In the past, most cyber conflict research relied on individual case studies of prominent incidents. While well-documented, a predominant focus on these outliers limits the public understanding of the overall threat landscape. Covering more than 1,800 effect-generating cyber operations reaching back to the year 2000, the European Repository of Cyber Incidents (EuRepoC) is seeking to narrow this data gap.
Evaluating more than 60 indicators to document the life cycle of cyber operations and the state responses they evoke, EuRepoC regularly contends with challenges involved in the systematic, continuous, and comprehensive classification of cyber incidents, especially posed by open-source reporting. Based on practical examples, the workshop will guide participants through an evaluation of the attack chain and strategic drivers of operations, questions of political responsibility, and efforts to impose costs on threat actors. Workshop discussions will provide a platform for sharing techniques to assess the impact of different cyber operations in light of incomplete and evolving public information.