In recent years, publicly attributing the authorship of malicious cyber operations to another state has become an increasingly popular policy response for many states. Given the political attention these official public political attributions receive, it is vital for states to reasonably explain and justify the reasoning behind particular public attributions. In striking a balance between disclosing and strategically withholding information, …
Resilient Connectivity: SpaceX’s Stellar Solution for Gaza’s Internet Amid Conflict
Recent high-profile international incidents are shedding light on the political, legal and technical limitations associated with the use of Low Earth Orbit (LEO) satellite constellations for broadband Internet services. In a noteworthy development, the leading provider of this technology, SpaceX’s Starlink, has reached a mutual understanding with Israel to refrain from extending its services to Israel and the occupied territories, …
Advancing European Cyber Resilience and Cyber Defence
Since the beginning of Russia’s war of aggression against Ukraine, the attention of European security policymakers has shifted back to conventional defence and warfare. However, it would be short-sighted to ignore the growing peacetime cyber threat and the technological demands of modern warfare, especially in the context of the military use of AI and other emerging technologies with potentially profound …
Ahead of the Threat(s)?
With the new Dutch International Cybersecurity Strategy for 2023-2028, the government of the Netherlands demonstrates responsibility and agency in the face of continuous cyber threats posed by states and criminals. It aspires to keep democratic and human rights and norms top of mind and seeks to preserve a globally open, free and secure internet. The strategy makes clear the government’s …
Countering Cyber Mercenaries
The EU and its member states face a human rights and security crisis due to the use of cyber mercenaries, private entities that sell offensive cyber capabilities to governments. The Paris Peace Forum, the Paris Call for Trust and Security in Cyberspace, and a Franco-British initiative are some of the platforms that have proposed concrete actions and guidance for industry, …
From Westphalia to San Francisco: A cyber and digital perspective on the changing nature of European diplomacy and transatlantic relations
Gerard de Graaf is no stranger to EU digital policies. He serves as EU Senior Envoy for Digital to the US and currently heads the EU Office in San Francisco. Prior to his recent appointment, de Graaf was Director responsible for the Digital Services and Digital Markets Acts in the Directorate-General for Communications Networks, Content and Technology, and co-chaired two …
Why EU Cyber Policy Should Become Feminist
The EU’s cyber policy and strategy has developed essential relevance to the EU’s security environment. This was highlighted in 2022’s Strategic Compass, which emphasises the importance of cybersecurity. In the grey zone between peace and armed conflict, state and non-state actors use cyber operations for espionage, ransom or sabotage. The 2022 ENISA Threat Landscape found a massive increase in cyberattacks …
Upping the Ante on EU Cyber Defence: What Should we Expect from our Capitals?
The obvious importance of cyber defence – often the poor cousin of all things cyber – is becoming clearer and more entrenched, with growing high-level EU ambitions. The recent release of the EU cyber defence policy in late 2022 marks a milestone for the EU’s cyber defence policy framework insofar as its ambitions indicate the aspirational direction of travel for …
Europe’s Risky Plan for the Internet
Over the past few months, the European Commission, along with European telecommunication providers, have reignited an old debate about the way traffic is meant to flow through the internet. Premised under the decade-old idea of the ‘Sending Party Network Pays’ (SPNP) model, the intention is to require content providers to pay telecom operators for the traffic they carry on their …
Towards a data-driven EU Cyber Diplomacy
The EU and its member-states lack quantifiable data on cyber conflict that can guide EU Cyber diplomacy. But data is necessary to answer even basic questions like, whether cyber conflict is getting better or worse and does the EU cyber posture have the desired effect in reducing cyber operations or their damaging effects. A new European research project, the European …