Boosting EU resilience to cyberattacks
Hybrid warfare is a term one hears a lot now, and it feels very menacing. Recent warfare developments blur the dividing line between ‘war’ and ‘peace’. Cyberattacks, disinformation, election interference and economic coercion destabilise adversaries insidiously. The CYBERCOMM project set out to tackle one strand of the threat: digital security. The project focused on cyberwarfare as a key component of multilayered hybrid strategies employed by hostile state actors and organised criminality, to undermine peace and security in Europe. “Hybrid cyberwarfare has not only become an integral part of modern warfare, but it is also an increasing threat for civilians and critical civilian infrastructure now,” explains the project’s leader, Artem Galushko(opens in new window), who conducted his research with the support of the Marie Skłodowska-Curie Actions(opens in new window) programme. Examples can be seen all too frequently. There have been attacks on civilian infrastructure such as power plants, healthcare facilities, financial institutions and e-governance systems. The project’s goal was to develop a common European approach to countering hybrid cyberwarfare by mapping and analysing the best cyber practices, policies and norms that could lay the foundation for digital security in Europe. “A lesson learned from a hybrid attack in one country is time saved when a knowledge-based European-wide response is critical,” says Galushko, who is based at the Arctic University of Norway(opens in new window).
Countering hybrid attacks on critical infrastructure
The project sought to find a common approach to countering hybrid attacks on critical infrastructure. The most recent examples of such attacks include those on the German railways operator Deutsche Bahn (DB), the high-speed rail lines being sabotaged on the opening day of the Winter Olympics in Italy, and the attempted Bremanger dam floodgates attack in Norway. “While the military was traditionally responsible for external security, and internal security was a prerogative of the police, hybrid cyberwarfare breaks this old security watershed due to increasingly blurred boundaries between states and cybercriminals, warfare and organised crime, civilian and military targets, and applicable national and international frameworks,” adds Galushko. To develop a common European approach to countering hybrid cyberwarfare, the project brought together the University’s Crime Control and Security Law group(opens in new window), which was enhanced by the involvement of International Criminal Court(opens in new window) and other key stakeholders to align current approaches to cybersecurity and hybrid warfare. The researchers conducted interviews with practitioners and established contact with professional communities to identify hybrid threats and establish interdisciplinary collaboration in Eurasia. To get an appreciation of public opinion, open discussions on existing risks were run during the University’s research days. Galushko edited a holistic analysis of hybrid warfare threats(opens in new window) in a volume that maps the best practices, strategies and forms of partnership to counter hybrid threats in Europe.
Combating cyberwarfare with a coherent, EU-wide value-based response
By adopting a principled approach to digital security, Galushko explains, Europe can establish an exemplary model of cooperation where digital resilience is not achieved at the expense of liberty and human rights, but rather through diverse digital partnerships. “Such values-based alliances between Europe and its partners can protect both state security and fundamental freedoms in like-minded countries with varying political, social and economic settings.” The project highlighted that critical physical infrastructure, such as healthcare, education, energy and transportation hubs, as well as government and financial institutions, is not the exclusive target of modern hybrid warfare. “The civilian population, whose resilience and vigilance are indispensable to the uninterrupted operation of these systems, is also directly targeted. Consequently, drawing on the experience of Ukraine and other conflict-affected regions, any effective response to hybrid warfare must incorporate awareness and preparedness initiatives designed to strengthen the capacity of civilian first responders,” notes Galushko.
