On the 28th of February 2023, the European Cyber Conflict Research Initiative (ECCRI) held a workshop to reflect on wartime cyber operations in Ukraine, supported by the UK National Cyber Security Centre.
The workshop gathered cyber threat intelligence practitioners, academics, and officials representing governments and international institutions. It was an invitation only workshop and adhered to the Chatham House Rule, enabling participants to express their candid ideas and reflections. ECCRI has prepared this report in consultation with attendees, to emphasize the primary topics of discussion.
This report builds upon a previous report by ECCRI on wartime cyber operations in Ukraine, based on a workshop held in Tallinn in May 2022, just three months after the full-scale invasion of Ukraine.
Key takeaways from the report:
In line with its doctrine of information confrontation, Russia employed a variety of cyber operations during the war at an unprecedented scale.
The primary goals of wartime operations – sabotage, influence, and espionage – have remained constant. Cyber operations provide new opportunities to achieve age-old objectives.
Cyber activity in Ukraine is associated with kinetic activity bursts and lulls.
The GRU has adopted a flexible approach with “pure wipers” that are easy to manipulate and launch without draining significant resources.
Western observers may overestimate coordination between Russian-aligned criminals and the government.
Distinguishing between cyber criminal and political activist groups is becoming increasingly difficult.
Initiatives such as the IT Army risk blurring important principles of distinction between combatants and noncombatants.
There is a shift in responsibilities that needs to be recognized by both the public and private sectors, with industry delivering capacity at scale.
While Ukraine has benefited from unity of purpose across many different Western actors, this conflict may not provide a good roadmap for the future.
We are inviting abstract submissions to the 2023-2024 session of the European Cybersecurity Seminar. Our Seminar, hosted by the European Cyber Conflict Research Initiative (ECCRI), provides cybersecurity researchers and practitioners with a platform to present and get feedback on research projects and papers. We hold monthly hour-long seminar meetings via Zoom where participants can present research to the community. To ensure high-quality feedback, for each presentation ECS identifies and assigns an expert discussant to each paper who provides detailed comments, before opening up the discussion to all participants in the call.
For our 2023-2024 session, we invite abstract submissions on the topic of cybersecurity broadly understood, from both academics and practitioners at all stages of the project cycle. It could be an idea for a project, a concept note, a first draft or a finished research article that requires final polishing. With the goal to both push European research on cybersecurity ahead and support the growing academic community projects at all stages are welcome.
Please send your abstracts of 200-300 words to cyberseminar@eccri.eu by February 20, ideally in the email text rather than as attachments. We will select the best 12 submissions and announce the schedule from April 2023-April 2024 by the end of March. As before, we especially encourage junior scholars to submit.
We look forward to reading your submissions, and to seeing you online!
Best,
Lennart Maschmeyer and Lilly Pijnenburg-Muller (co-chairs)
Are you interested in pursuing a PhD in the field of cyber conflict or cyber security? This page provides a non-comprehensive list of relevant PhD programs and available supervisors in Europe, followed by their respective biographies (by alphabetical order).
Would you like to add your PhD program to the list? Please fill out the following survey.
Andreas Wenger is professor of International and Swiss Security Policy at ETH Zurich. He studied History, Political Science and German Literature at the University of Zurich. He holds a Doctorate from the University of Zurich and was a visiting fellow at the Woodrow Wilson School of Public and International Affairs and the Center of International Studies, Princeton University. During that period, he wrote his doctoral dissertation analyzing the role of nuclear weapons in the Cold War international system. The focus of his main research interests lies on security and strategic studies and the history of international relations. Within the MA program in Comparative and International Studies (MACIS), he teaches seminars on political violence and security politics.
Andreas Wenger has been the Director of the Center for Security Studies (CSS) at ETH Zurich since 2002. The CSS is a center of excellence for national and international security policy. Since its foundation in 1986, the CSS has fulfilled a national role at the intersection of academia and public policy and a key bridging function vis-à-vis society and politics. The CSS maintains a strong partnership with the Federal Department of Defense, Civil Protection and Sport (DDPS) and the Federal Department of Foreign Affairs (FDFA). These partnerships cover research, education, and policy engagement.
University
Department / program
Supervisor
Areas of interest
Part-time option
Remote option
Hertie School
N/A
Anita Gohdes
Digital repression, digital authoritarianism, Hybrid warfare, Propaganda, Information Operations
No
No
I’m Professor of International and Cyber Security at the Hertie School in Berlin. Previously, I was Assistant Professor of International Relations at the University of Zurich, and postdoctoral research fellow at the Belfer Center and the Women and Public Policy Program in the Harvard Kennedy School. Prior to that I worked at the Chair for Political Science IV at the University of Mannheim, where I obtained my PhD.
My research focuses on political violence, state repression and the measurement of human rights. My book project theoretically and empirically investigates how governments use cyber controls to inform their strategies of violent repression. The book is based on my dissertation, which was awarded the 2014-2016 Walter Isard Dissertation Award (given every two years by the Peace Science Society International), and the Deutscher Studienpreis 2015 (German Dissertation Prize) for the Social Sciences.
My work has been covered by various news outlets and is accepted or appears in the American Journal of Political Science, Journal of Politics, Journal of Conflict Resolution, Journal of Peace Research, Nature Human Behavior, Journal of Human Rights, and at Oxford University Press. I am also an Associate Editor at the Journal of Peace Research.
Since 2009, I have been working for the Human Rights Data Analysis Group. Read our UN report on the documented death toll in Syria here, and our report on the number of killings in Syrian detention centers here. I’ve also worked with Amnesty International on investigating the human rights costs on Internet shutdowns.
My pronouns are she/her.
University
Department / program
Supervisor
Areas of interest
Part-time option
Remote option
King’s College London
Department of War Studies
Tim Sevens
Politics of cybersecurity; cyberwarfare; cyber conflict; political economy of cybersecurity.
Yes
No
Dr Stevens is Senior Lecturer in Global Security and head of the King’s Cyber Security Research Group. His research looks at the intersection of technology, politics and global security practices, with specific interests in the politics and governance of cybersecurity. He has also written on time and temporality in International Relations, including in a monograph, Cyber Security and the Politics of Time (Cambridge University Press, 2016).
He joined the Department of War Studies as a lecturer in 2016, having previously taught at King’s and Royal Holloway University of London.
Dr Stevens has a BA (Hons) in Archaeology from University College London, and an MA, MRes and PhD in War Studies from King’s College London. He is an elected Fellow of the Royal Geographical Society. He is also a Fellow of the Higher Education Academy and Senior Fellow and Associate Researcher at the Conservatoire National des Arts et Métiers (Cnam), Paris. He is the inaugural International Fellow at the Research Institute for Sociotechnical Cyber Security (RISCS).
Tim Stevens’ research is situated at the intersection of technology, politics and global security. He is particularly interested in information technologies and their roles in shaping and enabling global security practices. He has written extensively on the politics and governance of cybersecurity, especially in its strategic and international dimensions.
His current research projects explore: the role of offensive cyber operations in UK strategy; the nature and character of fragmentation in global cybersecurity governance; and topologies of cyberwarfare.
Tim Watson is a Professor at Loughboroeugh University. He is also the Programme Director for Alan Turing Institute’s defence and security programme. He is an adviser to various parts of the UK government and to several professional and standards bodies.
Tim’s research includes EU-funded projects on combating cyber crime, UK MoD research into automated defence, insider threat and secure remote working, and UKRI-funded research, focusing on the protection of critical national infrastructure against cyber attack. In PETRAS he is the Chair of the Research Excellence Board.
Legal, policy and compliance issues related to cybercrime, cybersecurity and cyber defence
Yes
No
Deputy director of the cooperative research institute focused on cybersecurity, that was established by Masaryk University, Czech Technical University and Brno University of Technology. Focus on research coordination, coordination of services provided by the CSH within the European Digital Innovation Hub consortium and management of certification activities of the CSH.
Professor at the University of Bordeaux (UB, Faculty of Law and Political Science), Vice-President of the UB and lecturer at Sciences Po Paris.
In the context of state analysis, Sébastien-Yves’ three main research interests are the role of social sciences for analysis and anticipation, the dynamics of armed conflict, and issues of governance and conflict in cyberspace
In collaboration with Jean-Pierre Bat, François David, Philippe Hayez and Floran Vadillo, he directs the seminar “METIS, Intelligence and democratic societies”.
University
Department / program
Supervisor
Areas of interest
Part-time option
Remote option
University of Nottingham
Politics and International Relations
Joe Burton
Cyber war, cyber crime, emerging technologies, cyber Diplomacy
Yes
No
My research is focused on the relationship between culture, politics and cyber security (cyber warfare, cyber peace, cyber diplomacy, cyber crime etc.) and the positive and negative impacts of emerging technologies (e.g. Artificial Intelligence and Quantum Computing) on international relations. I have extensive interdisciplinary research experience, including working with behavioural scientists, statisticians, and computer scientists on security issues, including cyber security, AI, maritime security, non-proliferation, regional collective security, information warfare and hybrid threats.
I have worked at the highest levels of professional politics and policy, as an advisor to Cabinet Ministers in New Zealand and the UK, a national campaign coordinator, legislative assistant, researcher, and political organiser.
I am recipient of the US Department of State SUSI Fellowship (New York, Washington D.C.), the Taiwan Fellowship (Ministry of Foreign Affairs, Taipei), the Fernandes Fellowship (University of Warwick) and I have been a visiting researcher and lecturer at the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE, Tallinn, Estonia).
I hold a Doctorate in International Relations and a Master of International Studies degree from the University of Otago, New Zealand and an undergraduate degree in International Relations from Aberystwyth University in Wales.
University
Department / program
Supervisor
Areas of interest
Part-time option
Remote option
University of Oxford
Blavatnik School of Government
Roxana Radu
Tech & public policy, Internet governance, cybersecurity governance
Yes
No
Roxana Radu is a Departmental Lecturer in Technology and Public Policy. Her research focuses on the governance of digital technologies and internet-related policymaking. She is the author of the monograph ‘Negotiating Internet Governance’ (Oxford University Press, 2019), inspired by her work with the diplomatic community in Geneva, Switzerland. Since 2020, she has been the Program Chair of the Global Internet Governance Academic Network (GigaNet).
Prior to joining the Blavatnik School, Roxana was a Postdoctoral Researcher at the Centre for Socio-Legal Studies, University of Oxford and a Research Associate at the Graduate Institute of International and Development Studies in Geneva. She holds a PhD (summa cum laude) in International Relations from the Graduate Institute and an MA in Political Science (with honours) from the Central European University.
University
Department / program
Supervisor
Areas of interest
Part-time option
Remote option
University of Portsmouth
Strategy, Enterprise, Innovation (SEI)
Clare Stevens
Critical cyber security; science and technology studies; cyber conflict
Yes
Yes
I am a Teaching Fellow in International Security based at RAF College Cranwell, working as part of the Portsmouth Military Education team (PME).
My PhD thesis took an in-depth critical look at cybersecurity politics in the United States. Despite its prominence in security discourses and policies in the United States, what counts as ‘cybersecurity’ and how it is to be practised by state actors is still a matter of ongoing contention. By deploying the analytical framework of ‘boundary work’ from Science and Technology Studies (STS), I argued that what cybersecurity ‘is,’ and how its boundaries are drawn, are not overdetermined by strategic or technological imperatives, so much as they reflect the efforts of different entities to defend and extend their own organisational and symbolic boundaries. As my thesis found, this approach opened up critical questions over the extent to which security imaginaries and conceptions of US national identity work as important codes of intelligibility in (and transformed through) cybersecurity politics over time, finding that technologies, consequential categories, institutional responsibilities, political authority, and national identity are also constituted and challenged in and through these debates.
As well as exploring cybersecurity politics in other contexts and settings, my current reasearch is also looking at the role that time and temporality plays in government secrecy and is also examining what emerging conceptions of ‘cyber power,’ and its strategic implications, mean for the UK.
I am interested in research that takes a critical and reflexive approach to matters of security, and that questions commonplace assumptions about cybersecurity at the international and national security levels. My research is interdiscplinary in nature, sitting at the intersections between critical security studies, International Relations, STS, sociology and politics.
In 2017, Chris joined the Westphalian University as a professor of computer and network security. He is interested in systems security, and in particular malware analysis techniques in the context of targeted attacks, as well as the broader field of threat intelligence analysis.
With years of experience as a technical threat intelligence analyst with CrowdStrike, Chris has dealt with advanced nation-state targeted attacks.
Together with Lars Wallenborn, he initiated and contributes to the Armchair Investigators podcast dealing with malware, cybercrime and cyber espionage (in German).
In 2022, it is a truism to say that the internet underpins almost every aspect of our daily lives. In a world beset by geopolitical tensions and conflict, the lingering consequences of a global pandemic, increasing cyber threats to states, organizations, and individuals, and a growing climate emergency, big cyber ideas are needed more than ever.
How can we harness trends such as multipolar internet governance, new sources of and tools for analyzing data, and the power of greater global connectivity through social media, to tackle these global challenges rather than exacerbating them?
Join us on Wednesday 21st September, 4.30-7pm CEST, for a creative, inspiring, and unique event that thinks differently about the major issues of the day. We will be re-imagining cyber policy, strategy, and practice to highlight new perspectives, new research, and, of course, big cyber ideas.
This year, the festival will take place in Gathertown (a proto-metaverse, for those who are fond of multisyllabism), with talks, discussions, and fun and games all round.
Cyber Operations during the 2022 Russian invasion of Ukraine: Lessons Learned (so far)
What key lessons can we draw from the 2022 Russian invasion of Ukraine about the role of cyber operations in military conflict? How do Russian cyber operations differ in wartime compared to peacetime activity? And what cyber activity can we expect in the months ahead?
On 30 May, the European Cyber Conflict Research Initiative (ECCRI) held a roundtable in Tallinn discussing these questions about the impact of cyber operations during the war in Ukraine. The event included cyber threat intelligence and incident response practitioners, corporate representatives, academics, and officials from key governments and international institutions. It was off-the-record and invite-only, to enable those attending to be as frank as possible. Nonetheless, we thought it useful – in consultation with all attendees – to make several lines of discussion public.
ECCRI Book Forum on the Dynamics of Cyber Conflict Wednesday, 20 July 2022 from 5-6pm CET Virtual
On Wednesday, 20 July 2022 from 5-6pm CET, the European Cyber Conflict Research Initiative invites you to a virtual Book Forum, with the authors (Harknett, Moore and Smeets) of the following three recently published books:
The authors will discuss the conditions of cyber force development, cyber operations during the 2022 Russian invasion of Ukraine, and the future national cyber security strategy.
James Shires, an Assistant Professor at the Institute for Security and Global Affairs, Leiden University, will moderate the discussion.
Check back soon to find out more about the Big Cyber Ideas Festival 2022-2023
During the global pandemic, societies have moved online in an unprecedented way. Cyber threats and risks are exacerbated by this deepening digitalization.
The second edition of the Big Cyber Ideas Festival is an online event took place from September 21-23, 2021, with the purpose of exploring key questions for cyber security and digital policy in Europe.
We hosted three sessions across three days for practitioners, researchers, and the interested public. We’re bringing together academic, government, and private sector experts to catalyze wide-reaching conversations on key policy developments.
The session topics tackled key questions around cybersecurity journalism, public attribution of cyber operations, and global perspectives on European cyber policy, including:
Why are cyber operations attributed to states by commercial companies, states, and international organizations such as the EU?
How are these attributions reported and discussed in national and international media?
And how do other states – including those at whom such accusations are directed – view European actions?
– Juan Andres Guerrero-Saade, Sentinel One – Selena Larson, Proofpoint – Saher Naumann, BAE Systems
Speakers
– Kim Zetter, Independent – Lorenzo Franceschi-Bicchierai, VICE – Hakan Tanriverdi, BR/ARD
Speakers
– Jinghua Lyu, Centre for Humanitarian Dialogue – Pavel Sharikov, Russian International Affairs Council – Pouria Askary, AT – Arindrajit Basu, Centre for Internet & Society
Moderators
– Florian Egloff, ETH Zurich Center for Security Studies – Lilly Muller, King’s College London
Moderators
– Max Smeets, ETH Zurich Center for Security Studies – Jamie Collier, FireEye
Moderators
– James Shires, Leiden University – Monica Kaminska, Leiden University
