Cyberwar, cybercrime and the new geopolitics of digital sovereignty: the digital sphere is no longer just a technological terrain, but a battlefield of geopolitical interests. States are vying for influence, companies for market share and non-state actors are using cyberspace as an arena for espionage, blackmail and even digital sabotage – one reason why I keep returning to this topic.
I was interested to read the “Handbook for the Practice of Cyber Diplomacy“, published by leading experts in the field, which sheds light on the increasing importance of diplomatic strategies in cyberspace. It provides both a historical context and a pragmatic analysis of existing diplomatic mechanisms by which states attempt to bring order to a digitally fragmented global system riddled with power interests.
This is about far more than just cybersecurity: it is about power projection, economic dominance and the question of who sets the rules in the digital space.
Cyberattacks as a geopolitical instrument: from hybrid warfare to digital sovereignty
Cyber operations have long since established themselves as strategic instruments. States use them to destabilize political opponents, flank military conflicts or gain economic advantages. The attack on Ukraine’s infrastructure by Russian hacker groups, China’s targeted industrial espionage or the alleged interference in democratic elections through digital influence campaigns are just a few examples that illustrate how cyberwarfare has become an integral part of state foreign policy.
Cyberdiplomacy is an attempt to counteract this growing chaos through norm-building, international agreements and multilateral cooperation. The handbook shows that diplomatic efforts are often characterized by mistrust: States are reluctant to commit to binding rules for fear of limiting their own digital offensive capabilities. At the same time, mechanisms for enforcing international agreements are weak.
The issue of digital sovereignty is particularly controversial. While Western democracies advocate an open and rule-based Internet, authoritarian states such as China and Russia are pursuing a policy of digital isolation. Cyberspace has become the scene of a new systemic conflict: On the one hand, there are states that demand a freely accessible Internet regulated by international standards. On the other side are countries that strive for digital self-sufficiency and want to restrict the flow of information through technological control mechanisms.
State hackers at a glance
The most significant international actors include state actors from Russia, China and Iran. These countries use various tactics to promote their geopolitical interests and undermine the stability of European democracies. At this point, it should be recognized that cyber diplomacy, which has been underestimated to date, is also of particular importance.
In addition to the main actors named below, there are also other countries and non-state actors that attempt to influence elections in Europe. These include, for example, groups acting on behalf of governments or in their own interests to advance certain political agendas. These actors use a variety of methods, including cyberattacks, disinformation, economic pressure and diplomatic maneuvers to achieve their goals. The European Union and its Member States face the challenge of recognizing and countering these threats in order to protect the integrity of their democratic processes. In the meantime, we have also published a separate article on Israel’s cyber capabilities.
Russia
Russia is known for its extensive disinformation campaigns and cyberattacks aimed at weakening trust in democratic processes. Some of the best-known examples include influencing the 2016 US elections and attempts to influence the Brexit vote. Russian actors often use social media platforms to spread false information and deepen social divisions.
China
China is increasingly relying on cyberattacks and disinformation campaigns to expand its influence in Europe. Chinese hacker groups are known for conducting industrial espionage and stealing sensitive information that can then be used to influence political decisions. China is also trying to manipulate public opinion in Europe by spreading pro-Chinese narratives in the media.
Iran
Iranian actors also use disinformation campaigns and cyberattacks to pursue their geopolitical goals. These campaigns are often aimed at destabilizing the policies of the US and its allies in Europe. Iranian hacker groups use similar techniques to their Russian and Chinese counterparts.
North Korea
North Korea is another international actor trying to influence elections and political processes worldwide, including in Europe, through cyber activities. While North Korea is less of a focus compared to Russia, China and Iran, there is still significant activity emanating from North Korean actors. North Korea also uses disinformation to further its geopolitical goals and foment political unrest. While there are fewer documented cases of direct election interference by North Korea, the regime still uses cyber operations to exert political pressure and protect its interests, for example by publishing compromising information about political candidates or spreading propaganda.
Cybercrime as a shadow economy: the role of non-state actors
In addition to state actors, non-state groups also play a decisive role in the geopolitical cyber landscape. Cybercrime has developed into a highly professional shadow economy that generates billions every year with blackmail software (ransomware), financial fraud and industrial espionage. Particularly perfidious are cases in which state-tolerated or even supported cyber criminals specifically promote the economic and political interests of their home countries.
The handbook outlines how cyber diplomacy is used as a tool to combat these threats. International cooperation, joint investigation teams and sanctions against hacker groups are among the few levers that states have to defend themselves against digital crime. However, these measures often fail due to the difficulty of attribution: who is behind an attack? Is it a private group, a collective supported by a state or a hybrid actor operating between organized crime and state influence?
Another problem is the increasing privatization of cyber security. While states are trying to protect their digital infrastructure, a large proportion of security-critical resources are in the hands of private companies. Cooperation between governments and technology companies is therefore essential – but often proves difficult, as companies pursue economic interests that do not necessarily coincide with state security objectives.
It is no longer enough to view cybersecurity as a purely technical problem – it is a political challenge that will determine how power is distributed in the 21st century.
German Lawyer Jens Ferner
Cyber diplomacy as a strategic discipline: from norm-building to deterrence
The handbook makes it clear that traditional diplomacy is struggling with the challenges of the digital world. Many existing mechanisms of international politics are not designed for the speed and complexity of cyberspace. The question of how states should respond to cyber attacks is central to this.
Some states rely on deterrence through countermeasures, but there is a fine line between legitimate defense and escalation. The development of international norms is therefore a key issue in cyber diplomacy. The EU, the US and other players are trying to establish regulations that prevent escalation and provide clear guidelines for dealing with cyber threats.
Another important area is capacity building in developing countries. Many states are simply unable to defend themselves against cyberattacks, making them attractive targets for criminals and state actors. The handbook emphasizes that cyber diplomacy is not limited to geopolitical power games, but also has a developmental dimension.
Cyberattacks have evolved from isolated hacker attacks to systemic threats to state institutions, critical infrastructure and economic stability. In this context, cyber diplomacy is no longer a theoretical discipline, but a strategic necessity – even if we unfortunately currently live in a world in which diplomacy is (currently) on the retreat.
Cyber diplomacy as a decisive factor in global security?
Cyberspace is no longer a legal vacuum – but it is not a clearly regulated territory either. States, companies and non-state actors are in a permanent competition for control, influence and security. A spiral of escalation will ultimately achieve nothing, and “cyber diplomacy” is likely to be one component of a way out.
The handbook presented here impressively demonstrates that cyber diplomacy is not just a discipline of foreign policy, but a central strategic instrument of national security and international cooperation. States that act hesitantly in this area risk not only economic damage, but also a loss of geopolitical influence. It is therefore essential for political decision-makers and strategists to familiarize themselves with the principles and mechanisms of cyber diplomacy.
Our law firm specialises in criminal defence, white-collar crime and IT law / technology law. Note our activity in digital evidence in IT security and software law.
- Understanding cyber diplomacy as a strategic necessity - 19. June 2025
- Israel and Iran: Cyber Espionage, Cyber Warfare and Cyber Defense in Comparison - 19. June 2025
- Israel: Cyber Espionage, Cyber Warfare and Cybersecurity - 19. June 2025