Content Assessment: [2021/2022 Annual Update] International Cyber Law in Practice: Interactive Toolkit
Information - 95%
Insight - 95%
Relevance - 90%
Objectivity - 100%
Authority - 100%
A short percentage-based assessment of the qualitative benefit of the recently updated Cyber Law Toolkit published by the NATO Cooperative Cyber Defence Centre of Excellence (NATO CCDCOE).
Editor’s Note: The Cyber Law Toolkit is a dynamic interactive web-based resource for legal practitioners and scholars working on international law and cyber operations.
The Toolkit consists of a growing number of hypothetical scenarios, each of which contains a description of cyber incidents inspired by real-world examples and accompanied by detailed legal analysis. The aim of the analysis is to provide thorough examination of the applicability of international law to the diverse scenarios and related legal issues. The Toolkit was launched in May 2019 in Tallinn, Estonia, and is available free of charge.
The Cyber Law Toolkit project is currently supported by the following partner institutions: the Czech National Cyber and Information Security Agency (NÚKIB), the International Committee of the Red Cross (ICRC), the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE), the University of Exeter, United Kingdom, the U.S. Naval War College, United States, and Wuhan University, China.
2021/2022 Annual Update Extract Published with Permission*
The Cyber Law Toolkit
The Cyber Law Toolkit, an established go-to resource for professionals and scholars working on international law and cyber operations, initially introduced its annual update on September 23, 2021. The Toolkit is updated in an ongoing manner, with the current iteration representing the 2021/2022 update. The Toolkit‘s core assets are hypothetical scenarios, each of which contains a description of realistic cyber incidents inspired by real-world examples and accompanied by detailed legal analysis written in an accessible language.
New scenarios, a new functionality providing an overview of national positions on international law in cyberspace, and several new real-life incidents are among this year’s additions introduced at the CyberCon conference hosted by the Czech National Cyber and Information Security Agency (NÚKIB).
The new scenarios include and contemplate malicious cyber operations against medical facilities and vaccine research, explore international law implications of misattribution in cyberspace, consider the differences between means and methods of warfare in cyberspace, and analyze the legal ramifications of internet shutdowns.
The Toolkit contains a wholly new feature, which provides a customizable overview of all available national positions on international law and cyber operations. Users can search for specific countries or compare different States’ views on a diverse range of topics such as sovereignty, non-intervention, or due diligence.
To keep pace with the recent developments in the cyber security domain and remain a relevant source for practitioners and scholars alike, the Toolkit is updated regularly on the basis of internal research and through external submissions.
Current Example Scenarios: 25 Hypothetical Scenarios
Each scenario contains a description of cyber incidents inspired by real-world examples, accompanied by detailed legal analysis. The aim of the analysis is to examine the applicability of international law to the scenarios and the issues they raise.
- Scenario 01: Election interference
- Scenario 02: Cyber espionage against government departments
- Scenario 03: Cyber operation against the power grid
- Scenario 04: A State’s failure to assist an international organization
- Scenario 05: State investigates and responds to cyber operations against private actors in its territory
- Scenario 06: Cyber countermeasures against an enabling State
- Scenario 07: Leak of State-developed hacking tools
- Scenario 08: Certificate authority hack
- Scenario 09: Economic cyber espionage
- Scenario 10: Legal review of cyber weapons
- Scenario 11: Sale of surveillance tools in defiance of international sanctions
- Scenario 12: Cyber operations against computer data
- Scenario 13: Cyber operations as a trigger of the law of armed conflict
- Scenario 14: Ransomware campaign
- Scenario 15: Cyber deception during armed conflict
- Scenario 16: Cyber attacks against ships on the high seas
- Scenario 17: Collective responses to cyber operations
- Scenario 18: Legal status of cyber operators during armed conflict
- Scenario 19: Hate speech
- Scenario 20: Cyber operations against medical facilities
- Scenario 21: Misattribution caused by deception
- Scenario 22: Cyber methods of warfare
- Scenario 23: Vaccine research and testing
- Scenario 24: Internet blockage
- Scenario 25: Cyber disruption of humanitarian assistance
Real World Examples (2007-2021)
Shared examples present instructive information on real-world incidents that have inspired the analysis (and scenarios) highlighted in the Cyber Law Toolkit project.
- Colonial Pipeline ransomware attack (2021)
- Ireland’s Health Service Executive ransomware attack (2021)
- Kaseya VSA ransomware attack (2021)
- Microsoft Exchange Server data breach (2021)
- Pegasus Project revelations (2021)
- African Union headquarters hack (2020)
- Brno University Hospital ransomware attack (2020)
- Google shutting down an active counterterrorism operation (2020)
- SolarWinds (2020)
- Pfizer/BioNTech vaccine data modification and leak (2020)
- Cyber interference against vessels in the Persian Gulf and Gulf of Oman (2019)
- Iranian internet blackout (2019)
- Israeli attack against Hamas cyber headquarters in Gaza (2019)
- Russia’s sovereign internet (2019 onward)
- Springhill Medical Center ransomware attack (2019)
- Texas Municipality ransomware attack (2019)
- Ethiopian surveillance of journalists abroad (2017)
- French presidential election leak (2017)
- Hate speech in India (since 2017)
- Operation Cloudhopper (2017)
- NotPetya (2017)
- Triton (2017)
- WannaCry (2017)
- Wu Yingzhuo, Dong Hao and Xia Lei indictment (2017)
- DNC email leak (2016)
- Industroyer – Crash Override (2016)
- Operation Glowing Symphony (2016)
- The Shadow Brokers publishing the NSA vulnerabilities (2016)
- Bundestag Hack (2015)
- Office of Personnel Management data breach (2015)
- Power grid cyberattack in Ukraine (2015)
- The Hacking Team Hack (2015)
- Chinese PLA Unit 61398 indictments (2014)
- Sony Pictures Entertainment attack (2014)
- Steel mill in Germany (2014)
- Ukrainian parliamentary election interference (2014)
National Positions of Selected Countries
An overview of the national positions on international law in cyberspace for listed countries.
- Australia (2020)
- Brazil (2021)
- China (2021)
- Czech Republic (2020)
- Estonia (2019 and 2021)
- Finland (2020)
- France (2019)
- Germany (2021)
- Iran (2020)
- Israel (2020)
- Italy (2021)
- Japan (2021)
- Kazakhstan (2021)
- Kenya (2021)
- Netherlands (2019)
- New Zealand (2020)
- Norway (2021)
- Romania (2021)
- Russia (2021)
- Singapore (2021)
- Switzerland (2021)
- United Kingdom (2018 and 2021)
- United States (2012, 2016, 2020 and 2021)
Reference: International cyber law: interactive toolkit. Cyberlaw.ccdcoe.org. (2022). Retrieved 21 January 2022, from https://cyberlaw.ccdcoe.org/wiki/Main_Page.
- Defining Cyber Discovery? A Definition and Framework
- An Economical Impact? How Cyber Insurance Shapes Incident Response
Have a Request?
If you have information or offering requests that you would like to ask us about, please let us know and we will make our response to you a priority.
ComplexDiscovery is an online publication that highlights cyber, data, and legal discovery insight and intelligence ranging from original research to aggregated news for use by cybersecurity, information governance, and eDiscovery professionals. The highly targeted publication seeks to increase the collective understanding of readers regarding cyber, data, and legal discovery information and issues and to provide an objective resource for considering trends, technologies, and services related to electronically stored information.
ComplexDiscovery OÜ is a technology marketing firm providing strategic planning and tactical execution expertise in support of cyber, data, and legal discovery organizations. Focused primarily on supporting the ComplexDiscovery publication, the company is registered as a private limited company in the European Union country of Estonia, one of the most digitally advanced countries in the world. The company operates virtually worldwide to deliver marketing consulting and services.