The Cyber Law Toolkit provides guidance on international law and cyber operations. It is used by governments and military lawyers around the globe.

The research project charts key cyber incidents around the world and contains a database of all available national positions on international law and cyber operations

The 2024 update includes new scenarios, real-world cyber incidents and national positions. Scenarios reflect some of the most pressing contemporary challenges in cyberspace, including state-sponsored cyber operations, incidents targeting critical infrastructure, and the evolving landscape of malicious cyber activities by non-state actors.

The 32 hypothetical scenarios each describe cyber incidents inspired by real-world examples, along with detailed legal analysis. These entries explore the applicability of international law to each scenario and the legal questions they raise.

The project team consists of Professor Kubo Mačák, from the University of Exeter, Tomáš Minárik from the Czech National Cyber and Information Security Agency and Otakar Horák, from the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE).

Professor Mačák said: “As cyber operations become more integral to military and governmental strategies, understanding the legal parameters is vital. The Cyber Law Toolkit continues to be an essential resource for those navigating these complex issues, offering up-to-date, practical guidance on how international law applies to cyber incidents.”

Among the new scenarios, Scenario 30 covers backdoors and implants, focusing on states establishing and countering backdoors in each other’s networks, Scenario 31 examines the sharing of degrading content during armed conflict, while Scenario 32 explores whether certain cyber operations could give rise to individual criminal responsibility for the crime of aggression.

The repository of real-world examples has grown to 72 incidents. Among the most recent additions from 2023 are: the cyber incident against a water authority in Pennsylvania, the operations against NATO’s aid mission in Turkey and Syria and the data breach at the International Criminal Court.