Scenario 07: Leak of State-developed hacking tools
Jump to navigation
Jump to search
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
fill this in!
== Scenario == === Keywords === Malware, sovereignty, prohibition of intervention, due diligence === Facts === '''[F1]''' A website appears on the Internet, offering the sale of various hacking tools, including zero-day vulnerabilities, spyware, and ready-made exploits. The sellers allege that all of the tools on offer had been developed by State A’s intelligence services (<b>incident 1</b>). Independent security researchers confirm that the advertised tools indeed resemble a number of different tools previously used in cyber operations in which State A had been implicated. After initial hesitation, State A officials confirm the leak of the hacking tools caused by unknown attackers. '''[F2]''' Website hosting the tools is immediately noticed by the authorities and the content is taken down. However, once exposed on the Internet, the tools are considered as leaked and almost certainly spreading further. '''[F3]''' Software companies whose products are said to contain the vulnerabilities launch a formal protest with State A for not having informed them of the existence of those vulnerabilities, before and especially after the leak (<b>incident 2</b>). '''[F4]''' The tools are later repurposed by State B’s military unit and used in a ransomware (or mock ransomware) campaign, causing substantial losses globally, including paradoxically in State A. In particular, the spread of the ransomware results in the encryption of data in several of State A’s governmental information systems (<b>incident 3</b>). The facts as stated above have been verified by independent security researchers. === Examples === * [[The Shadow Brokers publishing the NSA vulnerabilities (2016)]] * [[WannaCry (2017)]] * [[NotPetya (2017)]]
Please note that all contributions to International cyber law: interactive toolkit are considered to be released under the Creative Commons Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) (see
International cyber law: interactive toolkit:Copyrights
for details). If you do not want your writing to be edited mercilessly and redistributed at will, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource.
Do not submit copyrighted work without permission!
(opens in new window)
Retrieved from "
Not logged in
What links here
Get shortened URL