Editing Scenario 02: Cyber espionage against government departments

Jump to navigation Jump to search

Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.

The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.

Latest revision Your text
Line 1: Line 1:
  +
A military unit of State B conducts a cyber espionage operation against State A’s Ministry of Foreign Affairs and its subordinate organizations. The data obtained in this operation is later published on the Internet.
__NUMBEREDHEADINGS__
 
  +
[[File:Enigma, 1923, Deutschland.JPG|thumb|Enigma, 1923. Photo by Peter Mitterhofer, (CC-BY-SA 4.0).]]A military unit of State B conducts a cyber espionage operation against State A’s Ministry of Foreign Affairs and its subordinate organizations. The data obtained in this operation is later published on the internet by State B.
 
The analysis considers whether State B’s operation violated sovereignty, the prohibition of intervention, and diplomatic and consular law. What measures, if any, can the victim State lawfully take in response?
+
The analysis considers whether State B’s operation violated diplomatic and consular law, sovereignty, and the prohibition of intervention.
  +
  +
 
== Scenario ==
 
== Scenario ==
   
 
=== Keywords ===
 
=== Keywords ===
Attribution, peacetime cyber espionage, diplomatic and consular law, prohibition of intervention, sovereignty, privacy
+
Cyber espionage, diplomatic and consular law, State responsibility, sovereignty, prohibited intervention
   
 
=== Facts ===
 
=== Facts ===
'''[F1]''' State A discovers that an email server and several other servers belonging to its Ministry of Foreign Affairs (MFA) have been infiltrated. (The MFA system is a closed system located in the territory of State A, with missions staff using VPN connection to access it.) Initially, the attackers are not identified. Investigation shows that the attackers gained access to the email server by obtaining passwords of several consular officers at State A’s missions abroad through spear phishing and fake log-on websites ('''incident 1''').
+
State A discovers that a mail server and several other servers belonging to its Ministry of Foreign Affairs (MFA) have been infiltrated. Investigation shows that the intruders gained access to the mail server by obtaining passwords of several consular officers at State A’s missions abroad through spear phishing and fake log-on websites (incident 1).
   
'''[F2]''' After gaining access, the intruders escalated account privileges and moved laterally through the network, which includes servers located both within State A's territory and on diplomatic and consular premises abroad. Within a few days, they gained access to additional MFA network servers and services provided in various countries abroad. They had access to data of various MFA personnel including senior officials for several months ('''incident 2''').
+
After gaining access, the intruders escalated their privileges and moved laterally through the network. Within a few days, they gained access to other servers and services. They had access to data of various MFA personnel including senior officials for several months (incident 2).
   
'''[F3]''' A large amount (over 10 GB) of unclassified data on MFA servers was exfiltrated, even though it is not immediately clear what precise data was affected by the incident ('''incident 3'''). No data was destroyed or encrypted and no MFA services were affected during the attack.
+
A vast amount (over 10 GB) of unclassified data was exfiltrated, even though it is not immediately clear what precise data was affected by the incident (incident 3). No data was destroyed or encrypted.
   
'''[F4]''' Nobody claims responsibility for the attack immediately after the MFA's discovery of the incident and publication of the fact that it has occurred. However, a few days later, emails, procurement documents, and internal memos belonging to the MFA of State A are published on the internet ('''incident 4''').
+
Nobody claims responsibility for the attack immediately after the discovery of the incident. However, a few days later, emails, procurement documents, and internal memos purportedly belonging to the MFA of State A are published on the Internet. (incident 4).
   
  +
Judging by the nature of the compromised data and by persons that were apparently of particular interest to the attackers, the attackers seem to have been located in or related to State B. Technical investigation suggests that the malware tools used were in the past employed by an entity affiliated with a military unit of State B. Following requests for information addressed to various CERTs around the world, State A’s authorities establish that similar attacks have been executed against central government institutions in several other countries. Earlier on, head of an allied intelligence service in State C had publicly accused State B of a cyber espionage campaign conducted by the above military unit against that State C’s MFA.
'''[F5]''' Multiple evidence points to State B:
 
*Technical investigation revealed the malware used by attackers in this case. The same malicious code was employed in the past during multiple campaigns by an entity affiliated with a military unit of State B. One of those campaigns was targeted against State C’s MFA.
 
*Earlier on, head of an allied intelligence service in State C had publicly accused State B of a cyber espionage campaign conducted by the state military unit against State C’s MFA.
 
*The attackers used tactics, techniques and procedures (TTPs) very similar to those observed in other attacks publicly attributed to State B by multiple countries including State A allies. Mimicking TTPs is much more difficult than tampering with other technical elements.
 
*Judging by the nature and content of the compromised data and by persons who were apparently of particular interest to the attackers, State A cybersecurity authority indicated State B as a logical and the most probable perpetrator of the attack against the MFA.
 
*State A intelligence service sources confirmed that State B institutions possessed information that was based on State A MFA’s internal data that was not in the public domain.
 
   
'''[F6]''' Both State A and State B are parties to the Vienna Convention on Diplomatic Relations (VCDR)<ref>[http://legal.un.org/ilc/texts/instruments/english/conventions/9_1_1961.pdf Vienna Convention on Diplomatic Relations] (adopted 18 April 1961, entered into force 24 April 1964), 500 UNTS 95.</ref> and the Vienna Convention on Consular Relations (VCCR).<ref>[http://legal.un.org/ilc/texts/instruments/english/conventions/9_2_1963.pdf Vienna Convention on Consular Relations] (adopted 24 April 1963, entered into force 19 March 1967), 596 UNTS 261.</ref>
+
Both State A and State B are parties to the Vienna Convention on Diplomatic Relations (VCDR)<ref>Vienna Convention on Diplomatic Relations (adopted 18 April 1961, entered into force 24 April 1964), 500 UNTS 95.</ref> and the Vienna Convention on Consular Relations (VCCR).<ref>Vienna Convention on Consular Relations (adopted 24 April 1963, entered into force 19 March 1967), 596 UNTS 261.</ref>
   
=== Examples ===
+
=== Similar real-world incidents ===
  +
''NB: Links in this section will go to separate pages for each of these incidents within the toolkit (for demonstration purposes only, they now link to Wikipedia pages on those topics).''
* [[Office of Personnel Management data breach (2015)]]
 
  +
* APT-29 attacks on ministries (2016-2017)
 
  +
* APT-29 attacks on ministries in 2016-2017
* Chinese infiltration into EU parliamentary proceedings (2018)
 
  +
* OPM hack
* [[SolarWinds (2020)]]
 
   
 
== Legal analysis ==
 
== Legal analysis ==
  +
The legal analysis focuses on the law of State responsibility, taking into account the sovereignty of State A, prohibition of intervention, and diplomatic and consular law as the applicable <i>lex specialis</i>.
   
  +
International humanitarian law is not analysed in detail. There is no ongoing armed conflict, nor do the incidents trigger the application of international humanitarian law. They do not amount to a use of force or an armed attack, because they are not severe enough to be comparable to a ‘physical’ use of force.
''For a general overview of the structure of analysis in this section, see [[Note on the structure of articles]].''
 
   
  +
=== State responsibility ===
'''[L1]''' The legal analysis focuses on a number of relevant international legal rules, including the obligation to respect the sovereignty of other States, the prohibition of intervention, inviolability under diplomatic law and privacy rights.
 
  +
<div class="mw-collapsible">
  +
{{:State responsibility}}
  +
</div>
   
=== Attribution ===
+
==== Attribution ====
  +
<div class="mw-collapsible">
{{#lst:Attribution|State organs}}
 
  +
{{:Attribution}}
  +
</div>
  +
The military unit of State B qualifies as an organ of that State.<ref>See, for example, ICRC Customary IHL Study, vol 1, 530–531 (“The armed forces are considered to be a State organ, like any other entity of the executive, legislative or judicial branch of government.”).</ref> As such, its relevant conduct is directly attributable to State B.<ref>Articles on State Responsibility, Art. 4(1); Tallinn Manual 2.0, commentary to rule 15, para. 1.</ref> The following analysis proceeds on the assumption that all incidents described in the scenario (incidents 1–4) were conducted by the said State B’s military unit.
   
  +
==== Breach of international obligation ====
'''[L2]''' The military unit of State B qualifies as an organ of that State.<ref>See, for example, [https://www.icrc.org/eng/assets/files/other/customary-international-humanitarian-law-i-icrc-eng.pdf ICRC Customary IHL Study, vol 1, 530–531] (“The armed forces are considered to be a State organ, like any other entity of the executive, legislative or judicial branch of government.”).</ref> As such, its relevant conduct is directly attributable to State B.<ref>ILC [http://legal.un.org/ilc/texts/instruments/english/commentaries/9_6_2001.pdf Articles on State Responsibility], Art. 4(1); [https://doi.org/10.1017/9781316822524 Tallinn Manual 2.0], commentary to rule 15, para 1.</ref> The following analysis proceeds on the assumption that all activities described in the scenario (incidents 1–4) were conducted by the said State B’s military unit and are therefore attributable to it.
 
  +
<div class="mw-collapsible">
  +
{{:Breach of international obligation}}
  +
</div>
  +
The following obligations based on treaty law and customary international law are considered:
   
  +
===== Diplomatic and consular law =====
=== Breach of an international obligation ===
 
   
  +
The Vienna Convention on Diplomatic Relations and the Vienna Convention on Consular Relations are considered to be broadly reflective of customary international law.<ref>See, for example, J Wouters, S Duquet, and K Meuwissen, “The Vienna Conventions on Diplomatic and Consular Relations” in AF Cooper, J Heine, and R Thakur (eds), The Oxford Handbook of Modern Diplomacy (OUP 2013) 510 (noting that VCDR’s and VCCR’s main provisions have acquired customary status); ICJ, United States Diplomatic and Consular Staff in Tehran [1980] ICJ Rep 3, 31–32 [62] (noting that the relevant obligations under the two treaties are “also obligations under general international law”).</ref> Therefore, even if State A or State B had not ratified these Conventions, the rules analysed below would still apply to their diplomatic and consular relations.
==== Diplomatic and consular law ====
 
{{#lst:Diplomatic and consular law|Inviolability}}
 
   
  +
International law protects the inviolability of documents and archives of diplomatic missions and consular posts.<ref>Art. 24 VCDR; Art. 33 VCCR.</ref> This includes any official correspondence, whether in electronic or paper form.<ref>Tallinn Manual 2.0, commentary to rule 41, para. 3. </ref> The international legal obligation to respect inviolability is unaffected by the frequent practice of States to conduct cyber espionage operations that violate this duty. This is because any such practice is regularly condemned by the victim States, whereas the offending States refrain from putting forward any corresponding legal justification of such operations.<ref>Tallinn Manual 2.0, commentary to rule 41, para. 11.</ref>
'''[L3]''' In incident 1, by gaining access to the official email accounts of several consular officers of State A, State B ran afoul of the inviolability of official correspondence under diplomatic and consular law. The lateral movement (incident 2) and exfiltration of data (incident 3) are just further steps in the illegal activity of State B, at least to the extent that the hacked accounts and servers contained data pertaining to State A’s diplomatic missions and consular posts, irrespective of their location.<ref>See [https://doi.org/10.1017/9781316822524 Tallinn Manual 2.0], commentary to rule 41, para 6 (noting that archives and documents of a diplomatic mission or a consular post remain inviolable even if they are stored outside of the receiving State, including on a server belonging to the sending State’s ministry of foreign affairs).</ref> This is because international law grants the inviolability of any official correspondence related to the missions and its functions. <ref> Art. 33 [http://legal.un.org/ilc/texts/instruments/english/conventions/9_2_1963.pdf VCCR], Art. 61 [http://legal.un.org/ilc/texts/instruments/english/conventions/9_2_1963.pdf VCCR] and Art. 24 [http://legal.un.org/ilc/texts/instruments/english/conventions/9_1_1961.pdf VCDR], Art. 27(2) [http://legal.un.org/ilc/texts/instruments/english/conventions/9_1_1961.pdf VCDR] and Art. 40(3) [http://legal.un.org/ilc/texts/instruments/english/conventions/9_1_1961.pdf VCDR] .</ref>
 
   
  +
In incident 1, by gaining access to an official email account of a consular officer, State B ran afoul of the inviolability of official correspondence. The lateral movement (incident 2) and exfiltration of data (incident 3) are just further steps in the illegal activity of State B, at least to the extent that the hacked accounts and servers contained data pertaining to State A’s diplomatic missions and consular posts, irrespective of their location.<ref>See Tallinn Manual 2.0, commentary to rule 41, para. 6 (noting that archives and documents of a diplomatic mission or a consular post remain inviolable even if they are stored outside of the receiving State, including on a server belonging to the sending State’s ministry of foreign affairs).</ref>
'''[L4]''' Incident 4, wherein the data was published on the internet, raises the question whether the published materials are still protected by international law under diplomatic and consular law. This issue is unsettled in the present state of the law. One view, endorsed by a majority of the experts drafting the Tallinn Manual, is that inviolability no longer applies to data that has been made public, as it is “not confidential as a matter of fact”.<ref>[https://doi.org/10.1017/9781316822524 Tallinn Manual 2.0], commentary to rule 41, para 14.</ref> By contrast, others believe that the duty to respect the inviolability of the materials in question continues to apply in such cases.<ref>[https://doi.org/10.1017/9781316822524 Tallinn Manual 2.0], commentary to rule 41, para 15.</ref> The primary reason for this view is that the duty of inviolability covers the protected materials “wherever they may be”,<ref>Art. 24 [http://legal.un.org/ilc/texts/instruments/english/conventions/9_1_1961.pdf VCDR] and Art. 33 [http://legal.un.org/ilc/texts/instruments/english/conventions/9_2_1963.pdf VCCR].</ref> which therefore includes even the public domain.<ref>[https://doi.org/10.1017/9781316822524 Tallinn Manual 2.0], commentary to rule 41, para. 15.</ref>
 
   
  +
Incident 4, wherein the data was published on the Internet, raises the question whether the published materials are still protected by international law. This issue is unsettled in the present state of the law. One view, endorsed by a majority of the experts drafting the Tallinn Manual, is that inviolability no longer applies to data that has been made public, as it is “not confidential as a matter of fact”.<ref>Tallinn Manual 2.0, commentary to rule 41, para. 14.</ref> By contrast, others believe that the duty to respect the inviolability of the materials in question continues to apply in such cases.<ref>Tallinn Manual 2.0, commentary to rule 41, para. 15.</ref> The primary reason for this view is that the duty of inviolability covers the protected materials “wherever they may be”,<ref>Art. 24 VCDR and Art. 33 VCCR.</ref> which therefore includes even the public domain.<ref>Tallinn Manual 2.0, commentary to rule 41, para. 15.</ref>
'''[L5]''' Nonetheless, there may be aspects of the right to privacy in the context of international human rights law which are violated by the publication of the consular officers' and other MFA personnel's personal details and additional information associated with their emails.<ref>[https://www.ohchr.org/en/professionalinterest/pages/ccpr.aspx International Covenant on Civil and Political Rights (adopted 16 December 1966], entered into force 23 March 1976) 999 UNTS 171 (ICCPR), Art. 17.</ref>
 
   
==== Sovereignty ====
+
===== Sovereignty =====
  +
<div class="mw-collapsible">
{{#lst:Sovereignty|Definition}}
 
  +
{{:Sovereignty}}
'''[L6]''' Whether State A's sovereignty was violated in incidents 1–3 depends on whether the espionage operation was fully conducted from outside of State A’s territory, or whether a part of it was conducted by operators physically located in State A’s territory. In the latter case, the operation could be considered a violation of sovereignty, and hence State B’s breach of its corresponding international obligation (option 1 above).<ref>[https://doi.org/10.1017/9781316822524 Tallinn Manual 2.0], commentary to rule 4, paras 6-7; commentary to rule 32, para 9.</ref> As for a possible interference with data or services that are necessary for the exercise of "inherently governmental functions", the data was merely copied by the adversary, not destroyed or modified, and the services kept working during the espionage operation.
 
  +
</div>
  +
With regard to incidents 1–3, the answer depends on whether the espionage operation was fully conducted from outside of State A’s territory, or whether a part of it was conducted by operators physically located in State A’s territory. In the latter case, the operation could be considered a violation of sovereignty, and hence State B’s breach of its corresponding international obligation (option 1 above).<ref>Tallinn Manual 2.0, commentary to rule 4, para. 6-7; commentary to rule 32, para. 9.</ref>
   
'''[L7]''' Taken separately, the publication of the acquired data (incident 4) would not violate the sovereignty of State A (however, if the publication was done in order to coerce State A, it might be a prohibited intervention - see below). Had the published information been classified in State A, then the publication is likely illegal according to State A’s domestic law; State A can also be party to international agreements which regulate the transfer of its classified information to third parties, which may create obligations for third States with regard to this information.<ref>See, for example, [https://www.gov.uk/government/publications/agreement-between-the-uk-and-france-concerning-the-mutual-protection-of-classified-information Agreement between the government of the United Kingdom of Great Britain and Northern Ireland and the government of the French Republic concerning the mutual protection of classified information] (signed on 27 March 2008 in London, entered into force 1 December 2008, France No. 1 (2008), Cm. 7425.</ref>
+
Taken separately, the publication of the acquired data (incident 4) would not violate the sovereignty of State A. Had the published information been classified in State A, then the publication is likely illegal according to State A’s domestic law; State A can also be party to international agreements which regulate the transfer of its classified information to third parties, which may create obligations for third States with regard to this information.<ref>See, for example, Agreement between the government of the United Kingdom of Great Britain and Northern Ireland and the government of the French Republic concerning the mutual protection of classified information (signed on 27 March 2008 in London, entered into force 1 December 2008, France No. 1 (2008), Cm. 7425, available at [https://www.gov.uk/government/publications/agreement-between-the-uk-and-france-concerning-the-mutual-protection-of-classified-information].</ref>
   
==== Prohibition of intervention ====
+
===== Prohibited intervention =====
  +
<div class="mw-collapsible">
{{#lst:Prohibition of intervention|Definition}}
 
  +
{{:Prohibition of intervention (conditions)}}
  +
</div>
  +
In the present scenario, prohibited intervention could also be a relevant qualification. The incidents encroach on State A’s external affairs which are the sole prerogative of State A. However, incidents 1–3 do not contain the element of coercion, because they are conducted merely with the aim to gather information, which does not compel State A to adapt the conduct of its external affairs.<ref>Tallinn Manual 2.0, commentary to rule 66, para. 33.</ref>
   
  +
As for incident 4, if it can be attributed to State B, it is coercive in the sense that it has the potential to cause State A to adapt its external affairs based on the published information and to contain the relevant political damage. It may be harder for State A to ascertain the intent of State B, which might have had no particular outcome in mind, apart from causing mischief. This might also pose an issue for establishing the causal nexus between State B’s activity and the resulting reaction by State A: the causality might not be deemed direct enough.
'''[L8]''' In the present scenario, prohibited intervention could also be a relevant qualification. The incidents encroach on State A’s external affairs which are the sole prerogative of State A. However, incidents 1–3 (infiltration into State A systems and exfiltration of data) do not contain the element of coercion, because they are conducted merely with the aim to gather information, which does not compel State A to adapt the conduct of its external affairs.<ref>[https://doi.org/10.1017/9781316822524 Tallinn Manual 2.0], commentary to rule 66, para 33.</ref>
 
   
  +
===== Espionage =====
'''[L9]''' As for incident 4 (publication of the data), if it can be attributed to State B, it is coercive in the sense that it has the potential to cause State A to adapt its external (and internal) affairs based on the published information and to contain the relevant political damage. It may be harder for State A to ascertain the intent of State B, which might have had no particular outcome in mind, apart from causing mischief. This might also pose an issue for establishing the causal nexus between State B’s activity and the resulting reaction by State A: the causality might not be deemed direct enough.
 
  +
<div class="mw-collapsible">
  +
{{:Peacetime cyber espionage}}
  +
</div>
  +
As this overview demonstrates, the mere characterization of a cyber operation as amounting to cyber espionage is not conclusive as to the question of its lawfulness under international law.<ref>See also Tallinn Manual 2.0, commentary to rule 32, para. 6 (“By styling a cyber operation as a ‘cyber espionage operation’, a State cannot ... claim that it is by definition lawful under international law; its lawfulness depends on whether the way in which the operation is carried out violates any international law obligations that bind the State.”).</ref> Reference must be had to specific rules of international law, which may be breached by the operation in question in its specific circumstances (see especially Sovereignty and Prohibited intervention above). It may be noted that there is a view that acts of espionage represent a customary exception to the relevant prohibitions.<ref>See, for example, Tallinn Manual 2.0, commentary to rule 32, para. 9; A Deeks, “An International Legal Framework for Surveillance”, (2015) 55 Va J Int’l L 291, 302.</ref> However, this interpretation would amount to the establishment of a novel circumstance precluding wrongfulness, for which there is no evidence in international law. Accordingly, the lawfulness of incidents 1–4 therefore must be assessed with reference to other applicable international legal rules.
   
==== Espionage ====
+
===== Due diligence =====
  +
The due diligence obligation of State B for the abovementioned incidents is superseded by its direct responsibility for the activities of its governmental organs. On State B’s part, there is no omission, but rather a commission of an internationally wrongful act.<ref>Tallinn Manual 2.0, commentary to rule 6, para. 43.</ref>
{{#lst:Peacetime cyber espionage|Definition}}
 
 
'''[L10]''' As this overview demonstrates, the mere characterization of a cyber operation as amounting to cyber espionage is not conclusive as to the question of its lawfulness under international law.<ref>See also [https://doi.org/10.1017/9781316822524 Tallinn Manual 2.0], commentary to rule 32, para 6 (“By styling a cyber operation as a ‘cyber espionage operation’, a State cannot ... claim that it is by definition lawful under international law; its lawfulness depends on whether the way in which the operation is carried out violates any international law obligations that bind the State.”).</ref> Reference must be had to specific rules of international law, which may be breached by the operation in question in its specific circumstances (see especially Sovereignty and Prohibited intervention above).
 
 
'''[L11]''' It may be noted that there is a view that acts of espionage represent a customary exception to the relevant prohibitions.<ref>See, for example, [https://doi.org/10.1017/9781316822524 Tallinn Manual 2.0], commentary to rule 32, para 9; Ashley Deeks, “An International Legal Framework for Surveillance” (2015) 55 Va J Int’l L 291, 302-3.</ref> However, this interpretation would amount to the establishment of a novel circumstance precluding wrongfulness, for which there is no evidence in international law. Accordingly, the lawfulness of incidents 1–4 therefore must be assessed with reference to other applicable international legal rules.
 
   
 
== Checklist ==
 
== Checklist ==
* Do the affected materials come under the duty of inviolability of documents and archives of [[Diplomatic and consular law|diplomatic missions and consular posts]]?
+
* Do the affected materials come under the duty of inviolability?
  +
* Does the exfiltration and publication of data violate the sovereignty of the victim State?
* Do they implicate the [[international human rights law|right to privacy]] of affected personnel?
 
* Does the exfiltration and publication of data violate the [[sovereignty]] of the victim State?
+
* Does the exfiltration and publication of data amount to a prohibited intervention?
  +
* Is the fact that part of the operation is cyber espionage an important circumstance for the il/legality of the operation?
* Does the exfiltration and publication of data amount to a [[Prohibition of intervention|prohibited intervention]]?
 
* Is the fact that part of the operation is [[peacetime cyber espionage]] an important circumstance for the il/legality of the operation? If so, to what extent?
 
   
== Appendices ==
+
== Appendixes ==
   
 
=== See also ===
 
=== See also ===
  +
 
* [[Attribution]]
 
* [[Attribution]]
  +
* ...
* [[Peacetime cyber espionage]]
 
* [[Diplomatic and consular law]]
 
* [[Prohibition of intervention]]
 
* [[Sovereignty]]
 
* [[Bundestag Hack (2015)]]
 
   
 
=== Notes and references ===
 
=== Notes and references ===
Line 94: Line 102:
   
 
=== Bibliography and further reading ===
 
=== Bibliography and further reading ===
* Ashley Deeks, 'An International Legal Framework for Surveillance' (2015) 55 VA.J.INT’LL. 29.
 
*Gary P. Corn and Robert Taylor, ‘[https://doi.org/10.1017/aju.2017.57 Sovereignty in the Age of Cyber]’ (2017) 111 AJIL Unbound 20.
 
*James Crawford, ''Brownlie's Principles of Public International Law'' (OUP 2012).
 
*Wolff Heintschel von Heinegg, '[https://digital-commons.usnwc.edu/cgi/viewcontent.cgi?referer=https://www.google.ee/&httpsredir=1&article=1027&context=ils Territorial Sovereignty and Neutrality in Cyberspace]' (2013) 89 Int’l L. Stud. 123.
 
*Michael N Schmitt (ed), ''[https://doi.org/10.1017/9781316822524 Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations]'' (CUP 2017).
 
*Michael N Schmitt, '[https://heinonline.org/HOL/P?h=hein.journals/cjil19&i=36 Virtual Disenfranchisement: Cyber Election Meddling in the Grey Zones of International Law]' (2018) 19 ChiJIntlL 30.
 
*Michael N Schmitt and Liis Vihul, ‘[https://texaslawreview.org/respect-sovereignty-cyberspace/ Respect for Sovereignty in Cyberspace]’ (2017) 95 Tex L Rev. 1639.
 
*Sean Watts & Theodore Richard, '[https://law.lclark.edu/live/files/26902-lcb223article3wattspdf Baseline Territorial Sovereignty and Cyberspace'] (2018) 22 Lewis & Clark L. Rev. 771.
 
*Katja Ziegler, “[http://opil.ouplaw.com/view/10.1093/law:epil/9780199231690/law-9780199231690-e1398 Domaine Réservé]”, in Rudiger Wolfrum (ed), ''Max Planck Encyclopedia of Public International Law'' (OUP 2008).
 
   
  +
* MN Schmitt (ed), ''Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations'' (CUP 2017)
=== Contributions ===
 
  +
* Etc.
* Scenario by: [[People#Editorial_board|Taťána Jančárková]] & [[People#Editorial_board|Tomáš Minárik]]
 
  +
* Analysis by: [[People#Editorial_board|Tomáš Minárik]]
 
  +
=== External links ===
* Reviewed by: [[People#Peer_reviewers|Deborah Housen-Couriel]]; [[People#Peer_reviewers|Kadri Kaska]]; [[People#Peer_reviewers|Petr Novotný]]
 
  +
  +
* (...)
  +
  +
  +
Original text by: Tomáš Minárik
   
  +
Reviewed by: [TBC]
{| class="wikitable"
 
|+
 
|Previous: [[Scenario 01: Election interference]]
 
|Next: [[Scenario 03: Cyber operation against the power grid|Scenario 03: Power grid]]
 
|}
 
[[Category:Attribution]]
 
[[Category:Peacetime cyber espionage]]
 
[[Category:Diplomatic and consular law]]
 
[[Category:Prohibition of intervention]]
 
[[Category:Sovereignty]]
 
[[Category:Scenario]]
 

Please note that all contributions to International cyber law: interactive toolkit are considered to be released under the Creative Commons Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) (see International cyber law: interactive toolkit:Copyrights for details). If you do not want your writing to be edited mercilessly and redistributed at will, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource. Do not submit copyrighted work without permission!

Cancel Editing help (opens in new window)