List of articles: Difference between revisions
Jump to navigation
Jump to search
Content deleted Content added
No edit summary |
Austria |
||
(225 intermediate revisions by 12 users not shown) | |||
Line 1:
This page serves as the equivalent of a table of contents in a printed book. It contains an updated list of all substantive articles in the Toolkit.
== About the project ==
* [[Main Page|Main page]]
* [[FAQ]]
* [[
<!--* [[Editing rules]]-->
* [[
* [[Short form citation]]
* [[Bibliography]]
* [[People]]
== Scenarios ==
<div style="column-count:3;-moz-column-count:3;-webkit-column-count:3">
* [[Scenario 01: Election interference]]
* [[Scenario 02: Cyber espionage against government departments|Scenario 02: Political espionage]]
* [[Scenario 03: Cyber operation against the power grid|Scenario 03: Power grid]]
* [[Scenario 04: A State’s failure to assist an international organization|Scenario 04: International organizations]]
* [[Scenario 05: State investigates and responds to cyber operations against private actors in its territory|Scenario 05: Criminal investigation]]
* [[Scenario 06: Cyber countermeasures against an enabling State|Scenario 06: Enabling State]]
* [[Scenario 07: Leak of State-developed hacking tools|Scenario 07: Hacking tools]]
* [[Scenario 08: Certificate authority hack|Scenario 08: Certificate authority]]
* [[Scenario 09: Economic cyber espionage|Scenario 09: Economic espionage]]
* [[Scenario
* [[Scenario 11: Sale of surveillance tools in defiance of international sanctions|Scenario 11: Surveillance tools]]
* [[Scenario
* [[Scenario 13: Cyber operations as a trigger of the law of armed conflict|Scenario 13: Armed conflict]]
* [[Scenario
* [[Scenario 15: Cyber deception during armed conflict|Scenario 15: Cyber deception]]
* [[Scenario 16: Cyber attacks against ships on the high seas|Scenario 16: High seas]]
* [[Scenario 17: Collective responses to cyber operations|Scenario 17: Collective responses]]
* [[Scenario 18: Legal status of cyber operators during armed conflict|Scenario 18: Cyber operators]]
* [[Scenario 19: Hate speech]]
* [[Scenario 20: Cyber operations against medical facilities|Scenario 20: Medical facilities]]
* [[Scenario 21: Misattribution caused by deception|Scenario 21: Misattribution]]
* [[Scenario 22: Cyber methods of warfare|Scenario 22: Methods of warfare]]
* [[Scenario 23: Vaccine research and testing|Scenario 23: Vaccine research]]
* [[Scenario 24: Internet blockage]]
* [[Scenario 25: Cyber disruption of humanitarian assistance|Scenario 25: Humanitarian assistance]]
* [[Scenario 26: Export licensing of intrusion tools|Scenario 26: Export licensing]]
* [[Scenario 27: Contesting and redirecting ongoing attacks|Scenario 27: Redirecting attacks]]
* [[Scenario 28: Extraterritorial incidental civilian cyber harm|Scenario 28: Incidental harm]]
* [[Scenario 29: Cyber operations against water and water infrastructure|Scenario 29: Water infrastructure]]
</div>
== Legal concepts ==
=== General international law ===
* [[Applicability of international law]]
* Jurisdiction
* [[State responsibility]]
** [[Attribution]]
*** [[Attribution#State organs and persons and entities in exercise of governmental authority|State organs]]
*** [[Attribution#Non-State actors|Non-State actors]]
*** [[Attribution#Evidentiary standards|Evidence]]
*** [[Responsibility of a State for the conduct of another State]]
*** [[Mistake of fact (Law of State responsibility)|Mistake of fact]]
** [[Breach of an international obligation]]
** Responses and justifications
*** [[Circumstances precluding wrongfulness]]
**** Consent
**** Self-defence (state responsibility)
**** [[Countermeasures]]
**** ''Force majeure''
**** Distress
**** [[Plea of necessity]]
*** [[Retorsion]]
**** [[Targeted restrictive measures]]
* [[Due diligence]]
* [[Sovereignty]]
* [[Prohibition of intervention]]
* [[Prohibition of genocide]]
* [[Transboundary harm]]
* [[Voluntary, non-binding norms of responsible state behavior]]
* [[Legally binding unilateral declarations of States]]
* Cyber operations not ''per se'' regulated by international law
** [[Peacetime cyber espionage]]
** [[Peacetime cyber espionage#Economic cyber espionage|Economic cyber espionage]]
=== Specialised regimes of peacetime international law ===
* [[Diplomatic and consular law]]
** [[Diplomatic and consular law#Inviolability of documents and archives of diplomatic missions and consular posts|Inviolability of documents and archives of diplomatic missions and consular posts]]
** [[Diplomatic and consular law#Premises of the mission|Premises of the mission]]
** [[Diplomatic and consular law#Persona non grata|Persona non grata]]
* [[Law of the sea]]
** [[Flag State jurisdiction]]
** [[Freedom of navigation]]
** [[Sovereign immunity]]
** [[Maritime law enforcement]]
* Air law
* Space law
* [[International telecommunication law]]
* [[International human rights law]]
** [[Right to life]]
* [[Individual criminal responsibility under international law|International criminal law]]
** [[Crime of genocide]]
** [[Crimes against humanity]]
** [[War crimes]]
* [[International export control law]]
=== Use of force, conflict and international law
* [[
* International law on the use of force (''jus ad bellum'')
**
* [[International humanitarian law (jus in bello)|International humanitarian law (''jus in bello'')]]
** Conflict qualification
*** [[International armed conflict]]
*** [[Non-international armed conflict]]
*** [[Principle of precautions]]
**** [[Principle of precautions#Precautionary obligations under international humanitarian law|Precautionary obligations under international humanitarian law]]
**** [[Principle of precautions#Obligations to take precautions in attack|Obligations to take precautions in attack]]
**** [[Principle of precautions#Obligations to take precautions against the effects of attacks|Obligations to take precautions against the effects of attacks]]
*** [[
**** [[Military_objectives#Qualification_of_data_as_a_military_objective_under_IHL|Data as a military objective]]
*** [[Proportionality]]
*** [[Attack (international humanitarian law)|The notion of ‘attack’ under international humanitarian law]]
*** [[Combatancy]]
**** [[Direct participation in hostilities]]
*** [[Attacks against persons]]
*** [[Means and methods of cyber warfare]]
**** [[Perfidy and ruses of war]]
**** [[Misuse of established indicators]]
**** [[Legal review of cyber weapons]]
** [[Specially protected persons, objects, and activities (international humanitarian law)|Specially protected persons, objects, and activities]]
*** [[Protection of medical units during armed conflict]]
*** [[Humanitarian relief operations]]
*** [[Objects indispensable to the survival of the civilian population]]
*** [[Protection of the natural environment in armed conflict]]
** Occupation
** [[Neutrality]]
== Real-world examples ==
* 2023
** [[Cyber operations against NATO’s aid mission in Turkey and Syria (2023)]]
** [[
* 2022
** [[Costa Rica ransomware attack (2022)]]
** [[Homeland Justice operations against Albania (2022)]]
** [[Kazakhstan internet blockage (2022)]]
** [[Predatory Sparrow operation against Iranian steel maker (2022)]]
** [[Viasat KA-SAT attack (2022)]]
** [[HermeticWiper malware attack (2022)]]
** [[Cyber operations against government systems in Ukraine (January 2022)]]
* 2021
** [[Colonial Pipeline ransomware attack (2021)]]
** [[UN data breach (2021)]]
** [[Waikato Hospitals ransomware attack (2021)]]
** [[Ireland’s Health Service Executive ransomware attack (2021)]]
** [[Kaseya VSA ransomware attack (2021)]]
** [[Microsoft Exchange Server data breach (2021)]]
** [[Pegasus Project revelations (2021)]]
<!--
** Water treatment plants https://www.schneier.com/blog/archives/2021/10/ransomware-attacks-against-water-treatment-plants.html
** Ghostwriter-->
* 2020
** [[German hospital ransomware attack (2020)]]
** [[African Union headquarters hack (2020)]]
** [[Brno University Hospital ransomware attack (2020)]]
** [[Google shutting down an active counterterrorism operation (2020)]]
** [[SolarWinds (2020)]]
** [[Pfizer/BioNTech vaccine data modification and leak (2020)]]
** [[Israel’s water facilities attack (2020)]]
** [[APT32 attacks on Chinese government (2020)]]
* 2019
** [[Cyber interference against vessels in the Persian Gulf and Gulf of Oman (2019)]]
** [[Iranian internet blackout (2019)]]
** [[Israeli attack against Hamas cyber headquarters in Gaza (2019)]]
** [[Russia's sovereign internet (2019 onward)]]
** [[Springhill Medical Center ransomware attack (2019)]]
** [[Texas Municipality ransomware attack (2019)]]
* 2018
** [[African Union headquarters hack (2018)]]
** [[Olympic Destroyer (2018)]]
** [[SamSam ransomware incidents (2018)]]
* 2017
** [[Ethiopian surveillance of journalists abroad (2017)]]
** [[French presidential election leak (2017)]]
** [[Hate speech in India (since 2017)]]
** [[Operation Cloudhopper (2017)]]
** [[NotPetya (2017)]]
** [[Triton (2017)]]
** [[WannaCry (2017)]]
** [[Wu Yingzhuo, Dong Hao and Xia Lei indictment (2017)]]
* 2016
** [[Surveillance of Civil Society Groups/Ahmed Mansoor (2016)]]
** [[DNC email leak (2016)]]
** [[Industroyer – Crash Override (2016)]]
** [[Operation Glowing Symphony (2016)]]
** [[The Shadow Brokers publishing the NSA vulnerabilities (2016)]]
* 2015
** [[Bundestag Hack (2015)]]
** [[Office of Personnel Management data breach (2015)]]
** [[Power grid cyberattack in Ukraine (2015)]]
** [[The Hacking Team Hack (2015)]]
* 2014
** [[Alleged hacking of Patriot missiles (2014-2015)]]
** [[Chinese PLA Unit 61398 indictments (2014)]]
** [[Sony Pictures Entertainment attack (2014)]]
** [[Steel mill in Germany (2014)]]
** [[Ukrainian parliamentary election interference (2014)]]
** [[Use of malware to track and target Ukrainian artillery units (2014-2016)]]
* 2012
** [[Shamoon (2012)]]
* 2011
** [[Caucasus internet outage (2011)]]
** [[Syria’s ‘social media war’ (since 2011)]]
** [[DigiNotar (2011)]]
* 2010
** [[Hate speech in Myanmar (since early 2010s)]]
** [[Stuxnet (2010)]]
** [[SuperMicro supply chain breach (since 2010)]]
* 2008
** [[Georgia-Russia conflict (2008)]]
** [[
* 2007
** [[
** [[
<!--
The following examples should be created as a priority, in this order:
* [[Pegasus Project revelations (2021)]] work in progress (NÚKIB)
* [[Chinese infiltration into EU parliamentary proceedings (2018)]]
The following were proposed to be added to SCN02:
* Bugging Device found in UN Offices (2004)
* Bugging Devices found in EU Offices (2003)
* Operation Titan Rain (2003-2007)
* U.S. spying on Angela Merkel and other European leaders (2012-2014)
* Spying on G20 delegations using hacked USB sticks in gift bags (2013)
The following examples are to be considered before being created:
* [[APT-29 attacks on ministries (2016-2017)]] (scarce information, difficult to fit in a table)
* [[China Telecom internet traffic misdirection (2010-2017)]]
* [[Attempted hack of the OPCW (2018)]] : operation stopped in preparatory phase, not many technical details
* [[Operation Ababil (2012-2013)]] : not very well-known, similar to Estonia (2007)
* [[Sands Casino hack (2014)]] : essentially the same as Sony hack, only less famous
* [[Heartbleed (2014)]] : no international responsibility is involved
* [[1718 sanctions committee hack (2016)]] : not too well-known
* [[Shamoon 2.0 (2016)]] : similar to Shamoon (2012)
* [[APT Turla hijacking systems of APT-34]] - see https://www.zdnet.com/article/russian-apt-turla-targets-35-countries-on-the-back-of-iranian-infrastructure/
The following examples are too vague due to their being long-term and comprising various activities; however specific incidents from these campaigns could be singled out and described:
* [[Cyber operations in Iraq since 2003]]
* [[Ukraine-Russia conflict (2014-)]]
-->
==National
<div style="column-count:3;-moz-column-count:3;-webkit-column-count:3">
* [[Common position of the African Union (2024)|African Union (2024)]]
* [[National position of Australia (2020)|Australia (2020)]]
* [[National position of Austria (2024)|Austria (2024)]]
* [[National position of Brazil (2021)|Brazil (2021)]]
* [[National position of Canada (2022)|Canada (2022)]]
* [[National position of the People's Republic of China (2021)|China (2021)]]
* [[National position of Costa Rica (2023)|Costa Rica (2023)]]
* Czech Republic ([[National position of the Czech Republic (2020)|2020]] and [[National position of the Czech Republic (2024)|2024]])
* [[National position of Denmark (2023)|Denmark (2023)]]
* Estonia ([[National position of Estonia (2019)|2019]] and [[National position of Estonia (2021)|2021]])
* [[National position of Finland (2020)|Finland (2020)]]
* [[National position of France (2019)|France (2019)]]
* [[National position of Germany (2021)|Germany (2021)]]
* [[National position of Iran (2020)|Iran (2020)]]
* [[National position of Ireland (2023)|Ireland (2023)]]
* [[National position of Israel (2020)|Israel (2020)]]
* [[National position of the Italian Republic (2021)|Italy (2021)]]
* [[National position of Japan (2021)|Japan (2021)]]
* [[National position of Kazakhstan (2021)|Kazakhstan (2021)]]
* [[National position of Kenya (2021)|Kenya (2021)]]
* [[National position of the Netherlands (2019)|Netherlands (2019)]]
* [[National position of New Zealand (2020)|New Zealand (2020)]]
* [[National position of Norway (2021)|Norway (2021)]]
* [[National position of Pakistan (2023)|Pakistan (2023)]]
* [[National position of the Republic of Poland (2022)|Poland (2022)]]
* [[National position of Romania (2021)|Romania (2021)]]
* [[National position of the Russian Federation (2021)|Russia (2021)]]
* [[National position of Singapore (2021)|Singapore (2021)]]
* [[National position of the Kingdom of Sweden (2022)|Sweden (2022)]]
* [[National position of Switzerland (2021)|Switzerland (2021)]]
* United Kingdom ([[National position of the United Kingdom (2018)|2018]], [[National position of the United Kingdom (2021)|2021]] and [[National position of the United Kingdom (2022)|2022]])
* United States ([[National position of the United States of America (2012)|2012]], [[National position of the United States of America (2016)|2016]], [[National position of the United States of America (2020)|2020]] and [[National position of the United States of America (2021)|2021]])
</div>
==Keywords==
<tagcloud>
exclude=Pages_using_invalid_self-closed_HTML_tags
include=Category:Threats
increase_factor=250
</tagcloud>
|
Revision as of 12:21, 28 June 2024
This page serves as the equivalent of a table of contents in a printed book. It contains an updated list of all substantive articles in the Toolkit.
About the project
Scenarios
- Scenario 01: Election interference
- Scenario 02: Political espionage
- Scenario 03: Power grid
- Scenario 04: International organizations
- Scenario 05: Criminal investigation
- Scenario 06: Enabling State
- Scenario 07: Hacking tools
- Scenario 08: Certificate authority
- Scenario 09: Economic espionage
- Scenario 10: Cyber weapons
- Scenario 11: Surveillance tools
- Scenario 12: Computer data
- Scenario 13: Armed conflict
- Scenario 14: Ransomware campaign
- Scenario 15: Cyber deception
- Scenario 16: High seas
- Scenario 17: Collective responses
- Scenario 18: Cyber operators
- Scenario 19: Hate speech
- Scenario 20: Medical facilities
- Scenario 21: Misattribution
- Scenario 22: Methods of warfare
- Scenario 23: Vaccine research
- Scenario 24: Internet blockage
- Scenario 25: Humanitarian assistance
- Scenario 26: Export licensing
- Scenario 27: Redirecting attacks
- Scenario 28: Incidental harm
- Scenario 29: Water infrastructure
Legal concepts
General international law
- Applicability of international law
- Jurisdiction
- State responsibility
- Attribution
- Breach of an international obligation
- Responses and justifications
- Circumstances precluding wrongfulness
- Consent
- Self-defence (state responsibility)
- Countermeasures
- Force majeure
- Distress
- Plea of necessity
- Retorsion
- Circumstances precluding wrongfulness
- Due diligence
- Sovereignty
- Prohibition of intervention
- Prohibition of genocide
- Transboundary harm
- Voluntary, non-binding norms of responsible state behavior
- Legally binding unilateral declarations of States
- Cyber operations not per se regulated by international law
Specialised regimes of peacetime international law
- Diplomatic and consular law
- Law of the sea
- Air law
- Space law
- International telecommunication law
- International human rights law
- International criminal law
- International export control law
Use of force, conflict and international law
- Peaceful settlement of disputes
- International law on the use of force (jus ad bellum)
- International humanitarian law (jus in bello)
- Conflict qualification
- Conduct of hostilities
- Specially protected persons, objects, and activities
- Occupation
- Neutrality
Real-world examples
- 2023
- 2022
- Costa Rica ransomware attack (2022)
- Homeland Justice operations against Albania (2022)
- Kazakhstan internet blockage (2022)
- Predatory Sparrow operation against Iranian steel maker (2022)
- Viasat KA-SAT attack (2022)
- HermeticWiper malware attack (2022)
- Cyber operations against government systems in Ukraine (January 2022)
- 2021
- 2020
- German hospital ransomware attack (2020)
- African Union headquarters hack (2020)
- Brno University Hospital ransomware attack (2020)
- Google shutting down an active counterterrorism operation (2020)
- SolarWinds (2020)
- Pfizer/BioNTech vaccine data modification and leak (2020)
- Israel’s water facilities attack (2020)
- APT32 attacks on Chinese government (2020)
- 2019
- Cyber interference against vessels in the Persian Gulf and Gulf of Oman (2019)
- Iranian internet blackout (2019)
- Israeli attack against Hamas cyber headquarters in Gaza (2019)
- Russia's sovereign internet (2019 onward)
- Springhill Medical Center ransomware attack (2019)
- Texas Municipality ransomware attack (2019)
- 2018
- 2017
- 2016
- 2015
- 2014
- 2012
- 2011
- 2010
- 2008
- 2007
National positions
- African Union (2024)
- Australia (2020)
- Austria (2024)
- Brazil (2021)
- Canada (2022)
- China (2021)
- Costa Rica (2023)
- Czech Republic (2020 and 2024)
- Denmark (2023)
- Estonia (2019 and 2021)
- Finland (2020)
- France (2019)
- Germany (2021)
- Iran (2020)
- Ireland (2023)
- Israel (2020)
- Italy (2021)
- Japan (2021)
- Kazakhstan (2021)
- Kenya (2021)
- Netherlands (2019)
- New Zealand (2020)
- Norway (2021)
- Pakistan (2023)
- Poland (2022)
- Romania (2021)
- Russia (2021)
- Singapore (2021)
- Sweden (2022)
- Switzerland (2021)
- United Kingdom (2018, 2021 and 2022)
- United States (2012, 2016, 2020 and 2021)
Keywords
2007 2008 2010 2011 2012 2014 2015 2016 2017 2018 2019 2020 2021 2022 2023 Advanced persistent threat Applicability of international law Article 36 Attack (international humanitarian law) Attacks against persons Attribution Breach of an international obligation Causation Combatancy Computer data Conduct of hostilities Countermeasures Crime of genocide Crimes against humanity Critical infrastructure Cyber weapons Cybercrime DDoS Deception Defacement Diplomatic and consular law Direct participation in hostilities Distinction Due diligence Economic cyber espionage Effective control Election interference Evidence Example Flag State jurisdiction Freedom of navigation Hospitals Humanitarian assistance Hybrid threats Indiscriminate attack Individual criminal responsibility under international law Industrial control system International armed conflict International cooperation International export control law International human rights law International humanitarian law International organization International sanctions International telecommunication law Internationalization Internet access Inviolability Law of the sea Legal concepts Legal personality Legal review of cyber weapons Legally binding unilateral declarations of States Malware Maritime law enforcement Means and methods of cyber warfare Medical units Methods and means of warfare Military objectives Misattribution Mistake of fact Misuse of established indicators National position Neutrality Non-State actors Non-international armed conflict Object Objects indispensable to the survival of the civilian population Overall control Pages transcluding nonexistent sections Peaceful settlement of disputes Peacetime cyber espionage Perfidy and ruses of war Persona non grata Plea of necessity Premises of the mission Principle of precautions Prohibition of genocide Prohibition of intervention Proportionality Ransomware Retorsion Right to life Scenario Self-defence Sovereign immunity Sovereignty Specially protected persons, objects and activities State organs State responsibility Stuxnet Supply chain Surveillance Targeted restrictive measures Targeting Threats Transboundary harm Use of force Voluntary norms War crimes Weapons review