The growth of the global surveillance industry and the proliferation of access-as-a-service in particular has become a serious national security and human rights concern in recent years. For example, Pegasus software was allegedly used to target Hanan Elatr's mobile phone, just months before her husband Jamal Khashoggi was murdered in the Saudi consulate in Istanbul. Then there is also Project Raven, a case where former US intelligence officers employed state-of the-art-cyber surveillance tools on behalf of the UAE. It did not take long for Emirati intelligence services to use these tools to spy on US citizens.

Read more -->

Mischa Hansel

The Role of Cyber Operations in War - Part IV:
What Can We (Not) Learn?

Formative events often serve as a baseline for assessing future situations, and dissimilarities between past and future tend to be overlooked – sometimes to the detriment of sound policy-making. The question should therefore not be whether we will enter a dynamic era of policy learning, as indicated by use of the term “Zeitenwende” in recent German security discourse. Instead, we should ask whether we will learn the right lessons.

Read more -->

Mischa Hansel

The Role of Cyber Operations in War - Part III:
Cyber Operations and the Loss of Escalation Control

Other conflicts may not play-out as the Ukraine war has thus far in cyberspace. Attackers might be better prepared and more ready to use offensive cyber capacities, defenders on the other hand might well have less experience and fewer international allies. In this third part, I want to focus on domain specific escalation risks. Although these risks have not (yet) materialised within the Ukraine context, there is nevertheless plenty of evidence to corroborate their existence.

Read more →

Mischa Hansel

The Role of Cyber Operations in War - Part II:
(Cyber) History Does Not Repeat Itself

Describing and understanding the puzzle are of course two different things, let alone deriving policy conclusions. In the second part of this post, I will argue that special, although not necessarily unique, strategic circumstances have contributed to the absence of more serious cyberattacks, particularly against critical infrastructures in the context of the Ukraine war.

Read more →

Events

 d

COMING UP: Workshop on Government Vulnerabilities Disclosure

Exploiting software and hardware vulnerabilities has long since become its own industry. State actors walk on a tightrope, at times using  questionable markets or withholding vulnerabilities under certain circumstances – mostly, if not entirely, outside of public scrutiny.

To exchange innovative ideas that could guide state behaviour, the ICS team is organising an interdisciplinary workshop entitled “Government Vulnerability Disclosures: Turning the Tide” on 22nd November 2022, 14 hrs (CET). Sign up here!

Read more ->

Workshop on the Cybersecurity Chapter of the German National Security Strategy

ICS conducted a workshop in cooperation with the Federal Foreign Office on the cyber security aspect of the German National Security Strategy as part of the dialogue processes.

The hybrid event centred on four thematic blocks: security trends and constellations; tasks, goals, and instruments; civil society and business partnerships; as well as regional and international cooperation.

Read more -->

Workshop on a Global Cybercrime Convention

The UN member states embarked on a new negotiation process with the goal of creating a global convention against the criminal misuse of information and communication technology.
André Dornbusch (German Federal Criminal Police Office), Louise Marie Hurel (Igarapé Institute), and Nnenna Ifeanyi-Ajufo (Swansea University) discussed these and related questions at the third interdisciplinary workshop organised by IFSH’s "International Cybersecurity" team in cooperation with the German Federal Foreign Office.

Read more -->