This third EU Cyber Direct Research Seminar organised by Leiden University focussed on the topic of cyber espionage and built on a first preparatory online session organised in April 2022.
Why cyber intelligence? Despite widespread awareness of the role of intelligence agencies in cyber operations, there has been limited focus on these in international processes on ICTs/cyberspace and international security as well as in scholarly and expert debates and publications. The reasons for this lack of attention range from a general - and increasingly contested - understanding among States that intelligence-gathering activities are permitted under international law, regardless of the means involved, to the reality that we do not always have visibility on the full scope of cyber-related activity that intelligence actors engage in, including where their role and the operations they engage in begin and end. This makes it hard to make meaningful assessments of these activities from a policy or normative perspective. The recent SolarWinds Hack as well as a number of other developments suggest that this lack of attention and awareness may be changing, including amongst cyber diplomats.
The objective of this seminar was to reflect on these observations throughout three different sessions addressing:
- The role and status of cyber intelligence actors and the blurred lines between government and private actors where intelligence gathering and other intelligence activity conducted via cyber means is concerned, notably the role of private cybersecurity and technology companies;
- The accountability and responsibility of States and their intelligence agencies vis-à-vis the assessments, conclusions and recommendations on international law and the norms of responsible behaviour agreed upon at the UN;
- How these elements could potentially translate into policy recommendations at the national level, as well as if/how they should be approached in ongoing multilateral processes.
The seminar also included a discussion on whether any of the issues identified could be approached in track 1.5 processes, and if so, with which partners and in which format.