Risky Bulletin Podcast Summary: Between Two Nerds – A European Cyber Command

Podcast Information:

• Title: Risky Bulletin
• Host/Author: risky.biz
• Episode: Between Two Nerds: A European Cyber Command
• Release Date: March 10, 2025

Introduction: Shifting Transatlantic Defense Dynamics

In the March 10, 2025 episode of Risky Bulletin, hosts Tom Uren and Craig delve into the evolving landscape of cybersecurity and defense within Europe. The discussion is sparked by recent developments where US politicians, specifically President Trump and Vice President Vance, have strained the transatlantic relationship. This shift has led European nations, notably Germany, to reassess and increase their defense spending in response to perceived US disengagement.

Tom Uren [00:10]: "In the last couple of weeks… Germany made a big commitment to remove a debt limit so that it could spend more on defence."

Craig [01:12]: "Basically the US is saying, I'm going out for a pack of smokes and perhaps forever."

Defining Signals Intelligence and Cyber Command

The hosts begin by clarifying two crucial components of modern defense: signals intelligence and cyber command. Signals intelligence involves the collection of intelligence data, often through cyber espionage and hacking to gather actionable information. In contrast, a Cyber Command is responsible for executing cyber operations aimed at projecting power, particularly during times of conflict.

Tom Uren [02:14]: "Signals intelligence is collecting intelligence… hacking to collect intelligence."

Craig [02:32]: "Signals intelligence… for times of peace and times of war, whereas the cyber commands you use during times of war exclusively."

Current Intelligence Infrastructure: US vs. Europe

Comparing the United States to Europe, Tom highlights the extensive network of US intelligence agencies, with the NSA reportedly employing around 30,000 individuals and a specialized hacking team exceeding 1,000 members. European counterparts like the UK's GCHQ, France's DGSE, and Germany's BND each have approximately 7,000 personnel. When combined, Europe's intelligence workforce approaches that of the US, though fragmented across national boundaries.

Tom Uren [03:06]: "The US signals intelligence agency is NSA… 30 odd thousand people who work for NSA."

The Case for a Cohesive European Intelligence Apparatus

A significant portion of the discussion centers on whether Europe would benefit from a unified signals intelligence framework or if maintaining separate national agencies with enhanced cooperation is sufficient. Craig advocates for greater cohesion, arguing that a centralized European agency would facilitate faster and more efficient information sharing, free from the bureaucratic delays inherent in multi-national cooperation.

Craig [05:06]: "If you've got one central agency… the information sharing inside that agency. It's going to be a lot faster."

Tom counters by emphasizing the diverse national interests that may complicate a unified approach, suggesting that while a centralized body could streamline operations, it must also accommodate individual country priorities.

Tom Uren [06:12]: "Each agency has their own priorities and interests… the Germans are spying on the French and the British, the British are spying on the French and the Germans."

Challenges in Forming a Pan-European Intelligence Agency

Creating a unified European intelligence entity faces several hurdles. Trust issues emerge, particularly concerning the reliability of member nations' counterintelligence efforts. Craig points out specific concerns regarding Germany's counterintelligence, highlighting historical skepticism about their internal security practices.

Craig [18:21]: "It would be very hard to have an international… without including the Germans… I don't feel that they're doing a good job."

Furthermore, the logistical and financial challenges of pooling resources for extensive cyber infrastructure—such as global server networks and data processing centers—are discussed. Craig argues that without significant collective investment, achieving the scale necessary to match US capabilities would be unfeasible.

Craig [10:46]: "You need budget at the scale that the US has… tens of billions of dollars into just this sort of activity."

The Imperative for a European Cyber Command

The conversation shifts towards the necessity of establishing a European Cyber Command. Craig asserts that cyber capabilities are existential and must be prioritized to ensure collective security. He contrasts the decentralized cyber efforts in Ukraine with Russia’s more organized and hierarchical approach, underscoring the superiority of a centralized cyber strategy.

Craig [22:58]: "Cyber, that's an existential problem. This should be their top priority."

Tom echoes this sentiment, emphasizing that cyber operations offer strategic advantages by enabling nations to influence adversaries without resorting to overt military force.

Craig [28:11]: "It's a strategic capability. It can compensate for missing capabilities in other areas… it's a very valuable strategic asset."

Real-World Implications: Lessons from the Ukraine Conflict

The hosts reference the ongoing conflict in Ukraine to illustrate the practical applications and limitations of cyber operations. Russia's attempts to disrupt Ukrainian infrastructure highlight both the potential and the challenges of cyber warfare. Despite significant efforts, the effectiveness was limited due to Ukraine's acclimation to continuous cyber threats, suggesting the need for more robust and proactive cyber defenses.

Tom Uren [21:00]: "The Germans were so unconvinced that the German spymaster got caught in Kiev on the night of the invasion."

Strategic Value and Future Outlook

In concluding their discussion, Tom and Craig agree on the critical importance of developing a coherent and centralized European cyber strategy. They acknowledge the complexities involved but maintain that the evolving geopolitical landscape necessitates such advancements to ensure European security and resilience against global threats.

Craig [32:23]: "We can reach out and touch you, but we don't need to."

Tom Uren [33:24]: "Yeah, exactly. So you, you buy it?"

Conclusion: Navigating the Future of European Cyber Defense

The episode underscores the urgent need for Europe to enhance its cybersecurity infrastructure amidst diminishing reliance on US defense support. While acknowledging the significant challenges in creating a unified intelligence framework, the hosts advocate for increased cooperation and investment in cyber capabilities to safeguard European interests in an increasingly digital and adversarial world.

Notable Quotes:

• Tom Uren [00:10]: "Germany made a big commitment to remove a debt limit so that it could spend more on defence."
• Craig [01:12]: "Basically the US is saying, I'm going out for a pack of smokes and perhaps forever."
• Craig [05:06]: "It's going to be a lot faster."
• Craig [10:46]: "You need budget at the scale that the US has… tens of billions of dollars into just this sort of activity."
• Craig [22:58]: "Cyber, that's an existential problem. This should be their top priority."
• Craig [28:11]: "It's a strategic capability… it's a very valuable strategic asset."
• Tom Uren [21:00]: "The Germans were so unconvinced that the German spymaster got caught in Kiev on the night of the invasion."
• Craig [32:23]: "We can reach out and touch you, but we don't need to."

This summary provides a comprehensive overview of the episode’s key discussions on the necessity, challenges, and strategic importance of establishing a European Cyber Command amidst shifting transatlantic defense relations.