Main Page: Difference between revisions
No edit summary |
No edit summary |
||
(One intermediate revision by one other user not shown) | |||
Line 53: | Line 53: | ||
|[[File:Scn27.jpg|center|120px|link=Scenario 27: Contesting and redirecting ongoing attacks]][[Scenario 27: Contesting and redirecting ongoing attacks|S27<br>Redirecting<br>attacks]] |
|[[File:Scn27.jpg|center|120px|link=Scenario 27: Contesting and redirecting ongoing attacks]][[Scenario 27: Contesting and redirecting ongoing attacks|S27<br>Redirecting<br>attacks]] |
||
|[[File:Scn28.jpg|center|120px|link=Scenario 28: Extraterritorial incidental civilian cyber harm]][[Scenario 28: Extraterritorial incidental civilian cyber harm|S28<br>Incidental<br>harm]] |
|[[File:Scn28.jpg|center|120px|link=Scenario 28: Extraterritorial incidental civilian cyber harm]][[Scenario 28: Extraterritorial incidental civilian cyber harm|S28<br>Incidental<br>harm]] |
||
|- |
|||
|[[File:Scn29.jpg|center|120px|link=Scenario 29: Cyber operations against water and water infrastructure]][[Scenario 29: Cyber operations against water and water infrastructure|S29<br>Water<br>infrastructure]] |
|||
|} |
|} |
||
</div> |
</div> |
||
Line 103: | Line 105: | ||
<option> |
<option> |
||
<!-- INCIDENT |
<!-- INCIDENT 18bis--> |
||
<div id="mp-itn" style="padding:0.1em 0.6em;"> [[File:WaikatoHospital.jpg|left|150px]] |
<div id="mp-itn" style="padding:0.1em 0.6em;"> [[File:WaikatoHospital.jpg|left|150px]] |
||
On 18 May 2021, the computer information systems of five hospitals from the Waikato District Health Board in New Zealand were targeted by an unidentified group who [https://www.nzherald.co.nz/nz/waikato-dhb-cyber-attack-group-claims-responsibility-says-it-has-confidential-patient-details/OV6DORGTXIU474ANBCZH7NXZOY/ claimed responsibility] for the ransomware attack. The operation brought down more than 600 servers, hindering access to patient information and communications through the hospital’s lines, impeding the payment of wages and affecting laboratory and radiological services, which took several weeks to restore. The perpetrators accessed patient and staff confidential information and financial data and later [https://www.rnz.co.nz/news/ldr/455535/waikato-dhb-warned-a-cyberattack-catastrophic-for-patient-safety leaked it on the dark web], affecting more than 4,200 people. In the Toolkit, [[Scenario 14: Ransomware campaign|Scenario 14]] addresses the issue of ransomware campaigns launched by non-State groups, and the situation of cyber operations against medical facilities is specifically considered in [[Scenario 20: Cyber operations against medical facilities|Scenario 20]]. |
On 18 May 2021, the computer information systems of five hospitals from the Waikato District Health Board in New Zealand were targeted by an unidentified group who [https://www.nzherald.co.nz/nz/waikato-dhb-cyber-attack-group-claims-responsibility-says-it-has-confidential-patient-details/OV6DORGTXIU474ANBCZH7NXZOY/ claimed responsibility] for the ransomware attack. The operation brought down more than 600 servers, hindering access to patient information and communications through the hospital’s lines, impeding the payment of wages and affecting laboratory and radiological services, which took several weeks to restore. The perpetrators accessed patient and staff confidential information and financial data and later [https://www.rnz.co.nz/news/ldr/455535/waikato-dhb-warned-a-cyberattack-catastrophic-for-patient-safety leaked it on the dark web], affecting more than 4,200 people. In the Toolkit, [[Scenario 14: Ransomware campaign|Scenario 14]] addresses the issue of ransomware campaigns launched by non-State groups, and the situation of cyber operations against medical facilities is specifically considered in [[Scenario 20: Cyber operations against medical facilities|Scenario 20]]. |
||
</div> |
|||
</option> |
|||
<option> |
|||
<!-- INCIDENT 19--> |
|||
<div id="mp-itn" style="padding:0.1em 0.6em;">[[File:CouncilEU.svg|left|150px]] |
|||
On 3 May 2024, the [https://www.consilium.europa.eu/en/press/press-releases/2024/05/03/cyber-statement-by-the-high-representative-on-behalf-of-the-eu-on-continued-malicious-behaviour-in-cyberspace-by-the-russian-federation/ Council of the European Union], alongside the [https://www.bundesregierung.de/resource/blob/975226/2276130/ec59e50158ff9ba014025ba5abbfe6ec/2024-05-03-attribution-of-a-russian-cyber-campaign-data.pdf?download=1 German Federal Government] and the [https://mzv.gov.cz/jnp/en/issues%20and%20press/press%20releases/statement%20of%20the%20mfa%20on%20the%20cyberattacks.html Ministry of Foreign Affairs of the Czech Republic], officially attributed a series of cyber operations allegedly conducted against Germany’s governing SPD party and several institutions of the Czech Republic in early 2023. The attribution was made against APT28, who the above parties claimed was controlled by the Russian Federation. The operations involved the exploitation of a then unknown vulnerability in Microsoft Outlook, compromising email accounts. As [https://www.ft.com/content/6946fb91-df7e-43c4-a84a-3bee0dcf4a13 reported] by the ''Financial Times'', although Microsoft released a software update fixing the vulnerability soon after, significant amounts of sensitive data may have been exfiltrated. Meanwhile, Russia has [https://twitter.com/RusBotschaft/status/1786387652964479384 denied] any involvement in the incident. Within the Toolkit, similar operational methodology is addressed in [[Scenario 02: Cyber espionage against government departments|Scenario 02]]. |
|||
</div> |
</div> |
||
</option> |
</option> |
Revision as of 09:42, 14 May 2024
About the projectThe Cyber Law Toolkit is a dynamic interactive web-based resource for legal professionals who work with matters at the intersection of international law and cyber operations. The Toolkit may be explored and utilized in a number of different ways. At its core, it presently consists of 28 hypothetical scenarios. Each scenario contains a description of cyber incidents inspired by real-world examples, accompanied by detailed legal analysis. The aim of the analysis is to examine the applicability of international law to the scenarios and the issues they raise. You can see all scenarios in the box immediately below – just click on any of them to follow the relevant analysis. In addition, you may want to explore the Toolkit by looking for keywords you’re interested in; by viewing its overall article structure; by browsing through the national positions on international law in cyberspace; or by reading about individual real-world examples that serve as the basis of the Toolkit scenarios. Finally, you may want to use the search function in the top right corner of this page to look for specific words across all of the Toolkit content.
Cyber law scenarios |
Featured incidentMultiple websites and services of the Government of Albania were rendered unavailable on 15 July 2022 as well as the e-Albania portal, and on 9 September 2022 the border system of the state police was targeted; however, other state systems were compromised between October 2021 and May 2022. It is speculated that, although Homeland Justice declared its responsibility for the disruptive activity, the cyber operations were carried out by four state-sponsored actors with ties to Iran. In response to the July cyber operation, Albania decided to cut diplomatic ties with Iran. NATO has declared its support of Albania and acknowledged the attribution, by some Allies, of the responsibility for the cyber operations to Iran. Albania was also considering invoking Article 5 of The North Atlantic Treaty, to trigger collective defence, but eventually decided against it. Iran has denied its involvement. In the Toolkit, Scenario 02 considers cyber espionage against government departments and Scenario 17 addresses collective responses to cyber operations. Quick links
Behind the scenesThe project is supported by the following six partner institutions: the Czech National Cyber and Information Security Agency (NÚKIB), the International Committee of the Red Cross (ICRC), the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE), the University of Exeter, United Kingdom, the U.S. Naval War College, United States, and Wuhan University, China. The core of the project team consists of Dr Kubo Mačák (University of Exeter) – General Editor; Mr Tomáš Minárik (NÚKIB) – Managing Editor; and Mr Otakar Horák (CCDCOE) – Scenario Editor. The individual scenarios and the Toolkit as such have been reviewed by a team of over 30 peer reviewers. The Toolkit was formally launched on 28 May 2019 in Tallinn, Estonia; its Chinese launch took place on 2 November 2019 in Wuhan, China; it received its most recent general annual update on 20 October 2022; and it remains continuously updated. For questions about the project including media enquiries, please contact us at cyberlaw@exeter.ac.uk.
|