1. Introduction

International Humanitarian Law (IHL) has long served as a foundational branch of contemporary international law, uniquely dedicated to protecting vulnerable groups affected by armed conflicts and upholding the intrinsic dignity of the human person. Among these, medical personnel and objects (MPO) have enjoyed privileged legal protection, given their essential role in preserving life and health and ensuring the continued operation of health services during hostilities.

In the modern era, however, the nature of warfare has been radically altered by the emergence of new technologies and the rise of cyber operations. Today, “cyber space”—to use the precise and scholarly term—has become an arena where states and non-state actors employ cyber means as potent tools in both interstate and intrastate conflicts. Numerous incidents, such as the widespread cyberattacks on health infrastructures in countries like Ireland, the Czech Republic, and most recently Ukraine, demonstrate the ever-growing threat landscape confronting the medical sector.

These transformations bring profound challenges to the practical application of IHL principles, as the regime was originally developed to address tangible, physical consequences of classical warfare, while the “digital consequences” of cyber warfare remained largely unregulated and ambiguous. Despite these challenges, the international community—exemplified by initiatives like the “Tallinn Manual 2” and the work of the International Committee of the Red Cross (ICRC)—has sought to adapt and extend recognized protective standards to the cyber context.



2. Research Gap and Objective

To date, Persian-language academic literature has not systematically or independently addressed the unique issue of legal protection of MPO in the context of cyber operations and attacks. This gap has become increasingly significant, as the exponential growth of cyber technologies in military operations threatens the adequacy and relevance of traditional IHL frameworks. Moreover, most prior research—whether domestic or international—has either broadly examined the technical and legal challenges posed by cyber technologies in IHL or focused on general obstacles for the development and regulation of international norms in cyberspace, often neglecting the specific vulnerabilities of medical actors and health data. This study directly aims to fill this gap, focusing on the provisions articulated in the “Tallinn Manual 2” (especially Chapter 18, Rules 131–134), critically analyzing the legal strategies for protecting MPO against cyber operations, and interrogating the structural and conceptual challenges IHL faces in this domain. The central question guiding the work is: What forms of protection does the Tallinn Manual 2 grant to medical personnel and objects in cyber operations, and what are the main challenges facing IHL in realizing these protections?



3. Methodology

The research follows a descriptive-analytical methodology based on systematic review and analysis of core legal texts (treaties, customary norms, ICRC commentaries, the Tallinn Manual 2 itself). The authors have structured the article following the sequential appearance of relevant rules in the Manual: 1) Assessment of the legal foundations and traditional/new protective measures for medical personnel, units, and medical transports; 2) Critical analysis of legal frameworks for the protection of computers, networks, and medical data; 3) Review of identification and digital marking processes for protected medical cyber assets; 4) Elaboration of the grounds and criteria for cessation of legal protection and critique of current practices. The findings are grounded in comparative legal analysis, practical case studies, and evidence-based recommendations for strengthening medical protection in cyberspace.



4. Key Findings

This study finds that while international humanitarian law (IHL) provides formal protection for medical personnel and objects (MPO)—notably through Article 8 of Additional Protocol I and customary Rules 25 and 26—applying these rules in cyberspace faces significant conceptual and practical challenges. The Tallinn Manual 2.0 both preserves and expands the core obligations of “respect” (to refrain from harmful interference) and “protection” (to actively guard against threats), explicitly extending them to cyber threats from all actors, state or non-state. Importantly, the Manual adopts an inclusive definition of “cyber operations,” encompassing not only direct destructive acts, but also system intrusions, misinformation campaigns, disruptions, and data manipulation or theft, thus addressing the complex reality of digital warfare. However, this breadth brings ambiguity: many disruptive activities, such as data deletion and denial-of-service, fall outside classical definitions of “attack” rooted in physical damage, leading to interpretive gaps and inconsistent enforcement across jurisdictions.

The research also highlights serious operational hurdles. There is currently no internationally agreed system for identifying or marking protected medical cyber assets, complicating both recognition and enforcement of their protected status, especially when trying to distinguish essential from non-essential functions in real time. The criteria for when medical objects or data lose protection—such as use for hostile purposes—remain vague, opening the door to subjective or opportunistic interpretations that threaten overall legal safeguards. Real-world cases, such as sustained cyberattacks on Ukraine’s health systems and severe ransomware incidents in Ireland and the Czech Republic, underscore these vulnerabilities and demonstrate the inadequacy of traditional, physically-oriented IHL to address the intangible—and often severe—harms of cyber operations. Altogether, these findings emphasize an urgent need for IHL to be clarified and updated, so that humanitarian protections for the medical sector remain robust and meaningful amid the evolving realities of cyber conflict.

5. Contribution to the Field

This article makes a pioneering contribution as the first systematic Persian-language analysis focused on the legal protection of medical personnel and objects (MPO) against cyber operations under international humanitarian law. By critically linking the principles of the Tallinn Manual 2 with real-world cases of cyberattacks on the health sector, the study highlights major gaps and ambiguities in current legal frameworks and the urgent need for adaptation. It not only identifies practical and conceptual shortcomings, but also proposes clear solutions: the development of new international treaties with precise definitions for cyber operations, the establishment of technical standards for digitally identifying protected health assets, the creation of rapid response and compensation mechanisms, and the promotion of independent oversight and international cooperation. The article also emphasizes the importance of targeted education and capacity building for both health and IT professionals, thus providing a comprehensive roadmap for both scholars and policymakers striving to strengthen the protection of the medical sector in the age of cyber conflict.



6. Conclusion

This study demonstrates that sole reliance on the text of traditional IHL and narrow interpretation of its rules cannot provide robust or comprehensive protection for MPO in the context of modern armed conflict. While the Tallinn Manual 2 is a significant contribution to clarifying the legal status of cyber operations, conceptual ambiguities, divergent state practices, lack of unified standards, and weak enforcement hinder its effectiveness. There is an urgent need for the international community—at both regulatory and oversight levels—to embrace the dynamic, multi-layered nature of cyberspace, to reconceptualize protective rules in light of digital realities, and to establish practical, operational mechanisms for rapid response and deterrence against new threats. In essence, the vitality and effectiveness of IHL in the digital age depends on ongoing evolution, legal flexibility, and technical and institutional innovation. In conclusion, despite the daunting challenges, adapting and evolving humanitarian law for cyberspace is both inevitable and indispensable. Recent lived experiences of conflict must be seen as opportunities for collective responsibility and realignment of humanitarian protections to the realities of our digital era.