Get a MacBook Air, $400 Amazon Gift Card, or Take $400 Off with OnDemand Training - Learn More

Reading Room

Subscribe to SANS Newsletters

Join the SANS Community to receive the latest curated cyber security news, vulnerabilities and mitigations, training opportunities, and our webcast schedule.

Active Defense

Featuring 11 Papers as of April 16, 2021

  • Israel's Attack on Hamas' Cyber Headquarters Under Customary International Humanitarian Law by Jonathan Matkowsky - November 21, 2019 

    During intense military fighting in May 2019, Israel stopped the Hamas organized-armed-group from harming Israeli sites as part of establishing offensive cyber capabilities in the Gaza Strip tied to its war effort. Israel attacked the headquarters from which Hamas’ cyber unit operated, including any information systems and related cyber-infrastructure in the facility. Under customary international humanitarian law, the attack on Hamas’ headquarters appears to be a cyber-specific example of a lawful military objective due to its inherent nature, as suggested by Prof. R. Chesney (2019). This paper discusses the principles of international humanitarian law—military necessity, humanity, distinction, and proportionality—applicable from an Israeli law perspective to the targeted strike on the Hamas’ cyber headquarters, including support that the principles have achieved the status of customary international humanitarian law. Israel did not disclose whether Hamas only used the facility for intelligence gathering tied to the war effort alone, or if that intelligence was also being used to develop cyber weapons. Both are inherently lawful military objectives under customary international humanitarian law, according to Prof. Dinstein (2016). A key takeaway is that applying the principles of customary international humanitarian law may sometimes favor using traditional military force, and other times favor using cyber activity.

  • View All Active Defense Papers

Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact

All papers are copyrighted. No re-posting or distribution of papers is permitted. Graduate Student Research - This paper was created by a SANS Technology Institute student as part of the graduate program curriculum.