Difference between revisions of "Main Page"

From International cyber law: interactive toolkit
Jump to navigation Jump to search
(fixed the separator in the right hand column :))
Line 99: Line 99:
 
<!-- INCIDENT 13-->
 
<!-- INCIDENT 13-->
 
<div id="mp-itn" style="padding:0.1em 0.6em;">[[File:Solarwinds.svg|left|150px]]
 
<div id="mp-itn" style="padding:0.1em 0.6em;">[[File:Solarwinds.svg|left|150px]]
On 13 December 2020, FireEye [https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html announced] the discovery of an ongoing supply chain attack that trojanized SolarWinds Orion business software updates in order to distribute malware. The [https://www.businessinsider.com/solarwinds-hack-explained-government-agencies-cyber-security-2020-12?r=US&IR=T victims] included many U.S. governmental organisations (such as the Department of Homeland Security, the Department of Energy, or the Treasury) and businesses (including Microsoft, Cisco, or Deloitte ). Once the systems were infected, hackers could transfer files, execute files, profile the system, reboot the machines, or disable system services. The U.S. government has [https://www.cisa.gov/news/2021/01/05/joint-statement-federal-bureau-investigation-fbi-cybersecurity-and-infrastructure attributed] the attack to an ‘Advanced Persistent Threat Actor, likely Russian in origin’. Even though the campaign’s full scope remains unknown, recovering from the hack and conducting investigations may take up to [https://www.technologyreview.com/2021/03/02/1020166/solarwinds-brandon-wales-hack-recovery-18-months/ 18 months]. In the Toolkit, data theft and cyber espionage against government departments are analysed in [[Scenario 02: Cyber espionage against government departments|Scenario 02]]. Given that private sector organizations were among the victims, [[Scenario 09: Economic cyber espionage|Scenario 09]] on economic cyber espionage is also relevant.</div>
+
On 13 December 2020, FireEye [https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html announced] the discovery of an ongoing supply chain attack that trojanized SolarWinds Orion business software updates in order to distribute malware. The [https://www.businessinsider.com/solarwinds-hack-explained-government-agencies-cyber-security-2020-12?r=US&IR=T victims] included many U.S. governmental organisations (such as the Department of Homeland Security, the Department of Energy, or the Treasury) and businesses (including Microsoft, Cisco, or Deloitte). Once the systems were infected, hackers could transfer files, execute files, profile the system, reboot the machines, or disable system services. The U.S. government has [https://www.cisa.gov/news/2021/01/05/joint-statement-federal-bureau-investigation-fbi-cybersecurity-and-infrastructure attributed] the attack to an ‘Advanced Persistent Threat Actor, likely Russian in origin’. Even though the campaign’s full scope remains unknown, recovering from the hack and conducting investigations may take up to [https://www.technologyreview.com/2021/03/02/1020166/solarwinds-brandon-wales-hack-recovery-18-months/ 18 months]. In the Toolkit, data theft and cyber espionage against government departments are analysed in [[Scenario 02: Cyber espionage against government departments|Scenario 02]]. Given that private sector organizations were among the victims, [[Scenario 09: Economic cyber espionage|Scenario 09]] on economic cyber espionage is also relevant.</div>
 
</option>
 
</option>
   

Revision as of 16:26, 7 April 2021

MainBanner.jpg


Welcome to the Cyber Law Toolkit, an interactive online resource on international law and cyber operations.

Other resources

  • FAQ – Frequently asked questions about the project and the Toolkit.
  • All articles – Updated list of all substantive articles in the Toolkit. In a printed book, this would be the table of contents.
  • Keywords – Overview of all keywords used across the Toolkit content. Serves the same purpose as an index would in a printed book.
  • Examples – List of real-world incidents that have inspired the analysis in the Toolkit.
  • Glossary – Glossary of the technical terms used in the Toolkit.
  • Short form citation – Abbreviated references for the most commonly used citations in the Toolkit.
  • Bibliography – Bibliography of resources used in the creation and development of the Toolkit.
  • People – List of all people involved in the project (including scenario authors, peer reviewers, research assistants...).