Difference between revisions of "Main Page"

From International cyber law: interactive toolkit
Jump to navigation Jump to search
(added Turla, US v Iran, and UN incidents)
(adding EU Council sanctions incident (2020))
(2 intermediate revisions by 2 users not shown)
Line 15: Line 15:
 
| id="mp-left" class="MainPageBG" style="width:50%; border:1px solid #bbceed; padding:0; background:#fffbc4; vertical-align:top; color:#000;" |
 
| id="mp-left" class="MainPageBG" style="width:50%; border:1px solid #bbceed; padding:0; background:#fffbc4; vertical-align:top; color:#000;" |
 
<h2 id="mp-tfa-h2" style="margin:0.5em; background:#bbceed; font-family:inherit; font-size:120%; font-weight:bold; border:1px solid #a3bfb1; color:#000; padding:0.2em 0.4em;">About the project</h2>
 
<h2 id="mp-tfa-h2" style="margin:0.5em; background:#bbceed; font-family:inherit; font-size:120%; font-weight:bold; border:1px solid #a3bfb1; color:#000; padding:0.2em 0.4em;">About the project</h2>
<div id="mp-tfa" style="padding:0.1em 0.6em;">The '''Cyber Law Toolkit''' is a dynamic interactive web-based resource for legal professionals who work with matters at the intersection of international law and [[Glossary#C|cyber operations]]. The Toolkit may be explored and utilized in a number of different ways. At its heart, it consists of 13 hypothetical [[:Category:Scenario|scenarios]], to which more will be added in the future. Each scenario contains a description of cyber incidents inspired by real-world examples, accompanied by detailed legal analysis. The aim of the analysis is to examine the applicability of international law to the scenarios and the issues they raise. You can see all scenarios in the box immediately below – just click on any of them to follow the relevant analysis. In addition, you may want to explore the Toolkit by looking for [[keywords]] you’re interested in; by viewing its overall [[List of articles|article structure]]; or by reading about individual [[List_of_articles#Real-world_examples|real-world examples]] that serve as the basis of the Toolkit scenarios. Finally, you may want to use the search function in the top right corner of this page to look for specific words across all of the Toolkit content.</div>
+
<div id="mp-tfa" style="padding:0.1em 0.6em;">The '''Cyber Law Toolkit''' is a dynamic interactive web-based resource for legal professionals who work with matters at the intersection of international law and [[Glossary#C|cyber operations]]. The Toolkit may be explored and utilized in a number of different ways. At its heart, it consists of 14 hypothetical [[:Category:Scenario|scenarios]], to which more will be added in the future. Each scenario contains a description of cyber incidents inspired by real-world examples, accompanied by detailed legal analysis. The aim of the analysis is to examine the applicability of international law to the scenarios and the issues they raise. You can see all scenarios in the box immediately below – just click on any of them to follow the relevant analysis. In addition, you may want to explore the Toolkit by looking for [[keywords]] you’re interested in; by viewing its overall [[List of articles|article structure]]; or by reading about individual [[List_of_articles#Real-world_examples|real-world examples]] that serve as the basis of the Toolkit scenarios. Finally, you may want to use the search function in the top right corner of this page to look for specific words across all of the Toolkit content.</div>
 
<h2 id="mp-dyk-h2" style="clear:both; margin:0.5em; background:#bbceed; font-family:inherit; font-size:120%; font-weight:bold; border:1px solid #a3bfb1; color:#000; padding:0.2em 0.4em;">Cyber law scenarios</h2>
 
<h2 id="mp-dyk-h2" style="clear:both; margin:0.5em; background:#bbceed; font-family:inherit; font-size:120%; font-weight:bold; border:1px solid #a3bfb1; color:#000; padding:0.2em 0.4em;">Cyber law scenarios</h2>
 
<div id="mp-dyk" style="padding:0.1em 0.6em 0.5em;">
 
<div id="mp-dyk" style="padding:0.1em 0.6em 0.5em;">
Line 45: Line 45:
 
<h2 id="mp-itn-h2" style="margin:0.5em; background:#bbceed; font-family:inherit; font-size:120%; font-weight:bold; border:1px solid #a3b0bf; color:#000; padding:0.2em 0.4em;">Featured incident</h2>
 
<h2 id="mp-itn-h2" style="margin:0.5em; background:#bbceed; font-family:inherit; font-size:120%; font-weight:bold; border:1px solid #a3b0bf; color:#000; padding:0.2em 0.4em;">Featured incident</h2>
 
<choose uncached>
 
<choose uncached>
<option>
+
 
<!-- INCIDENT 3-->
 
<div id="mp-itn" style="padding:0.1em 0.6em;">[[File:NCSC-GRU.png|left|150px]]
 
On 4 October 2018, the UK National Cyber Security Centre issued a [https://www.ncsc.gov.uk/news/reckless-campaign-cyber-attacks-russian-military-intelligence-service-exposed statement] accusing the Russian military intelligence service (generally referred to under its previous abbreviation GRU for ''Glavnoye razvedyvatel'noye upravleniye'') of a series of cyber attacks “conducted in flagrant violation of international law”. These attacks have ranged from [[DNC email leak (2016)|hacking the Democratic National Committee]] in the US and publishing its documents online, to attempting to compromise the UK Foreign and Commonwealth Office systems through a spearphishing attack, to using ransomware to cause disruption to Ukrainian public transport systems. Some of these attacks allegedly attributable to the GRU display factual pattern similar to several of the toolkit scenarios. In particular, [[Scenario 01: Election interference|Scenario 01]] considers the law relevant to electoral interference using cyber means; [[Scenario 02: Cyber espionage against government departments|Scenario 02]] considers the extent to which cyber espionage targeted against another State’s foreign ministry violates international law; and [[Scenario 03: Cyber attack against the power grid|Scenario 03]] looks at the extent to which disruption of public utilities and other critical infrastructure violates international law.</div>
 
</option>
 
 
<option>
 
<option>
 
<!-- INCIDENT 4-->
 
<!-- INCIDENT 4-->
 
<div id="mp-itn" style="padding:0.1em 0.6em;">[[File:CyberCommand.jpg|left|150px]]
 
<div id="mp-itn" style="padding:0.1em 0.6em;">[[File:CyberCommand.jpg|left|150px]]
Prior to the US midterm elections in 2018, the US Cyber Command implemented a new preventive strategy in order to protect the elections from foreign interference. According to the [https://www.nytimes.com/2018/10/23/us/politics/russian-hacking-usa-cyber-command.html media reports], the strategy was aimed at preventing Russian individuals from engaging in concerted disinformation campaigns. The targeted individuals were informed that their work and online conduct would be surveilled by the US authorities. However, the US officials did not disclose the number of individuals they had contacted nor the method of transferring the warning to the operatives concerned. [[Scenario 01: Election interference|Scenario 01]] of the Toolkit analyses whether specific forms of electoral interference abroad violate rules of international law and [[Scenario 06: Cyber countermeasures against an enabling State|scenario 06]] considers whether the victim State may engage in [[Countermeasures|countermeasures]] against an enabling State.</div>
+
Prior to the US midterm elections in 2018, the US Cyber Command implemented a new preventive strategy in order to protect the elections from foreign interference. According to the [https://www.nytimes.com/2018/10/23/us/politics/russian-hacking-usa-cyber-command.html media reports], the strategy was aimed at preventing Russian individuals from engaging in concerted disinformation campaigns. The targeted individuals were informed that their work and online conduct would be surveilled by the US authorities. However, the US officials did not disclose the number of individuals they had contacted nor the method of transferring the warning to the operators concerned. [[Scenario 01: Election interference|Scenario 01]] of the Toolkit analyses whether specific forms of electoral interference abroad violate rules of international law and [[Scenario 06: Cyber countermeasures against an enabling State|scenario 06]] considers whether the victim State may engage in [[Countermeasures|countermeasures]] against an enabling State.</div>
 
</option>
 
</option>
 
<option>
 
<option>
Line 79: Line 75:
 
<div id="mp-itn" style="padding:0.1em 0.6em;">[[File:Unemblem.gif|left|150px]]
 
<div id="mp-itn" style="padding:0.1em 0.6em;">[[File:Unemblem.gif|left|150px]]
 
On 29 January 2020, ''The New Humanitarian'' [https://www.thenewhumanitarian.org/investigation/2020/01/29/united-nations-cyber-attack?utm_source=The+New+Humanitarian&utm_campaign=c8dddbbc45-EMAIL_CAMPAIGN_2020_01_29&utm_medium=email&utm_term=0_d842d98289-c8dddbbc45-75573037 reported] that dozens of servers were “compromised” at the United Nations offices in Geneva and Vienna. The attack dated back to July 2019 and affected staff records, health insurance, and commercial contract data. According to an unnamed UN official cited in an Associated Press [https://apnews.com/0d958e15d7f5081dd612f07482f48b73 report] on the same day, the level of sophistication was so high that it was possible a State-backed actor might have been behind it. Within the Toolkit, [[Scenario 04: A State’s failure to assist an international organization|Scenario 04]] specifically considers a hypothetical situation in which an international organization falls victim to cyber attacks, the impact of which could and should have been averted by the host State.</div>
 
On 29 January 2020, ''The New Humanitarian'' [https://www.thenewhumanitarian.org/investigation/2020/01/29/united-nations-cyber-attack?utm_source=The+New+Humanitarian&utm_campaign=c8dddbbc45-EMAIL_CAMPAIGN_2020_01_29&utm_medium=email&utm_term=0_d842d98289-c8dddbbc45-75573037 reported] that dozens of servers were “compromised” at the United Nations offices in Geneva and Vienna. The attack dated back to July 2019 and affected staff records, health insurance, and commercial contract data. According to an unnamed UN official cited in an Associated Press [https://apnews.com/0d958e15d7f5081dd612f07482f48b73 report] on the same day, the level of sophistication was so high that it was possible a State-backed actor might have been behind it. Within the Toolkit, [[Scenario 04: A State’s failure to assist an international organization|Scenario 04]] specifically considers a hypothetical situation in which an international organization falls victim to cyber attacks, the impact of which could and should have been averted by the host State.</div>
 +
</option>
 +
<option>
 +
<!-- INCIDENT 10-->
 +
<div id="mp-itn" style="padding:0.1em 0.6em;">[[File:EUCouncil.png|left|150px]]
 +
On 30 July 2020, the Council of the European Union [https://www.consilium.europa.eu/en/press/press-releases/2020/07/30/eu-imposes-the-first-ever-sanctions-against-cyber-attacks/ decided] to impose restrictive measures against six individuals and three entities considered to be responsible for or involved in various hostile cyber operations. These included the [[Attempted hack of the OPCW (2018)|attempted hack of the Organization for the Prohibition of Chemical Weapons (OPCW)]] and the [[WannaCry (2017)|WannaCry]] and [[NotPetya (2017)|NotPetya]] incidents. The sanctions imposed included a travel ban and an asset freeze. In addition, EU persons and entities were prohibited from making funds available to those listed. This was the first time the EU has imposed restrictive measures of this kind. Within the Toolkit, [[Scenario 04: A State’s failure to assist an international organization|Scenario 04]] specifically considers a hypothetical situation in which an international organization falls victim to cyber attacks, and Scenario 17 (forthcoming) discusses the legality of targeted restrictive measures of this kind from the perspective of international law.</div>
 
</option>
 
</option>
 
</choose>
 
</choose>

Revision as of 08:20, 4 August 2020

MainBanner.jpg


Welcome to the Cyber Law Toolkit, an interactive online resource on international law and cyber operations.

Other resources

  • FAQ – Frequently asked questions about the project and the Toolkit.
  • All articles – Updated list of all substantive articles in the Toolkit. In a printed book, this would be the table of contents.
  • Keywords – Overview of all keywords used across the Toolkit content. Serves the same purpose as an index would in a printed book.
  • Examples – List of real-world incidents that have inspired the analysis in the Toolkit.
  • Glossary – Glossary of the technical terms used in the Toolkit.
  • Short form citation – Abbreviated references for the most commonly used citations in the Toolkit.
  • Bibliography – Bibliography of resources used in the creation and development of the Toolkit.
  • People – List of all people involved in the project (including scenario authors, peer reviewers, research assistants...).