Welcome to the Cyber Law Toolkit, an interactive online resource on international law and cyber operations.
About the project
The Cyber Law Toolkit is a dynamic interactive web-based resource for legal professionals who work with matters at the intersection of international law and cyber operations. The Toolkit may be explored and utilized in a number of different ways. At its core, it presently consists of 25 hypothetical scenarios. Each scenario contains a description of cyber incidents inspired by real-world examples, accompanied by detailed legal analysis. The aim of the analysis is to examine the applicability of international law to the scenarios and the issues they raise. You can see all scenarios in the box immediately below – just click on any of them to follow the relevant analysis. In addition, you may want to explore the Toolkit by looking for keywords you’re interested in; by viewing its overall article structure; by browsing through the national positions on international law in cyberspace; or by reading about individual real-world examples that serve as the basis of the Toolkit scenarios. Finally, you may want to use the search function in the top right corner of this page to look for specific words across all of the Toolkit content.
On 24 February 2022, a specific partition of modems from Viasat’s KASAT satellite network was targeted by a wiper malware rendering thousands of broadband modems permanently inoperable in Ukraine – including those used by military and other governmental agencies – and other users across Europe, resulting in a major loss of internet communication (see more here). The attack’s alleged spillover included the outage of the remote monitoring and control of 5,800 wind turbines in Germany. The attack has been attributed by the US, the UK, and the Council of the EU, to Russia, amid the intensification of the conflict in Ukraine. Russia has repeatedly denied that it carries out offensive cyber operations. In the Toolkit, Scenario 3 addresses the impact of cyber operations on critical infrastructure, Scenario 10 and Scenario 22 consider issues related to cyber means and methods of warfare, and Scenario 24 analyses a hypothetical situation of massive internet outage.
Quick links
FAQ – Frequently asked questions about the project and the Toolkit.
All articles – Updated list of all substantive articles in the Toolkit. In a printed book, this would be the table of contents.
Keywords – Overview of all keywords used across the Toolkit content. Serves the same purpose as an index would in a printed book.
Legal concepts – Overview of all legal concepts from different branches of international law used across the Toolkit content.
Examples – List of real-world incidents that have inspired the analysis in the Toolkit.
National positions (NEW!) – List of publicly available national positions on the application of international law to cyber operations.
Glossary – Glossary of the technical terms used in the Toolkit.
Short form citation – Abbreviated references for the most commonly used citations in the Toolkit.
Bibliography – Bibliography of resources used in the creation and development of the Toolkit.
People – List of all people involved in the project (including scenario authors, peer reviewers, research assistants...).
Behind the scenes
The project is supported by the following six partner institutions: the Czech National Cyber and Information Security Agency (NÚKIB), the International Committee of the Red Cross (ICRC), the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE), the University of Exeter, United Kingdom, the U.S. Naval War College, United States, and Wuhan University, China. The core of the project team consists of Dr Kubo Mačák (ICRC) – General Editor; Mr Tomáš Minárik (NÚKIB) – Managing Editor; and Ms Taťána Jančárková (CCDCOE) – Scenario Editor. The individual scenarios and the Toolkit as such have been reviewed by a team of over 30 peer reviewers. The Toolkit was formally launched on 28 May 2019 in Tallinn, Estonia; its Chinese launch took place on 2 November 2019 in Wuhan, China; it received its most recent general annual update on 22 September 2021; and it remains continuously updated. For questions about the project including media enquiries, please contact us at cyberlaw@exeter.ac.uk.
On 29 January 2020, The New Humanitarianreported that dozens of servers were “compromised” at the United Nations offices in Geneva and Vienna. The attack dated back to July 2019 and affected staff records, health insurance, and commercial contract data. According to an unnamed UN official cited in an Associated Press report on the same day, the level of sophistication was so high that it was possible a State-backed actor might have been behind it. Within the Toolkit, Scenario 04 specifically considers a hypothetical situation in which an international organization falls victim to cyber attacks, the impact of which could and should have been averted by the host State.
</option>
<option>
On 30 July 2020, the Council of the European Union decided to impose restrictive measures against six individuals and three entities considered to be responsible for or involved in various hostile cyber operations. These included the attempted hack of the Organization for the Prohibition of Chemical Weapons (OPCW) and the WannaCry and NotPetya incidents. The sanctions imposed included a travel ban and an asset freeze. In addition, EU persons and entities were prohibited from making funds available to those listed. This was the first time the EU has imposed restrictive measures of this kind. Within the Toolkit, Scenario 04 specifically considers a hypothetical situation in which an international organization falls victim to cyber attacks, and Scenario 17 discusses the legality of targeted restrictive measures of this kind from the perspective of international law.
</option>
<option>
On 13 March 2020, Brno University Hospital, the second-largest hospital in the Czech Republic, at the time also providing COVID-19 testing capacities, was targeted by ransomware. The hospital was forced to shut down its entire IT network, postpone urgent surgical interventions, and reroute patients to other nearby hospitals. It took several weeks before the hospital was fully operational again. Scenario 14 in the Toolkit provides the legal analysis of a ransomware campaign against municipal and health care services abroad; Scenario 20 and Scenario 23 both focus on various cyber operations against hospitals.
</option>
END OF REMOVED INCIDENTS -->
Cookies help us deliver our services. By using our services, you agree to our use of cookies.