Deep Fakes, Disinformation and Hacking: Preventing Conflict in the Cyber Age
As digital threats grow more complex and deeply intertwined with real-world conflicts, the United Nations is exploring how digital tools can inform mediation efforts to prevent escalation.
One morning last July, a staffer in the UN Department of Political and Peacebuilding Affairs (DPPA) received an email alert. Chaos had erupted in a Member State after a fierce storm had knocked out its entire electrical grid. Quickly checking social media, she noticed that a large number of Twitter users were reporting a complete loss of power in hospitals, resulting in the death of patients on life support. The staffer alerted her colleagues as reports continued to come in. As the Special Representative of the Secretary-General (SRSG) in the region gathered her team to discuss the situation, more bad news followed.
The Member State’s electricity supplier was reporting that bad weather was not to blame. Rather, its computer and communication systems had been compromised, and the country’s power supply had been deliberately cut off. The National Security Advisor for the Member State contacted the UN’s regional political office, confirming the cyber-attack and noting the use of proxy servers linked to a hostile neighbouring country. Addressing the rumours on social and traditional media, the rival government quickly released a statement denying any involvement.
The situation continued to evolve. A leaked video posted online purported to show the SRSG lambasting the government of the neighboring state because of its alleged involvement in the power grid attack (the video was later found to be a deep fake). Twitter users responded, calling for retribution against the country and sending out notices for planned violent protests. The media reported simmering tensions on the border between the two countries, with clashes resulting in the deaths of three soldiers. Riots broke out. Meanwhile, the Security Council scheduled a meeting to formally discuss the issue.
If you’re wondering why you didn’t read about this in the news, it’s because the scenario above is entirely fictional.
DPPA’s Policy and Mediation Division (PMD) developed a cyber incident scenario, which outlined the consequences of a serious — and possibly deliberate — ICT-related security incident targeting the energy infrastructure of Altigo, a fictional state in the equally fictional Rivlandia region. The entire exercise was held virtually due to the pandemic, using a digital crisis management platform provided by the Geneva Centre for Security Policy, with staff from DPPA, the Department of Peace Operations , the UN Office of Information and Communications Technology (OICT), the United Nations Institute for Disarmament Research (UNIDIR), UN Special Political Missions around the world, and external experts.
The goal of the exercise was to identify UN conflict prevention tools and approaches that could be used in conflict contexts, while incorporating the added challenges raised by cyber security and social media issues. Sean Kane, of DPPA’s Mediation Support Unit, said that the simulation was set up to answer a simple question: “In places where DPPA is already engaged in implementing a peace and security mandate, how might a cyber incident risk escalating the wider conflict?”.
Kane noted that, as the crisis rapidly evolved — the electrical failure, the humanitarian concerns, national and cross-border political tensions — all within the broader context of a pre-existing border dispute — participants were given a bird’s eye view of the communications that took place between various cyber incident responders and state and United Nations actors, as well the online commentary on the incident. This enabled them to see where problems arose in real time, with the ultimate goal of learning how to respond to and potentially de-escalate a situation, without necessarily knowing who was ultimately responsible for the cyber-attack.
Camino Kavanagh, a consultant who helped develop the cyber-attack scenario with the DPPA team and contributed to the DPPA’s Digital Technologies and Mediation in Armed Conflict report, explained that the exercise demonstrated how existing conflict analysis techniques could be adapted to address cyber incidents in conflict settings. She highlighted that the exercise aimed to answer key questions, such as “Who do you call when infrastructure fails?” or “Can the UN help restore a power grid if requested by state authorities?” It also addressed practical concerns like “Who at Twitter can be contacted to remove a deep fake video?” The simulation provided valuable insights into the UN’s role in using good offices and facilitating trust-building between conflicting states.
One participant in the cyber scenario, who works for the Digital Blue Helmets project, described the simulation as insightful. “I found the exercise to be extremely helpful to help me understand how different parts of the organization interface and play a role in overall mandate delivery” he said. “The technical facts around the cyber incident were very realistic, and because of that, the rest of the political aspects of the exercise and the issues and questions we were naturally confronted with do reflect some of the challenges the organization will have to think about — sooner rather than later.”
Outside of Rivalandia, the real-world implications are clear. It’s interesting to note that cyber-attacks targeting critical infrastructure and other capabilities such as information operations are increasingly frequent in real conflicts. Such attacks in situations of internal armed conflict or border disputes between states are becoming more common, posing significant risks to civilians, and to conflict resolution efforts more broadly. During the pandemic, for example, increased attacks on health care infrastructure and research facilities were observed, including many dedicated to promulgating disinformation on COVID-19 vaccines.
Teresa Whitfield, Director of DPPA’s Policy and Mediation Division, highlighted that the simulation fits into increased attention to cyber issues in the Organization. Noting that in 2020 the Secretary-General referred to “the dark side of the digital world” as one of four major threats to global peace and security (with the others being global geo-strategic tensions, the climate emergency, and growing global mistrust), she underscored that the role of the UN in preventing a cyber incident from crossing over into physical armed conflict was a timely one.
As digital connectivity continues to expand, it will reshape the dynamics of politics and conflict, demanding a shift in how mediation is practiced. Mediators must be equipped not only with digital tools to support their efforts, but also with an acute awareness of the risks those technologies pose. Despite the challenges, the digital realm offers powerful opportunities for conflict analysis, engagement, and ultimately, for advancing peace.
+++
