Content Assessment: [2022/2023 Annual Update] International Cyber Law in Practice: Interactive Toolkit
Information - 96%
Insight - 97%
Relevance - 93%
Objectivity - 99%
Authority - 99%
A short percentage-based assessment of the qualitative benefit of the recently updated Cyber Law Toolkit published by the NATO Cooperative Cyber Defence Centre of Excellence (NATO CCDCOE).
Editor’s Note: The Cyber Law Toolkit is a dynamic interactive web-based resource for legal professionals and scholars working on matters at the intersection of international law and cyber operations.
The Toolkit consists of a growing number of hypothetical scenarios, each of which contains a description of cyber incidents inspired by real-world examples and accompanied by detailed legal analysis. The aim of the analysis is to provide a thorough examination of the applicability of international law to diverse scenarios and related legal issues. The Toolkit was launched in May 2019 in Tallinn, Estonia, and is available free of charge.
The Cyber Law Toolkit project is currently supported by the following partner institutions: the Czech National Cyber and Information Security Agency (NÚKIB), the International Committee of the Red Cross (ICRC), the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE), the University of Exeter, United Kingdom, the U.S. Naval War College, United States, and Wuhan University, China.
2022/2023 Annual Update Extract Published with Permission*
The Cyber Law Toolkit
The Cyber Law Toolkit is an established go-to resource for professionals and scholars working on international law and cyber operations. The Toolkit is updated in an ongoing manner, with the current iteration representing the 2022/2023 update. The Toolkit‘s core assets are hypothetical scenarios, each of which contains a description of realistic cyber incidents inspired by real-world examples and accompanied by detailed legal analysis written in accessible language.
The Toolkit addresses a gap between academia and practice as far as international cyber law is concerned. Although there is a growing body of research in this area of international law, its outputs are often not easily adaptable to the needs of legal practitioners dealing with cyber incidents on a daily basis. The Toolkit attempts to bridge this gap by providing accessible yet precise practical solutions to scenarios based on real-life examples of cyber operations with international law relevance.
The Toolkit is primarily addressed to legal practitioners with a working knowledge of international law. However, the language used is comprehensive and explanatory and should be generally accessible to non-lawyers, as well. Each concept that underpins the analysis is explained in detail to provide a complete understanding of the relevant scenario. Whilst the target audience consists of those with a degree of familiarity with international law and specifically cyber law, it does not preclude those with a general interest in the area, but no relevant expertise, from reading, using and enjoying the content of the Toolkit.
The analytical focus of the Toolkit is on international law applicable to cyber operations. Since 2021, it also contains a regularly updated overview of the publicly available national positions on the application of international law to cyber operations. By contrast, it does not specifically address the domestic law of any particular country, nor does it adopt the view of any country or group of countries in its analysis. As such, it is applicable to all countries in the world.
To keep pace with the recent developments in the cyber security domain and remain a relevant source for practitioners and scholars alike, the Toolkit is updated regularly on the basis of internal research and through external submissions.
Current Example Scenarios: 28 Hypothetical Scenarios
Each scenario contains a description of cyber incidents inspired by real-world examples, accompanied by a detailed legal analysis. The aim of the analysis is to examine the applicability of international law to the scenarios and the issues they raise.
- Scenario 01: Election interference
- Scenario 02: Cyber espionage against government departments
- Scenario 03: Cyber operation against the power grid
- Scenario 04: A State’s failure to assist an international organization
- Scenario 05: State investigates and responds to cyber operations against private actors in its territory
- Scenario 06: Cyber countermeasures against an enabling State
- Scenario 07: Leak of State-developed hacking tools
- Scenario 08: Certificate authority hack
- Scenario 09: Economic cyber espionage
- Scenario 10: Legal review of cyber weapons
- Scenario 11: Sale of surveillance tools in defiance of international sanctions
- Scenario 12: Cyber operations against computer data
- Scenario 13: Cyber operations as a trigger of the law of armed conflict
- Scenario 14: Ransomware campaign
- Scenario 15: Cyber deception during armed conflict
- Scenario 16: Cyber attacks against ships on the high seas
- Scenario 17: Collective responses to cyber operations
- Scenario 18: Legal status of cyber operators during armed conflict
- Scenario 19: Hate speech
- Scenario 20: Cyber operations against medical facilities
- Scenario 21: Misattribution caused by deception
- Scenario 22: Cyber methods of warfare
- Scenario 23: Vaccine research and testing
- Scenario 24: Internet blockage
- Scenario 25: Cyber disruption of humanitarian assistance
- Scenario 26: Export licensing of intrusion tools
- Scenario 27: Contesting and redirecting ongoing attacks
- Scenario 28: Extraterritorial incidental civilian cyber harm
Real World Examples (2007-2022)
Shared examples present instructive information on real-world incidents that have inspired the analysis (and scenarios) highlighted in the Cyber Law Toolkit project.
- Kazakhstan internet blockage (2022)
- Predatory Sparrow operation against Iranian steel maker (2022)
- Viasat KA-SAT attack (2022)
- HermeticWiper malware attack (2022)
- Cyber operations against government systems in Ukraine (January 2022)
- Colonial Pipeline ransomware attack (2021)
- UN data breach (2021)
- Waikato Hospitals ransomware attack (2021)
- Ireland’s Health Service Executive ransomware attack (2021)
- Kaseya VSA ransomware attack (2021)
- Microsoft Exchange Server data breach (2021)
- Pegasus Project revelations (2021)
- German hospital ransomware attack (2020)
- African Union headquarters hack (2020)
- Brno University Hospital ransomware attack (2020)
- Google shutting down an active counterterrorism operation (2020)
- SolarWinds (2020)
- Pfizer/BioNTech vaccine data modification and leak (2020)
- Israel’s water facilities attack (2020)
- APT32 attacks on Chinese government (2020)
- Cyber interference against vessels in the Persian Gulf and Gulf of Oman (2019)
- Iranian internet blackout (2019)
- Israeli attack against Hamas cyber headquarters in Gaza (2019)
- Russia’s sovereign internet (2019 onward)
- Springhill Medical Center ransomware attack (2019)
- Texas Municipality ransomware attack (2019)
- Ethiopian surveillance of journalists abroad (2017)
- French presidential election leak (2017)
- Hate speech in India (since 2017)
- Operation Cloudhopper (2017)
- NotPetya (2017)
- Triton (2017)
- WannaCry (2017)
- Wu Yingzhuo, Dong Hao and Xia Lei indictment (2017)
- Surveillance of Civil Society Groups/Ahmed Mansoor (2016)
- DNC email leak (2016)
- Industroyer – Crash Override (2016)
- Operation Glowing Symphony (2016)
- The Shadow Brokers publishing the NSA vulnerabilities (2016)
- Bundestag Hack (2015)
- Office of Personnel Management data breach (2015)
- Power grid cyberattack in Ukraine (2015)
- The Hacking Team Hack (2015)
- Alleged hacking of Patriot missiles (2014-2015)
- Chinese PLA Unit 61398 indictments (2014)
- Sony Pictures Entertainment attack (2014)
- Steel mill in Germany (2014)
- Ukrainian parliamentary election interference (2014)
National Positions of Selected Countries
An overview of the national positions on international law in cyberspace for listed countries.
- Australia (2020)
- Brazil (2021)
- Canada (2022)
- China (2021)
- Czech Republic (2020)
- Estonia (2019 and 2021)
- Finland (2020)
- France (2019)
- Germany (2021)
- Iran (2020)
- Israel (2020)
- Italy (2021)
- Japan (2021)
- Kazakhstan (2021)
- Kenya (2021)
- Netherlands (2019)
- New Zealand (2020)
- Norway (2021)
- Romania (2021)
- Russia (2021)
- Singapore (2021)
- Sweden (2022)
- Switzerland (2021)
- United Kingdom (2018, 2021, and 2022)
- United States (2012, 2016, 2020, and 2021)
Reference: International cyber law: interactive toolkit. Cyberlaw.ccdcoe.org. (2022). Retrieved 24 October 2022, from https://cyberlaw.ccdcoe.org/wiki/Main_Page.
- Defining Cyber Discovery? A Definition and Framework
- Cost and Loss? The 2022 NetDiligence Cyber Claims Study
Have a Request?
If you have information or offering requests that you would like to ask us about, please let us know and we will make our response to you a priority.
ComplexDiscovery is an online publication that highlights cyber, data, and legal discovery insight and intelligence ranging from original research to aggregated news for use by cybersecurity, information governance, and eDiscovery professionals. The highly targeted publication seeks to increase the collective understanding of readers regarding cyber, data, and legal discovery information and issues and to provide an objective resource for considering trends, technologies, and services related to electronically stored information.
ComplexDiscovery OÜ is a technology marketing firm providing strategic planning and tactical execution expertise in support of cyber, data, and legal discovery organizations. Focused primarily on supporting the ComplexDiscovery publication, the company is registered as a private limited company in the European Union country of Estonia, one of the most digitally advanced countries in the world. The company operates virtually worldwide to deliver marketing consulting and services.