Gil Baram, Ph.D. Candidate

Tel Aviv University

Country: Israel

About Me:

I am the Head of research at the Yuval Nee’man workshop for science, technology and security and a research fellow at the Blavatnik ICRC, Tel Aviv University. Currently, I'm a Ph.D. candidate in the Tel Aviv University School of Politics and International Relations, specializing in cyber conflict and national security. I'm also an adjunct fellow at the Centre of Excellence for National Security, Nanyang Technological University, Singapore. I hold an M.A in Security Studies from Tel-Aviv University (Magna Cum Laude).

Research Interests

Conflict Processes & War

Foreign Policy

Research Methods & Research Design

Middle East & North African Politics

Specific Areas of Interest


International Cooperation

Science & Technology

My Research:

My current research agenda focuses on national decision-making process during cyber conflict. She explores the reasons why – despite the fact that cyber attacks are covert actions in nature, and therefore can be hidden or denied – in many cases countries choose to reveal the attack and “go public” about it. In this project I'm is developing a new conceptual-theoretical framework and is examining it by combining qualitative and quantitative research methods. Some of my previous work has been published in journals such as  Comparative StrategyCyber Security: A Peer-Reviewed JournalMiddle East QuarterlyForeign AffairsForeign PolicyMilitary and Strategic AffairsMaa’rachotActa Astronautica and more.


Journal Articles:

(2019) Why can't we be friends? Challenges to international cyberwarfare cooperation efforts and the way ahead, Routledge

In the past few years, there has been growing recognition of the importance of international cooperation concerning cyberwarfare norms. To this end, a number of international forums have been established, but as of now, they have had limited success. We recognize three major challenges to the success of these forums: (1) the problem of trust, (2) varying threat perceptions, and (3) different definitions of state sovereignty. We analyze the existing disagreements between the U.S., Russia, and China, and show how a “bottom-up” solution like the Global Commission on the Stability of Cyberspace can facilitate reaching an agreement despite these differences.

(2019) Covert or not Covert: National Strategies During Cyber Conflict, NATO CCD COE Publication

Anonymity is considered to be a key characteristic of cyber conflict. Indeed, existing accounts in the literature focus on the advantages of the non-disclosure of cyber attacks. Such focus inspires the expectation that countries would opt to maintain covertness. This hypothesis is rejected in an empirical investigation we conducted on victims’ strategies during cyber conflict: in numerous cases, victim states choose to publicly reveal the fact that they had been attacked. These counterintuitive findings are important empirically, but even more so theoretically. They motivate an investigation into the decision to forsake covertness. What does actually motivate states to move into the international arena and publicly expose a cyber attack? The goal of this paper is to understand why and under which geopolitical circumstances countries choose to give up the advantages of anonymity. Whether they wish to Name and Shame opponents for ignoring international norms or whether they try to avoid public humiliation, victims of cyber attacks occasionally reveal the fact that they had been attacked. There is tension between such motivations and the will to protect intelligence sources and the incentives to prevent escalation if an attack is revealed, even more so if the attacker is exposed. Indeed, we find that sunk costs, counterescalation risks and the need to signal resolve—while critical in motivating victims to keep cyber attacks secret—may not suffice under such specific circumstances. By focusing on the victim’s side, we draw inspiration from data on real-world cyber attacks in order to place cyber operations in the larger context of secrecy and covert actions in the international arena. In so doing, the aim is to advance the use of empirical data for understanding the dynamics of cyber conflict and the decision-making process of states operating in this increasingly complex domain.

(2019) Strategic trends in the global cyber conflict, Henry Stewart Publications

The paper reviews the main strategic trends in cyber policy and security in recent years, pointing out the emergence of a new ‘cyber escalation cycle’: while states are investing significant resources to improve their offensive cyber capabilities, these capabilities are subsequently being stolen, publicised and used by hostile countries to launch devastating cyberattacks. This has led governments to pursue legislation to control incoming technology, changing the technological relations between countries. Given the development of enhanced cyber capabilities and the effectiveness of the attacks, we believe that leakage followed by immediate use of the leaked offensive cyber weapons against rival countries will only increase, making this issue even more contentious.

(2017) Israeli Defense in the Age of Cyber War, Middle East Forum

From the early days of statehood, technology occupied a prominent place in Israel’s national security concept as it sought to establish a qualitative edge over its vastly more populated and better endowed Arab adversaries. In the past few years, a new technological challenge, that of cyber warfare, has grown to the point of becoming among the most critical threats to Israel’s vital infrastructures in both the civil and the military-security sectors. Energy, water, communications and traffic networks, and an economy that relies heavily on computers must be viewed as being at risk. To respond to the new, evolving threats, Jerusalem must revise certain aspects of its security concept so as to ensure cyber superiority as an inseparable part of its national defense capabilities.

(2016) Trends in space activities in 2014: The significance of the space activities of governments, Pergamon

This article addresses the principal events of 2014 in the field of space activities, and extrapolates from them the primary trends that can be identified in governmental space activities. In 2014, global space activities centered on two vectors. The first was geopolitical, and the second relates to the matrix between increasing commercial space activities and traditional governmental space activities. In light of these two vectors, the article outlines and analyzes trends of space exploration, human spaceflights, industry and technology, cooperation versus self-reliance, and space security and sustainability. It also reviews the space activities of the leading space-faring nations.

(2015) Critical Infrastructures and their Interdependence in a Cyber Attack–The Case of the US, INSS

The growing use of information technology, monitoring, and control through computerized control systems, together with the increasing dependence of the free market on products and services supplied through infrastructure (for example, electric power), have increased interdependency between infrastructures. Consequently, an attack on critical infrastructure is liable to have a decisive effect on the functioning of other infrastructures. The interdependence between infrastructures requires those involved in planning a cyber-attack as well as those involved in defending from such attacks to adjust to this reality and prepare accordingly. The article describes the existing models for analyzing interdependence between infrastructures, proposes an analytical framework for describing the interdependence and examines the possibilities at the United States’ disposal should it decide to engage in a cyber-attack.

(2015) Space Wars, Council on Foreign Relations

In September 2014, hackers from China broke into the U.S. National Oceanic and Atmospheric Administration (NOAA) network in an attempt to disrupt data related to disaster planning, aviation, and much more coming from U.S. satellites. This breach was the latest in a series of cyberattacks on space systems, exposing the Achilles’ heel of such technology: the vulnerability of its computers and the information it creates and transmits. Cyberattacks, which are on the rise in every industry, pose particularly significant threats to space systems as they are used so ubiquitously in corporate and military operations, making them increasingly attractive targets for hackers.

(2014) Trends in Government Space Activity and Policy in 2013, Taylor & Francis online

This report surveys the principal space events of 2013 and analyzes the central trends that can be discerned in government space activities in nations around the world. The article refers to cooperation between countries, to trends in space security, and reviews the space policies and activities of the leading nations as well as emerging ones. The proportion of government funds has declined in recent years; at the same time, space is one of the fields in which commercial endeavors are closely tied with government activities, and is strongly affected by the dynamics and politics between nations. The international community is struggling over the nature of activities in space, world leadership, and what should be permitted and what should be prohibited. Alongside this struggle for control and influence, many nations have come to understand that challenges and threats exist which require cooperation to address adequately. The concern is that, in the absence of appropriate action, use of space will be denied to all. The principal challenge facing the international community is to find a way to surmount obstacles to cooperation. Accordingly, follow-up and analysis of the interests, goals, and conflicts between the nations that are formulating the priorities and making the decisions about space are essential for understanding the direction in which developments in space are headed. They are also indispensable in creating a sustainable space industry.

(2013) The effect of cyberwar technologies on force buildup: the Israeli case, INSS

The past decade has witnessed rapid developments in computers and information technology, leading to far reaching changes in almost all areas of life, including the military and defense spheres. Many changes have occurred in the nature of warfare and the design of military forces, owing, among other things, to developments in strategic thinking and the formulation of military doctrines that are tailored to a changing reality. In the 1990s, attempts to assess the consequences of the transition to the information age for defense endeavors led to the emergence of the notion of a “revolution in military affairs–RMA.” This notion was conceived as a result of new technological innovations that improved the quality and availability of intelligence, the flow of information, and the precision of weapons. In the ensuing years, especially in the 21st century, advanced technologies for cyber warfare were developed, changing the face of the battlefield and the pattern of modern military action. The cyber technology used in warfare affects the way the latter is conducted. A country possessing this technology enjoys battlefield superiority, high quality and comprehensive intelligence, a precise and rapid attack capability, the ability to protect essential infrastructures, enhanced command and control capabilities, and so on. These capabilities contribute to a nation’s power, and strengthen its national security. Cyber warfare technologies have the potential for enormous advantages, along with new and unfamiliar risks. Given the sweeping innovation in this field, the understanding of its nature and consequences has only begun.


(2019) Iran Is Mastering the Final Frontier, Foreign Policy

In mid-January and early February, Iran attempted two satellite launches intended for environmental monitoring purposes. The Payam (Message) and Doosti (Friendship) ascended aboard Iranian-made satellite launch vehicles (SLVs). Both launches failed to place the satellites into orbit. The United States nevertheless protested the space launches—mostly because the SLVs used the same base technology as multistage intercontinental ballistic missiles (ICBMs).

(2019) The Theft and Reuse of Advanced Offensive Cyber Weapons, Council on Foreign Relations

Almost exactly a year ago, North Korea and Russia reused a vulnerability stolen from the U.S. government to conduct the WannaCry and NotPetya ransomware attacks. Is the theft and reuse of vulnerabilities likely to be the norm?