A clearer distinction must be made between attack types and the applicable legal principles for assessing attacks. In order to be able to give the primacy of politics precedence over military countermeasures, as in the case of so-called “hackbacks,” it is only logical to expand the political and diplomatic toolbox. It is clear that Germany can do little here on its own, which makes the role of the EU Commission in cybersecurity all the more important. Cybersecurity is a joint task.

The 27 EU states agreed on their latest cybersecurity strategy in December 2020. Compared to classic common foreign and security policy issues, consensus in the EU-27 on cybersecurity is relatively easy to establish. Introducing qualified majority voting to adopt cyber sanctions should not be witchcraft.In this research paper, Mika Kerttunen argues that while cyber operations may be relatively ineffective for conducting war, their peacetime employment can contribute to the outbreak of conflict due to their violent nature.