Hardly a day passes without bad news from the cyber sector: Cyberattacks against state and military institutions are now almost the norm, and private individuals must be enormously wary of phishing or encryption attacks. The internet, labelled by Chancellor Merkel in 2013 as “uncharted territory”, seems to have become a conflict zone where malevolent state and non-state actors are up to mischief. The press therefore often indulges in hyperbole about “cyberwars” or “cyberattacks”. On the other hand, the worst fears of a cyber-Pearl Harbour have (so far?) not materialized. So where do we stand at the moment?

In this learning unit we try to distinguish between the different levels of cyber threats by looking at different actors capable of aggressive cyber operations. We also look at the international legal framework and the options available to make cyberspace more secure – both at the state and civilian level. After completing this learning unit, you will:

• be familiarized with the basic concepts of different cyber incidents
• understand why the cyber realm is no lawless territory from the perspective of international law
• be introduced to different state and non-state actors which might, or might not, pose a threat to cybersecurity
• comprehend limits and possibilities of arms control and disarmament in the cyber realm
• understand the specific EU policy on cybersecurity