusive laws.

Against this backdrop, we have been used to surprisingly vehement reactions against alleged cybersquatting. The United States is often seen to take the lead in combating cybersquatting. Therefore, when the U.S. side was reportedly about to enforce laws against alleged Chinese hackers, it was thought to be routine law enforcement against cybersquatting. 

However, when the U.S. Department of Justice on Dec. 20, accused two Chinese nationals, who were allegedly working for the Chinese government, of hacking NASA and other sensitive websites, the news caught immediate and worldwide attention. Up to now, the Chinese foreign ministry has denied the U.S. accusation. 

From the perspective of outside observers, the disputed fact is unclear and needs to be verified. What makes one feel a little bit uneasy is that there seems to be a coordinated effort among various U.S. agencies and U.S. allies. On the U.S. side, the inter-agency joint action was unusually reported in advance. The Washington Post on December 11 disclosed that a campaign against the online theft of intellectual property rights of U.S. firms by Chinese would be launched in a week. 

Later Michael Pillsbury, a China hand and advisor close to President Trump, denied that the campaign was associated with the trade talks between the U.S. and China by claiming it was a single incident based on the accumulated intelligence evidence over time. For outsiders, the timing of the accusation, the advance release of the campaign, as well as the well-coordinated efforts, suggest that the real fact is probably not that simple.

One has reason to speculate that the timing is a result of deliberation. Just at the moment, the two countries are about to sit at the negotiating table for a possible solution to the long-haul trade war. The actions led by the U.S. Justice Department was so well orchestrated, that many U.S. agencies and U.S. allies were involved, and even an often uncooperative media was made to play a part unintentionally. 

This incident is likely to be used as a chip in the trade talks for the purpose of compelling more concessions from the Chinese side. It could also be used to disrupt the atmosphere needed for a negotiated solution. Particularly, the hawkish Pillsbury at Hudson Institute came out to deny the suspected linkage between the incident and the trade talks. One's memory is still fresh from U.S. Vice President Mike Pence's harsh condemnation against China amid the huge tension between the two countries just months ago.

Besides the speculation, a lesson is to be learned – that is, cyberspace needs to be regulated internationally not only for hacking but for countermeasures to hacking. After all, neither the meaning nor the application of cybersecurity should be without a limit under international law. Cybersecurity has contextual, temporal, procedural and other substantive limits in international law. These limits not only restrict the prerogatives of states to invoke the term but also give cybersecurity an international dimension in international law.

Unfortunately, the possibilities are slight. In the eyes of the aides to Trump who has the final say about U.S. foreign policy, resorting to security regardless of international law is a natural choice. For example, Trump advisor John Bolton's hawkish attitudes towards international law are quite notorious. When he published his article titled “Is There Really Law in International Affairs?” in an academic journal in 2010, he was arguing that the United States itself does not recognize the validity of international law domestically. 

It seems that U.S. policymakers have been dominated, if not hijacked, by such hawkish aides since Donald Trump took power. Against this backdrop, while domestic instruments concerning cybersecurity can be conveniently used to pursue the perceived U.S. interests, it is unlikely that the U.S. is interested in seeing the international regulation of cyberspace.