List of articles: Difference between revisions

From International cyber law: interactive toolkit
Jump to navigation Jump to search
Content added Content deleted
VisualWikitext
No edit summary
(Austria)
 
(239 intermediate revisions by 12 users not shown)
Line 1: Line 1:
This page serves as the equivalent of a table of contents in a printed book. It contains an updated list of all substantive articles in the Toolkit.

== About the project ==
== About the project ==
* [[Main Page|Main page]]
[[Main page]] (to include following info in frames: infographic for all scenarions [a la [https://www.amscc.mil.gr/sites/www.amscc.mil.gr/files/photos/countries.png flag set]]; "did you know..."/other trivia [a la [https://en.wikipedia.org/wiki/Main_Page Wikipedia Main Page]]; about the project; one more)
* [[FAQ]]

[[About the project]]
* [[Note on the structure of articles]]
<!--* [[Editing rules]]-->

[[FAQ]]
* [[Glossary]]
* [[Short form citation]]

* [[Bibliography]]
[[Note on the structure of articles]]
* [[People]]

[[Editing rules]]

[[Glossary]]

[[Bibliography]]

[[Toolkit macrostructure]] ''(to be removed at some point)''


== Scenarios ==
== Scenarios ==
<div style="column-count:3;-moz-column-count:3;-webkit-column-count:3">
''Naming convention: S01: Election interference through cyber means''
* [[Scenario 01: Election interference]]
* [[Scenario 02: Cyber espionage against government departments|Scenario 02: Political espionage]]
* [[Scenario 03: Cyber operation against the power grid|Scenario 03: Power grid]]
* [[Scenario 04: A State’s failure to assist an international organization|Scenario 04: International organizations]]
* [[Scenario 05: State investigates and responds to cyber operations against private actors in its territory|Scenario 05: Criminal investigation]]
* [[Scenario 06: Cyber countermeasures against an enabling State|Scenario 06: Enabling State]]
* [[Scenario 07: Leak of State-developed hacking tools|Scenario 07: Hacking tools]]
* [[Scenario 08: Certificate authority hack|Scenario 08: Certificate authority]]
* [[Scenario 09: Economic cyber espionage|Scenario 09: Economic espionage]]
* [[Scenario 10: Cyber weapons review|Scenario 10: Cyber weapons]]
* [[Scenario 11: Sale of surveillance tools in defiance of international sanctions|Scenario 11: Surveillance tools]]
* [[Scenario 12: Cyber operations against computer data|Scenario 12: Computer data]]
* [[Scenario 13: Cyber operations as a trigger of the law of armed conflict|Scenario 13: Armed conflict]]
* [[Scenario 14: Ransomware campaign]]
* [[Scenario 15: Cyber deception during armed conflict|Scenario 15: Cyber deception]]
* [[Scenario 16: Cyber attacks against ships on the high seas|Scenario 16: High seas]]
* [[Scenario 17: Collective responses to cyber operations|Scenario 17: Collective responses]]
* [[Scenario 18: Legal status of cyber operators during armed conflict|Scenario 18: Cyber operators]]
* [[Scenario 19: Hate speech]]
* [[Scenario 20: Cyber operations against medical facilities|Scenario 20: Medical facilities]]
* [[Scenario 21: Misattribution caused by deception|Scenario 21: Misattribution]]
* [[Scenario 22: Cyber methods of warfare|Scenario 22: Methods of warfare]]
* [[Scenario 23: Vaccine research and testing|Scenario 23: Vaccine research]]
* [[Scenario 24: Internet blockage]]
* [[Scenario 25: Cyber disruption of humanitarian assistance|Scenario 25: Humanitarian assistance]]
* [[Scenario 26: Export licensing of intrusion tools|Scenario 26: Export licensing]]
* [[Scenario 27: Contesting and redirecting ongoing attacks|Scenario 27: Redirecting attacks]]
* [[Scenario 28: Extraterritorial incidental civilian cyber harm|Scenario 28: Incidental harm]]
* [[Scenario 29: Cyber operations against water and water infrastructure|Scenario 29: Water infrastructure]]
</div>


== Legal concepts ==
''Order of scenarios to be finalized to broadly correspond to areas of law covered (as in section below), they must be listed in ascending numerical order (i.e. S01, S02, S03....)''
=== General international law ===

* [[Applicability of international law]]
[[Scenario 101]]<div>
* Jurisdiction
[[Scenario 102]]<div>
[[Scenario 103]]

Scenarios 104-113

== Areas of law ==
''Each of these titles will link to an article containing a "frame" that may then be used (by way of transclusion) in several individual scenarios. Each such article must contain a list of scenarios in which the frame is used. Each frame will be designed to resemble frames used on Wikipedia Main Page, if possible, they will be yellow in colour and contain an icon representing the idea being described (eg [https://cdn5.vectorstock.com/i/1000x1000/16/79/king-crown-isolated-icon-vector-19591679.jpg a crown like this one for sovereignty]).''

TOMAS: PLEASE RESTRUCTURE IN THE FOLLOWING WAY: I. GENERAL (APPLIES ACROSS PEACE AND WAR SITUATIONS); II. PEACETIME (EVERYTHING EXCEPT JUS IN AND JUS AD); III. USE OF FORCE AND LAW OF ARMED CONFLICT

=== I+II General international law and peacetime cyber operations ===
* [[Statehood]] (?)
* [[Sovereignty]]
* [[Due diligence]]
* [[Jurisdiction]]
* [[State responsibility]]
* [[State responsibility]]
** [[Attribution]]
** [[Internationally wrongful act]]
*** [[Attribution#State organs and persons and entities in exercise of governmental authority|State organs]]
*** [[Breach of international obligation]]
*** [[Attribution]]
*** [[Attribution#Non-State actors|Non-State actors]]
*** [[Attribution#Evidentiary standards|Evidence]]
*** [[Responsibility of a State for the conduct of another State]]
*** [[Mistake of fact (Law of State responsibility)|Mistake of fact]]
** [[Breach of an international obligation]]
** Responses and justifications
*** [[Circumstances precluding wrongfulness]]
*** [[Circumstances precluding wrongfulness]]
**** Consent
**** Self-defence (state responsibility)
**** [[Countermeasures]]
**** [[Countermeasures]]
**** [[Necessity]]
**** ''Force majeure''
**** Distress
* [[Peacetime cyber espionage]]
* [[Non-state actors]]
**** [[Plea of necessity]]
*** [[Retorsion]]
* Specialised regimes
**** [[Targeted restrictive measures]]
** [[International human rights law]]
** [[Diplomatic and consular law]]
* [[Due diligence]]
** [[Law of the sea]]
* [[Sovereignty]]
** [[Air law]]
** [[Space law]]
** [[International telecommunications law]]
* [[Prohibition of intervention]]
* [[Prohibition of intervention]]
** [[Prohibition of intervention (conditions)]]
* [[Prohibition of genocide]]
* [[Transboundary harm]]
* [[Voluntary, non-binding norms of responsible state behavior]]
* [[Legally binding unilateral declarations of States]]
* Cyber operations not ''per se'' regulated by international law
** [[Peacetime cyber espionage]]
** [[Peacetime cyber espionage#Economic cyber espionage|Economic cyber espionage]]


=== III Cyber law of armed conflict (JAB, JIB) ===
=== Specialised regimes of peacetime international law ===
* [[Diplomatic and consular law]]
* Jus ad bellum:
** [[Diplomatic and consular law#Inviolability of documents and archives of diplomatic missions and consular posts|Inviolability of documents and archives of diplomatic missions and consular posts]]
** [[Diplomatic and consular law#Premises of the mission|Premises of the mission]]
** [[Diplomatic and consular law#Persona non grata|Persona non grata]]
* [[Law of the sea]]
** [[Flag State jurisdiction]]
** [[Freedom of navigation]]
** [[Sovereign immunity]]
** [[Maritime law enforcement]]
* Air law
* Space law
* [[International telecommunication law]]
* [[International human rights law]]
** [[Right to life]]
* [[Individual criminal responsibility under international law|International criminal law]]
** [[Crime of genocide]]
** [[Crimes against humanity]]
** [[War crimes]]
* [[International export control law]]

=== Use of force, conflict and international law ===
* [[Peaceful settlement of disputes]]
* International law on the use of force (''jus ad bellum'')
** [[Use of force]]
** [[Use of force]]
** [[Armed attack]]
** [[Self-defence|Armed attack and self-defence]]
* [[International humanitarian law (jus in bello)|International humanitarian law (''jus in bello'')]]
** [[Self-defence]]
** Conflict qualification
* Jus in bello:
** [[International armed conflict]]
*** [[International armed conflict]]
** [[Non-international armed conflict]]
*** [[Non-international armed conflict]]
** [[Criminal responsibility]]
** [[Conduct of hostilities]]
*** [[Principle of precautions]]
** Conduct of hostilities - the subtopics can be developed
**** [[Principle of precautions#Precautionary obligations under international humanitarian law|Precautionary obligations under international humanitarian law]]
** Certain persons, objects and activities - again
**** [[Principle of precautions#Obligations to take precautions in attack|Obligations to take precautions in attack]]
** [[Occupation]]
**** [[Principle of precautions#Obligations to take precautions against the effects of attacks|Obligations to take precautions against the effects of attacks]]
*** [[Military objectives]]
**** [[Military_objectives#Qualification_of_data_as_a_military_objective_under_IHL|Data as a military objective]]
*** [[Proportionality]]
*** [[Attack (international humanitarian law)|The notion of ‘attack’ under international humanitarian law]]
*** [[Combatancy]]
**** [[Direct participation in hostilities]]
*** [[Attacks against persons]]
*** [[Means and methods of cyber warfare]]
**** [[Perfidy and ruses of war]]
**** [[Misuse of established indicators]]
**** [[Legal review of cyber weapons]]
** [[Specially protected persons, objects, and activities (international humanitarian law)|Specially protected persons, objects, and activities]]
*** [[Protection of medical units during armed conflict]]
*** [[Humanitarian relief operations]]
*** [[Objects indispensable to the survival of the civilian population]]
*** [[Protection of the natural environment in armed conflict]]
** Occupation
** [[Neutrality]]
** [[Neutrality]]


== Real-world examples ==
== Real-world examples ==
* 2023
* Incidents:
** [[Cyber operations against NATO’s aid mission in Turkey and Syria (2023)]]
** [[Estonia (2007)]]
** [[Georgia (2008)]]
** [[ICC data breach (2023)]]
* 2022
** [[Cyber operations in Iraq since 2003]]
** [[Costa Rica ransomware attack (2022)]]
** [[Homeland Justice operations against Albania (2022)]]
** [[Kazakhstan internet blockage (2022)]]
** [[Predatory Sparrow operation against Iranian steel maker (2022)]]
** [[Viasat KA-SAT attack (2022)]]
** [[HermeticWiper malware attack (2022)]]
** [[Cyber operations against government systems in Ukraine (January 2022)]]
* 2021
** [[Colonial Pipeline ransomware attack (2021)]]
** [[UN data breach (2021)]]
** [[Waikato Hospitals ransomware attack (2021)]]
** [[Ireland’s Health Service Executive ransomware attack (2021)]]
** [[Kaseya VSA ransomware attack (2021)]]
** [[Microsoft Exchange Server data breach (2021)]]
** [[Pegasus Project revelations (2021)]]
<!--
** Water treatment plants https://www.schneier.com/blog/archives/2021/10/ransomware-attacks-against-water-treatment-plants.html
** Ghostwriter-->
* 2020
** [[German hospital ransomware attack (2020)]]
** [[African Union headquarters hack (2020)]]
** [[Brno University Hospital ransomware attack (2020)]]
** [[Google shutting down an active counterterrorism operation (2020)]]
** [[SolarWinds (2020)]]
** [[Pfizer/BioNTech vaccine data modification and leak (2020)]]
** [[Israel’s water facilities attack (2020)]]
** [[APT32 attacks on Chinese government (2020)]]
* 2019
** [[Cyber interference against vessels in the Persian Gulf and Gulf of Oman (2019)]]
** [[Iranian internet blackout (2019)]]
** [[Israeli attack against Hamas cyber headquarters in Gaza (2019)]]
** [[Russia's sovereign internet (2019 onward)]]
** [[Springhill Medical Center ransomware attack (2019)]]
** [[Texas Municipality ransomware attack (2019)]]
* 2018
** [[African Union headquarters hack (2018)]]
** [[Olympic Destroyer (2018)]]
** [[SamSam ransomware incidents (2018)]]
* 2017
** [[Ethiopian surveillance of journalists abroad (2017)]]
** [[French presidential election leak (2017)]]
** [[Hate speech in India (since 2017)]]
** [[Operation Cloudhopper (2017)]]
** [[NotPetya (2017)]]
** [[Triton (2017)]]
** [[WannaCry (2017)]]
** [[Wu Yingzhuo, Dong Hao and Xia Lei indictment (2017)]]
* 2016
** [[Surveillance of Civil Society Groups/Ahmed Mansoor (2016)]]
** [[DNC email leak (2016)]]
** [[Industroyer – Crash Override (2016)]]
** [[Operation Glowing Symphony (2016)]]
** [[The Shadow Brokers publishing the NSA vulnerabilities (2016)]]
* 2015
** [[Bundestag Hack (2015)]]
** [[Office of Personnel Management data breach (2015)]]
** [[Power grid cyberattack in Ukraine (2015)]]
** [[The Hacking Team Hack (2015)]]
* 2014
** [[Alleged hacking of Patriot missiles (2014-2015)]]
** [[Chinese PLA Unit 61398 indictments (2014)]]
** [[Sony Pictures Entertainment attack (2014)]]
** [[Steel mill in Germany (2014)]]
** [[Ukrainian parliamentary election interference (2014)]]
** [[Use of malware to track and target Ukrainian artillery units (2014-2016)]]
* 2012
** [[Shamoon (2012)]]
* 2011
** [[Caucasus internet outage (2011)]]
** [[Syria’s ‘social media war’ (since 2011)]]
** [[DigiNotar (2011)]]
* 2010
** [[Hate speech in Myanmar (since early 2010s)]]
** [[Stuxnet (2010)]]
** [[Stuxnet (2010)]]
** [[SuperMicro supply chain breach (since 2010)]]
** [[Ababil (2011–13)]]
* 2008
** [[Shamoon (2012)]]
** [[Georgia-Russia conflict (2008)]]
** [[Heartbleed (2014)]] (what happens when a widespread vulnerability is disclosed)
** [[Sony pictures hack (2014)]]
** [[Bangladesh internet outage (2008)]]
* 2007
** [[Sands Casino (2014)]]
** [[Steel mill in Germany (2014)]]
** [[Cyber attacks against Estonia (2007)]]
** [[OPM data breach (2015)]]
** [[Operation Orchard/Outside the Box (2007)]]
<!--
** [[Bundestag hack (2015)]]

** [[Power grid cyberattack in Ukraine (2015)]]
The following examples should be created as a priority, in this order:
** [[DNC email leak (2016)]]
* [[Pegasus Project revelations (2021)]] work in progress (NÚKIB)
** [[Shamoon 2.0 (2016)]]
* [[Chinese infiltration into EU parliamentary proceedings (2018)]]
** [[WannaCry (2017)]]

** [[NotPetya (2017)]]
The following were proposed to be added to SCN02:
** [[French elections (2017)]]
* Bugging Device found in UN Offices (2004)
** (...)
* Bugging Devices found in EU Offices (2003)
* Actors:
* Operation Titan Rain (2003-2007)
** [[APT-28]]
* U.S. spying on Angela Merkel and other European leaders (2012-2014)
** [[APT-29]]
* Spying on G20 delegations using hacked USB sticks in gift bags (2013)
** [[Unit 61398]]

** (...)
The following examples are to be considered before being created:
* [[APT-29 attacks on ministries (2016-2017)]] (scarce information, difficult to fit in a table)
* [[China Telecom internet traffic misdirection (2010-2017)]]
* [[Attempted hack of the OPCW (2018)]] : operation stopped in preparatory phase, not many technical details
* [[Operation Ababil (2012-2013)]] : not very well-known, similar to Estonia (2007)
* [[Sands Casino hack (2014)]] : essentially the same as Sony hack, only less famous
* [[Heartbleed (2014)]] : no international responsibility is involved
* [[1718 sanctions committee hack (2016)]] : not too well-known
* [[Shamoon 2.0 (2016)]] : similar to Shamoon (2012)
* [[APT Turla hijacking systems of APT-34]] - see https://www.zdnet.com/article/russian-apt-turla-targets-35-countries-on-the-back-of-iranian-infrastructure/

The following examples are too vague due to their being long-term and comprising various activities; however specific incidents from these campaigns could be singled out and described:
* [[Cyber operations in Iraq since 2003]]
* [[Ukraine-Russia conflict (2014-)]]
-->


== Keywords ==
==National positions==
<div style="column-count:3;-moz-column-count:3;-webkit-column-count:3">
TO BE ORGANIZED AS CATEGORY PAGES - LEVEL 1: LIST OF ALL KEYWORDS; LEVEL 2: EACH KEYWORD IS A CATEGORY WHICH CONTAINS (USUALLY) DEFINITION OF THE TERM; ALL (OTHER) ARTICLES WHICH CONTAIN KEYWORD
* [[Common position of the African Union (2024)|African Union (2024)]]
* [[National position of Australia (2020)|Australia (2020)]]
* [[National position of Austria (2024)|Austria (2024)]]
* [[National position of Brazil (2021)|Brazil (2021)]]
* [[National position of Canada (2022)|Canada (2022)]]
* [[National position of the People's Republic of China (2021)|China (2021)]]
* [[National position of Costa Rica (2023)|Costa Rica (2023)]]
* Czech Republic ([[National position of the Czech Republic (2020)|2020]] and [[National position of the Czech Republic (2024)|2024]])
* [[National position of Denmark (2023)|Denmark (2023)]]
* Estonia ([[National position of Estonia (2019)|2019]] and [[National position of Estonia (2021)|2021]])
* [[National position of Finland (2020)|Finland (2020)]]
* [[National position of France (2019)|France (2019)]]
* [[National position of Germany (2021)|Germany (2021)]]
* [[National position of Iran (2020)|Iran (2020)]]
* [[National position of Ireland (2023)|Ireland (2023)]]
* [[National position of Israel (2020)|Israel (2020)]]
* [[National position of the Italian Republic (2021)|Italy (2021)]]
* [[National position of Japan (2021)|Japan (2021)]]
* [[National position of Kazakhstan (2021)|Kazakhstan (2021)]]
* [[National position of Kenya (2021)|Kenya (2021)]]
* [[National position of the Netherlands (2019)|Netherlands (2019)]]
* [[National position of New Zealand (2020)|New Zealand (2020)]]
* [[National position of Norway (2021)|Norway (2021)]]
* [[National position of Pakistan (2023)|Pakistan (2023)]]
* [[National position of the Republic of Poland (2022)|Poland (2022)]]
* [[National position of Romania (2021)|Romania (2021)]]
* [[National position of the Russian Federation (2021)|Russia (2021)]]
* [[National position of Singapore (2021)|Singapore (2021)]]
* [[National position of the Kingdom of Sweden (2022)|Sweden (2022)]]
* [[National position of Switzerland (2021)|Switzerland (2021)]]
* United Kingdom ([[National position of the United Kingdom (2018)|2018]], [[National position of the United Kingdom (2021)|2021]] and [[National position of the United Kingdom (2022)|2022]])
* United States ([[National position of the United States of America (2012)|2012]], [[National position of the United States of America (2016)|2016]], [[National position of the United States of America (2020)|2020]] and [[National position of the United States of America (2021)|2021]])
</div>


==Keywords==
[[List of keywords]]
<tagcloud>
exclude=Pages_using_invalid_self-closed_HTML_tags
include=Category:Threats
increase_factor=250
</tagcloud>

Latest revision as of 12:21, 28 June 2024

This page serves as the equivalent of a table of contents in a printed book. It contains an updated list of all substantive articles in the Toolkit.

About the project[edit | edit source]

Scenarios[edit | edit source]

Legal concepts[edit | edit source]

General international law[edit | edit source]

Specialised regimes of peacetime international law[edit | edit source]

Use of force, conflict and international law[edit | edit source]

Real-world examples[edit | edit source]

National positions[edit | edit source]

Keywords[edit | edit source]

2007  2008  2010  2011  2012  2014  2015  2016  2017  2018  2019  2020  2021  2022  2023  Advanced persistent threat  Applicability of international law  Article 36  Attack (international humanitarian law)  Attacks against persons  Attribution  Breach of an international obligation  Causation  Combatancy  Computer data  Conduct of hostilities  Countermeasures  Crime of genocide  Crimes against humanity  Critical infrastructure  Cyber weapons  Cybercrime  DDoS  Deception  Defacement  Diplomatic and consular law  Direct participation in hostilities  Distinction  Due diligence  Economic cyber espionage  Effective control  Election interference  Evidence  Example  Flag State jurisdiction  Freedom of navigation  Hospitals  Humanitarian assistance  Hybrid threats  Indiscriminate attack  Individual criminal responsibility under international law  Industrial control system  International armed conflict  International cooperation  International export control law  International human rights law  International humanitarian law  International organization  International sanctions  International telecommunication law  Internationalization  Internet access  Inviolability  Law of the sea  Legal concepts  Legal personality  Legal review of cyber weapons  Legally binding unilateral declarations of States  Malware  Maritime law enforcement  Means and methods of cyber warfare  Medical units  Methods and means of warfare  Military objectives  Misattribution  Mistake of fact  Misuse of established indicators  National position  Neutrality  Non-State actors  Non-international armed conflict  Object  Objects indispensable to the survival of the civilian population  Overall control  Pages transcluding nonexistent sections  Peaceful settlement of disputes  Peacetime cyber espionage  Perfidy and ruses of war  Persona non grata  Plea of necessity  Premises of the mission  Principle of precautions  Prohibition of genocide  Prohibition of intervention  Proportionality  Ransomware  Retorsion  Right to life  Scenario  Self-defence  Sovereign immunity  Sovereignty  Specially protected persons, objects and activities  State organs  State responsibility  Stuxnet  Supply chain  Surveillance  Targeted restrictive measures  Targeting  Threats  Transboundary harm  Use of force  Voluntary norms  War crimes  Weapons review 
Retrieved from "https://cyberlaw.ccdcoe.org/wiki/List_of_articles?oldid=4218"