List of articles

This page serves as the equivalent of a table of contents in a printed book. It contains an updated list of all substantive articles in the Toolkit.

1 About the project

• Main page
• FAQ
• Note on the structure of articles
• Glossary
• Short form citation
• Bibliography
• People

2 Scenarios

• Scenario 01: Election interference
• Scenario 02: Political espionage
• Scenario 03: Power grid
• Scenario 04: International organizations
• Scenario 05: Criminal investigation
• Scenario 06: Enabling State
• Scenario 07: Hacking tools
• Scenario 08: Certificate authority
• Scenario 09: Economic espionage
• Scenario 10: Cyber weapons
• Scenario 11: Surveillance tools
• Scenario 12: Computer data
• Scenario 13: Armed conflict
• Scenario 14: Ransomware campaign

3 Legal concepts

3.1 General international law

• Jurisdiction
• State responsibility
  • Attribution
    • State organs
    • Non-State actors
    • Evidence
  • Breach of an international obligation
  • Responses and justifications
    • Circumstances precluding wrongfulness
      • Consent
      • Self-defence (state responsibility)
      • Countermeasures
      • Force majeure
      • Distress
      • Plea of necessity
    • Retorsion
• Due diligence
• Sovereignty
• Prohibition of intervention
• Cyber operations not per se regulated by international law
  • Peacetime cyber espionage

3.2 Specialised regimes of peacetime international law

• International human rights law
• Diplomatic and consular law
• Law of the sea
• Air law
• Space law
• International telecommunications law

3.3 Use of force, conflict and international law

• International law on the use of force (jus ad bellum)
  • Armed attack
  • Self-defence
• International humanitarian law (jus in bello)
  • Conflict qualification
    • International armed conflict
    • Non-international armed conflict
  • Conduct of hostilities
    • Military objectives
    • Means and methods of warfare
      • Legal review of cyber weapons
  • Certain persons, objects and activities
  • Occupation
  • Neutrality
  • Criminal responsibility

4 Real-world examples

• 2019
  • Texas Municipality ransomware attack (2019)
• 2018
  • African Union headquarters hack (2018)
  • SamSam ransomware incidents (2018)
• 2017
  • French presidential election leak (2017)
  • WannaCry (2017)
  • NotPetya (2017)
  • Operation Cloudhopper (2017)
  • Ethiopian surveillance of journalists abroad (2017)
  • Wu Yingzhuo, Dong Hao and Xia Lei indictment (2017)
  • Triton (2017)
• 2016
  • DNC email leak (2016)
  • The Shadow Brokers publishing the NSA vulnerabilities (2016)
  • Industroyer – Crash Override (2016)
  • Operation Glowing Symphony (2016)
• 2015
  • The Hacking Team Hack (2015)
  • Power grid cyberattack in Ukraine (2015)
  • Bundestag Hack (2015)
  • Office of Personnel Management data breach (2015)
• 2014
  • Ukrainian parliamentary election interference (2014)
  • Chinese PLA Unit 61398 indictments (2014)
  • Sony Pictures Entertainment attack (2014)
  • Steel mill in Germany (2014)
• 2013 and before
  • Shamoon (2012)
  • DigiNotar (2011)
  • Stuxnet (2010)
  • Georgia-Russia conflict (2008)
  • Cyber attacks against Estonia (2007)

5 Keywords