Cyber Peace Champions of 2021

Stéphane Duguin

Our Cyber Peace Champions for 2021 put the interests of victims and vulnerable communities at the centre of their actions.

Attacks in cyberspace are not about technology. They are attacks on people. Cyber peace is a human matter, both from the point of view of the victims of the attack and of those who dedicate their time and skills to building justice and peace in cyberspace.

As we read the many articles predicting the future of cyber security and what we can expect for 2022, it is useful to look back at 2021 and take a moment to acknowledge the heroes of cyber peace. Although the number of cyber attacks has increased, there are a great many people worldwide who work tirelessly to protect the vulnerable, to help victims, to foil attackers and to bring criminals to justice.

We want to highlight four Cyber Peace Champions of 2021. These are people who went beyond acting for better security in cyberspace. They had at heart the interests of victims and vulnerable communities. You may not have heard of all of them; we might call them the silent heroes of cyber peace. But we hope their stories will inspire you as they inspire us.

Citizen Lab

The security of millions of people has been helped by the work of Citizen Lab. Based at the Munk School of Global Affairs & Public Policy, University of Toronto, Citizen Lab has been working for cyber peace since 2001. A recent victory came in its investigation into one of the worst threats to internet security: the sale of surveillance software that turns computers and phones into spies. In late 2021, Apple updated its software after Citizen Lab discovered a zero-day, zero-click exploit against the company’s iMessage platform that was being exploited by the Pegasus spyware made by Israeli company NSO Group.

This was just the most recent event in a long campaign to raise awareness of the activities of NSO Group and similar companies. In November 2021 the US Government added NSO Group to its Entity List, essentially banning American firms from selling to the company, and Apple followed by launching legal action. All of this was driven by Citizen Lab. Their work paved the way for collaborative investigations all around the world. The recent revelations of the Pegasus Project, led by Forbidden Stories and Amnesty Tech, are another example of championing peace in cyberspace. 

Forensic Architecture

Based at Goldsmiths, University of London, Forensic Architecture is a research agency that investigates human rights violations, including those committed by states, police forces, the military and corporations. The agency became involved in the investigation into NSO Group and Pegasus after Citizen Lab found that some of Forensic Architecture’s collaborators had been hacked using the spyware tool.

Bringing together video testimony and an interactive diagram of corporate affiliations into an interactive platform, Forensic Architecture was able to map NSO’s activities across the global landscape and demonstrate connections between the use of Pegasus and real-world violence directed at activists, lawyers, journalists and others.

This investigative work has shed light on the previously murky activities of NSO Group and helped other organisations understand the dangers of surveillance software.

Operation Gold Dust

Law enforcement faces numerous challenges in identifying and arresting criminal groups, but 2021 saw significant operational successes. The year began with the disruption of the EMOTET botnet, one of the oldest active internet infrastructures for cyber attacks. Another major success was Operation Gold Dust, which involved 17 countries plus Europol, Eurojust and Interpol and led to the arrest of many groups affiliated with the Sodinokibi/REvil ransomware. At a time when cyber attacks are a source of geopolitical tensions, it is important to note the international cooperation that went into these actions, making the best use of the available tools for cooperation.

EU Disinfo Lab

The EU DisinfoLab was founded in 2017 to tackle disinformation campaigns. Based in Brussels, the organisation has exposed international disinformation campaigns across the world. In May 2021, EU DisinfoLab was targeted in a cyberattack. It was one of 150 NGOs around the world that received an email purporting to be from the United States Agency for International Development, which gives millions of dollars in funding to NGOs every year. The email was actually part of a ransomware attack.

While many organisations keep details of cyberattacks confidential, EU DisinfoLab had the courage to speak out about what happened to them. This meant they could share valuable lessons for others and perhaps prevent similar attacks in the future.

It is also important to acknowledge two significant anniversaries in 2021: two years of the Coalition Against Stalkerware and 25 years of the Budapest Convention on Cybercrime. These anniversaries remind us that, in the face of the hybrid threat of criminal groups and state actors, only a coalition of private and public sector actors has a chance of succeeding. The Coalition Against Stalkerware (software that allows one person to secretly spy on another) convinced many organisations to partner against domestic surveillance by putting victims’ interests at the heart of its actions. The Budapest Convention, meanwhile, reminds us that only public-private partnerships and international cooperation will enable effective investigations in cyberspace.

We hope these stories show that there is cause for optimism in the fight for cyber peace. Individual actions still count and we can come together, across sectors, to make a collective effort to build cyber peace for the future.

There are other champions out there, please let us know….. share your champions of cyberpeace.

Here’s to many more Cyber Peace Champions in 2022!

© Copyright 2023: The concepts and information contained in this document are the property of the CyberPeace Institute, an independent non-governmental organization headquartered in Geneva, unless indicated otherwise from time to time throughout the document. This document may be reproduced, in whole or in part, provided that the CyberPeace Institute is referenced as author and copyright holder.


Support the CyberPeace Institute

Individual lives can be changed dramatically by the acts of cyber criminals. We need your support to assist victims of cyberattacks in the NGO, humanitarian and healthcare sectors.


Subscribe to our newsletter

Receive monthly news on what’s happening at the Institute: our impact, publications, events and important milestones.