Autonomous cyber capabilities – that is, cyber capabilities able to operate without real-time human
intervention – are currently being researched and developed by several states as a result of the
increasing use of artificial intelligence and autonomy in the military domain. Whereas these capabilities
are expected to be mainly employed to respond to malicious cyber operations, their use for defensive
purposes raises some legal challenges that deserve to be explored. This paper seeks to analyse
whether autonomous cyber capabilities can be used in compliance with international law to respond to
malicious cyber operations using unilateral measures of self-help. After briefly introducing the notion of
autonomous cyber capabilities and their current state of technological development, this paper will
consider whether autonomous cyber capabilities can be used in compliance with the law regulating self-defence,
countermeasures, plea of necessity and retorsions. As will be shown, their potential use in
circumstances precluding wrongfulness (i.e., self-defence, countermeasures and plea of necessity) is
highly problematic, as autonomous cyber capabilities seem to be currently unable to identify the
objective and subjective element of the malicious cyber operation (whether it amounts to an
internationally wrongful act and whether it is attributable to a state), and to calibrate their response in
the light of the principles of necessity and proportionality. Yet, it will be suggested that states may still
cautiously use autonomous cyber capabilities to carry out acts of retorsion.