Main Page: Difference between revisions
m (25 to 28 scenarios) |
(added the Homeland Justice operations against Albania) |
||
Line 128: | Line 128: | ||
</div> |
</div> |
||
</option> |
</option> |
||
<option weight="2"> |
|||
<!-- INCIDENT 23--> |
|||
<div id="mp-itn" style="padding:0.1em 0.6em;">[[File:Flag of Albania.svg|left|150px]] |
|||
The most important cyber operations attributed to the Homeland Justice group are dated to [https://www.kryeministria.al/en/newsroom/videomesazh-i-kryeministrit-edi-rama/ 15 July 2022], when multiple websites and services of the Government of Albania were rendered unavailable as well as the e-Albania portal, and [https://edition.cnn.com/2022/09/10/politics/albania-cyberattack-iran/index.html 9 September 2022], when the border system of the state police was targeted; however, other state systems were compromised [https://www.microsoft.com/en-us/security/blog/2022/09/08/microsoft-investigates-iranian-attacks-against-the-albanian-government/ between October 2021 and May 2022]. |
|||
It is speculated that, although Homeland Justice declared its responsibility for the disruptive activity, the cyber operations were carried out by [https://www.microsoft.com/en-us/security/blog/2022/09/08/microsoft-investigates-iranian-attacks-against-the-albanian-government/ four state-sponsored actors with ties to Iran]. The cyber operations were accompanied by [https://www.cisa.gov/uscert/ncas/alerts/aa22-264a information operations by HLJ] accusing the Albanian government of corruption and spreading messages against Mujahideen E-Khalq (an Iranian opposition organization based in Albania). Data from various state databases was allegedly exfiltrated and some even published (e.g. data related to [https://balkaninsight.com/2022/11/08/albania-authorities-silent-over-alleged-security-service-data-hack/ the Prime Minister, the State Information Service] or [https://balkaninsight.com/2022/10/03/iranian-hackers-leak-database-of-albanian-criminal-suspects/ criminal suspects]). There is a suspicion that the cyber operations serve [https://www.microsoft.com/en-us/security/blog/2022/09/08/microsoft-investigates-iranian-attacks-against-the-albanian-government/ as a payback for cyber operations] attributed to a hacktivist group called Predatory Sparrow. |
|||
In response to the July cyber operation, Albania decided to [https://www.reuters.com/world/albania-cuts-iran-ties-orders-diplomats-go-after-cyber-attack-pm-says-2022-09-07/ cut diplomatic ties with Iran]. NATO has declared its support of Albania and [https://www.nato.int/cps/en/natohq/official_texts_207156.htm acknowledged the attribution, by some Allies, of the responsibility for the cyber operations to Iran]. The U.S. Department of the Treasury’s Office of Foreign Assets Control [https://home.treasury.gov/news/press-releases/jy0941 has imposed sanctions] on Iran’s Ministry of Intelligence and Security and on its minister. [https://www.politico.com/news/2022/10/05/why-albania-chose-not-to-pull-the-nato-trigger-after-cyberattack-00060347 Albania was also considering invoking] Article 5 of The North Atlantic Treaty, to trigger collective defence, but eventually decided against it. Iran has denied its involvement. |
|||
In the Toolkit, [[Scenario 02: Cyber espionage against government departments|Scenario 02]] considers cyber espionage against government departments and [[Scenario 17: Collective responses to cyber operations|Scenario 17]] addresses collective responses to cyber operations. |
|||
</div> |
|||
</choose> |
</choose> |
||
<h2 id="mp-other" style="clear:both; margin:0.5em; background:#bbceed; font-family:inherit; font-size:120%; font-weight:bold; border:1px solid #a3b0bf; color:#000; padding:0.2em 0.4em;">Quick links</h2> |
<h2 id="mp-other" style="clear:both; margin:0.5em; background:#bbceed; font-family:inherit; font-size:120%; font-weight:bold; border:1px solid #a3b0bf; color:#000; padding:0.2em 0.4em;">Quick links</h2> |
Revision as of 14:25, 2 February 2023
About the projectThe Cyber Law Toolkit is a dynamic interactive web-based resource for legal professionals who work with matters at the intersection of international law and cyber operations. The Toolkit may be explored and utilized in a number of different ways. At its core, it presently consists of 28 hypothetical scenarios. Each scenario contains a description of cyber incidents inspired by real-world examples, accompanied by detailed legal analysis. The aim of the analysis is to examine the applicability of international law to the scenarios and the issues they raise. You can see all scenarios in the box immediately below – just click on any of them to follow the relevant analysis. In addition, you may want to explore the Toolkit by looking for keywords you’re interested in; by viewing its overall article structure; by browsing through the national positions on international law in cyberspace; or by reading about individual real-world examples that serve as the basis of the Toolkit scenarios. Finally, you may want to use the search function in the top right corner of this page to look for specific words across all of the Toolkit content.
Cyber law scenarios |
Featured incidentIn January 2022, Kazakhstan experienced massive protests caused by a double rise in fuel prices. During the unrest, the Kazakh authorities have taken down the internet nationwide for about five days, intending to “suppress terrorists”. The exact method leading to the internet shutdown remains unclear; the Kazakh authorities probably rerouted domain name servers (DNS) traffic, cooperated with the internet providers who blocked the transmission, or used an internet kill switch. This caused a total disconnection of the country from the outside world and relevant information and affected citizens’ everyday life. People struggled to buy food as cards or mobile payments were disabled, and they could not have withdrawn cash. As the clashes turned violent, security forces used extensive force against protesters, with casualties reaching 225 deaths. Also, the global Bitcoin’s computational power vanished temporarily, showing the actual size of the cryptocurrency mining business in Kazakhstan. The internet blockage, increasingly used as a means of suppression by authoritarian regimes and repeatedly deployed in Kazakhstan, is explored in Scenario 24 of the Toolkit. Quick links
Behind the scenesThe project is supported by the following six partner institutions: the Czech National Cyber and Information Security Agency (NÚKIB), the International Committee of the Red Cross (ICRC), the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE), the University of Exeter, United Kingdom, the U.S. Naval War College, United States, and Wuhan University, China. The core of the project team consists of Dr Kubo Mačák (ICRC) – General Editor; Mr Tomáš Minárik (NÚKIB) – Managing Editor; and Ms Taťána Jančárková (CCDCOE) – Scenario Editor. The individual scenarios and the Toolkit as such have been reviewed by a team of over 30 peer reviewers. The Toolkit was formally launched on 28 May 2019 in Tallinn, Estonia; its Chinese launch took place on 2 November 2019 in Wuhan, China; it received its most recent general annual update on 20 October 2022; and it remains continuously updated. For questions about the project including media enquiries, please contact us at cyberlaw@exeter.ac.uk.
|