The Era of Artificial Intelligence
The first day opened by addressing the rapid transformation of the information environment through artificial intelligence (AI). From AI-generated content dominating content management systems to the risks of collapse and the rise of algorithmic manipulation, it was outlined how generative AI is changing the way narratives are created, spread and consumed. Moreover, presenters Stephen Campbell and Cosimo Melella highlighted that coordinated campaigns have become an integral part of hybrid operations, targeting the cognitive and emotional responses of citizens rather than solely their digital infrastructure.
Addressing Cyber Crises and Staying Resilient
Rosaria Talarico from FRONTEX and Cosimo Melella explained how the EU addresses and manager cyber crises. During the lifecycle of cyber crisis, from prevention and preparations to response and recover, presenters stressed the importance of trust as strategic goal in cyber crisis management. Raising awareness, sharing threat intelligence, aligning stakeholders, and coordination across technical, operational and political levels ensures swift recovery in rebuilding systems and reinforcing public trust through transparency and accountability.
Disinformation: Concepts, Trends, and Case Studies
Participants dove into the architecture of foreign information manipulation and interference (FIMI) with Beatriz Marin Garcia, who presented the European External Action Service’s (EEAS) latest findings. Participants explored four main channels of FIMI: official state outlets, state-controlled media, state-linked actors, and state-aligned channels, and how exposing these structures is key to disrupting operations. Additionally, Torben Stein from the German Foreign Office shared Germany’s experience in tracking foreign influence operations from identifying bot-driven reach to uncovering fake websites and account. Both underscored that FIMI campaigns are persistent, global and aimed at undermining democratic processes.
Countering, Detecting and Monitoring Disinformation
Building on the theoretical understanding, further sessions led by Torben Stein and Cosimo Melella focused on practical detection and monitoring techniques. Participants learned to identify coordinated inauthentic behaviour, recognise automated posting patterns, and monitor emerging narratives in real time as these capabilities are critical in detecting campaigns early, understanding their spread and scope, and applying rapid countermeasures.
Stephen Campbell concluded with a thematic sessions to introduce artificial intelligence covering the history, technical foundations and recent developments to lay foundation for upcoming days. From classification algorithms to assessing authenticity and tracking coordinated behaviour, session showcased how technology can serve both as a threat and a defensive countering tool in the information domain.
Practical Exercises: Learning by Doing
Throughout the day, participants engaged in practical hands-on and interlinked simulations and tool-based workshops that translated theory into practice, from threat modelling and inauthentic behaviour detection to social media monitoring.
The first day reinforced that in today’s interconnected threat environment, cyber resilience is as much about securing minds as it is about securing networks. Combating hybrid threats requires a fusion of technical defenses, strategic communication, and informed public discourse.
Background
The EU CyberNet Summer School takes place from 13th to 15th August 2025 in Berlin, Germany and is organized by the EU CyberNet, a EU-funded project implemented by the Estonian Information System Authority, in cooperation with the German Federal Foreign Office.
