New on INCYDER! Si vis cyber pacem, para sanctiones: the EU Cyber Diplomacy Toolbox in action

On 30 July 2020, for the first time, the Council of the European Union unanimously imposed restrictive measures against six individuals and three entities that have been found responsible for or involved in various cyber-attacks against EU Member States. In his article, published on INCYDER research tool, CCDCOE Law Researcher Samuele De Tomas Colatin provides an analysis on the emerging topic.

The malicious cyber activities were the attempted cyber operation against the Organisation for the Prohibition of Chemical Weapons, the WannaCry and NotPetya attacks and Operation Cloud-Hopper. The imposition of sanctions in relation to cyber attacks is a clear sign that the EU is changing its posture from a more cautious naming-and-shaming strategy to a braver commitment against malicious cyber activities. It might also encourage developments and confirm trends of international law principles applied to the use of information and communication technologies.

The first activation of the EU sanctioning framework against cyber-attacks marks an important step not only to secure a coherent response against cyber threats targeting the Union but also for advancement on the cyber diplomacy level while following trends of international law principles regulating the cyber domain. Although the CDT is not concerned with addressing international law principles, the declaration announcing the first use of the EU sanction mechanism made by the EU High Representative Josep Borrell is indicative, as it is calling upon ‘every country to cooperate in favour of international peace and stability, to exercise due diligence and take appropriate action against actors conducting malicious cyber activities’. Standing against cyber attacks, the EU can inspire individual states to speak out on their position on international law and harmonise views and contributions to the international dialogue on the responsible use of information and communication technologies.


INCYDER, an initiative of the NATO Cooperative Cyber Defence Centre of Excellence, is an interactive research tool focusing on the legal and policy documents adopted by international organisations active in cyber security. The collection of documents is periodically updated and supported by a comprehensive system of tags that enable filtering the content by specific sub-domains.

The articles published at INCYDER do not necessarily reflect the policy or the opinion of the NATO CCDCOE or NATO. The Centre may not be held responsible for any loss or harm arising from the use of information contained in this publication and is not responsible for the content of the external sources, including external websites referenced in this publication.