39 UDC 34.047/34.096 (043.2) Cristani F., PhD., REEEC Virtual Open Research Laboratory Associate, University of Illinois, USA ECONOMIC CYBER-ESPIONAGE IN THE (POST-)COVID-19 ERA IN EUROPE: WHICH (NEW) CHALLENGES? The present paper offers a reflection on the (new) challenges to economic cyber-espionage that have emerged in the (post-)COVID-19 period in the European region. 1. Economic cyber-espionage in Europe. More and more companies around the world and in Europe are becoming the target of cyberattacks, whose consequences have ranged from money losses and information theft to infrastructure destabilization. By 2021, experts estimate that cyberattacks will cost the world $6 trillion per year. Among the cyber challenges that the economic sector faces (e.g. phishing attacks, ransomware and cryptojacking), economic cyber-espionage is a crucial one, namely the attempt to acquire trade secrets held by companies by the State where they are based or third States or by other (non-governmental) companies (in the latter case, it is more common to talk about ‘corporate’ or ‘industrial’ cyber-espionage). Europe is a particularly exposed region, because of the advanced know- how of the companies based therein, as testified by a study prepared in 2018 for the European Commission by PricewaterhouseCoopers, which confirmed that there is limited qualitative and quantitative information available on cyber theft of trade secrets and calls for a more appropriate regulatory framework in the field [9]. Under international law, there exist no uniform approach to the matter [6; 10, p. 170]: while the G20 Leaders’ Communiqué of 2015 stated that «no country should conduct or support ICT-enabled theft of intellectual property, including trade secrets», the United Nations report of the same year does not include economic cyber-espionage among possible States behaviour in the cyberspace [5]. Moreover, it is not clear whether the Agreement on Trade- Related Aspects of Intellectual Property Rights of the World Trade Organization – which includes the commitment to protect certain types of intellectual property rights, including trade secrets - can be applied in case of economic cyberespionage [1, p. 143]. Also at the European Union (EU) level, the legal framework appears rather fragmented: while there is a quite robust regulatory framework dealing with cybersecurity (e.g. Regulation 2019/881 and the 2020 EU NIS Cooperation Group’s report on Cybersecurity of 5G networks. EU Toolbox of risk mitigating measures), there is no specific act addressing the issue of economic or industrial cyberespionage. Also at the national level, each country has adopted its own cybersecurity regulation [7]. The question of economic cyber-espionage is also interlinked with the protection of national