Main Page

The Cyber Law Toolkit is a dynamic interactive web-based resource for legal professionals who work with matters at the intersection of international law and cyber operations. The Toolkit may be explored and utilized in a number of different ways. At its core, it presently consists of 28 hypothetical scenarios. Each scenario contains a description of cyber incidents inspired by real-world examples, accompanied by detailed legal analysis. The aim of the analysis is to examine the applicability of international law to the scenarios and the issues they raise. You can see all scenarios in the box immediately below – just click on any of them to follow the relevant analysis. In addition, you may want to explore the Toolkit by looking for keywords you’re interested in; by viewing its overall article structure; by browsing through the national positions on international law in cyberspace; or by reading about individual real-world examples that serve as the basis of the Toolkit scenarios. Finally, you may want to use the search function in the top right corner of this page to look for specific words across all of the Toolkit content.

S01 Election interference	S02 Political espionage	S03 Power grid	S04 International organization
S05 Criminal investigation	S06 Enabling State	S07 Hacking tools	S08 Certificate authority
S09 Economic espionage	S10 Cyber weapons	S11 Surveillance tools	S12 Computer data
S13 Armed conflict	S14 Ransomware campaign	S15 Cyber deception	S16 High seas
S17 Collective responses	S18 Cyber operators	S19 Hate speech	S20 Medical facilities
S21 Misattribution	S22 Methods of warfare	S23 Vaccine research	S24 Internet blockage
S25 Humanitarian assistance	S26 Export licensing	S27 Redirecting attacks	S28 Incidental harm

In January 2022, Kazakhstan experienced massive protests caused by a double rise in fuel prices. During the unrest, the Kazakh authorities have taken down the internet nationwide for about five days, intending to “suppress terrorists”. The exact method leading to the internet shutdown remains unclear; the Kazakh authorities probably rerouted domain name servers (DNS) traffic, cooperated with the internet providers who blocked the transmission, or used an internet kill switch. This caused a total disconnection of the country from the outside world and relevant information and affected citizens’ everyday life. People struggled to buy food as cards or mobile payments were disabled, and they could not have withdrawn cash. As the clashes turned violent, security forces used extensive force against protesters, with casualties reaching 225 deaths. Also, the global Bitcoin’s computational power vanished temporarily, showing the actual size of the cryptocurrency mining business in Kazakhstan.

The internet blockage, increasingly used as a means of suppression by authoritarian regimes and repeatedly deployed in Kazakhstan, is explored in Scenario 24 of the Toolkit.

• FAQ – Frequently asked questions about the project and the Toolkit.
• All articles – Updated list of all substantive articles in the Toolkit. In a printed book, this would be the table of contents.
• Keywords – Overview of all keywords used across the Toolkit content. Serves the same purpose as an index would in a printed book.
• Legal concepts – Overview of all legal concepts from different branches of international law used across the Toolkit content.
• Examples – List of real-world incidents that have inspired the analysis in the Toolkit.
• National positions – List of publicly available national positions on the application of international law to cyber operations.
• Glossary – Glossary of the technical terms used in the Toolkit.
• Short form citation – Abbreviated references for the most commonly used citations in the Toolkit.
• Bibliography – Bibliography of resources used in the creation and development of the Toolkit.
• People – List of all people involved in the project (including scenario authors, peer reviewers, research assistants...).

Behind the scenes