Deep Fakes, Dis- and Mis-information and Hacking: Preventing Conflict in the Cyber Age
One morning last July, a staffer in the UN Department of Political and Peacebuilding Affairs (DPPA) received an email alert. Chaos had erupted in a Member State after a fierce storm had knocked out its entire electrical grid. Quickly checking social media, she noticed that a large number of Twitter users were reporting a complete loss of power in hospitals, resulting in the death of patients on life support. The staffer alerted her colleagues as reports continued to come in. As the Special Representative of the Secretary-General (SRSG) in the region gathered her team to discuss the situation, more bad news followed.
The Member State’s electricity supplier was reporting that bad weather was not to blame. Rather, its ICT systems had been compromised and the country’s power supply had been deliberately cut off. The National Security Advisor for the Member State contacted the UN’s regional political office, confirming the cyber-attack and noting the use of proxy servers with IP addresses registered in a rival neighboring country. Addressing the rumors on social and traditional media, the rival government quickly released a statement denying any involvement.
The situation continued to evolve. A leaked video posted online purported to show the SRSG lambasting the government of the neighboring state because of its alleged involvement in the power grid attack (the video was later found to be a deep fake). Twitter users responded, calling for retribution against the country and sending out notices for planned violent protests. The media reported simmering tensions on the border between the two countries, with clashes resulting in the deaths of three soldiers. Riots broke out. Meanwhile, the Security Council scheduled a meeting to formally discuss the issue.
If you’re wondering why you didn’t read about this in the news, it’s because the situation described above is a fictional one.
DPPA’s Policy and Mediation Division (PMD) developed a cyber incident scenario, which outlined the consequences of a serious — and possibly deliberate — ICT-related security incident targeting the energy infrastructure of Altigo, a fictional state in the equally fictional Rivlandia region. The entire exercise was held virtually due to the pandemic, using a digital crisis management platform provided by the Geneva Centre for Security Policy, with staff from DPPA, the Department of Peace Operations , the UN Office of Information and Communications Technology (OICT), the United Nations Institute for Disarmament Research (UNIDIR), UN Special Political Missions around the world, and external experts.
The goal of the exercise was to identify UN conflict prevention tools and approaches that could be used in conflict contexts, while incorporating the added challenges raised by cyber security and social media issues.
Sean Kane, of DPPA’s Mediation Support Unit, was one of the facilitators of the simulation. He recalls that the simulation was set up to answer a simple question: “In places where DPPA is already engaged in implementing a peace and security mandate, how might a cyber incident risk escalating the wider conflict?”.
Kane noted that, as the crisis rapidly evolved — the electrical failure, the humanitarian concerns, national and cross-border political tensions — all within the broader context of a pre-existing border dispute — participants were given a bird’s eye view of the communications that took place between various cyber incident responders and state and United Nations actors, as well the online commentary on the incident. This enabled them to see where problems arose in real time, with the ultimate goal of learning how to respond to and potentially de-escalate a situation, without necessarily knowing who was ultimately responsible for the cyber-attack.
Camino Kavanagh, a consultant who developed the cyber-attack scenario with the DPPA team and who also worked on the development of the DPPA’s Digital Technologies and Mediation in Armed Conflict report, said that the exercise showed how colleagues could adapt existing conflict analysis techniques to include events involving cyber incidents and other tech-related activity in existing conflict settings. She underscored that the exercise was set up to answer questions such as “Who do you call when infrastructure is down?” she said. Or, “If state authorities ask the UN to provide technical support to get their electrical grid back up and running, can the UN facilitate access to such support?”, or even “Who can be contacted at Twitter to take down a deep fake video?” In addition, the simulation gave staff insights into what the UN could do in terms of the use of good offices, as well as helping with the restoration of trust and confidence between the states involved.
A participant from the Digital Blue Helmets project reported that the simulation was enlightening. “I found the exercise to be extremely helpful to help me understand how different parts of the organization interface and play a role in overall mandate delivery” he said. “The technical facts around the cyber incident were very realistic, and because of that, the rest of the political aspects of the exercise and the issues and questions we were naturally confronted with do reflect some of the challenges the organization will have to think about sooner rather than later.”
Outside of Rivalandia, the real-world implications are clear. It’s interesting to note that cyber-attacks targeting critical infrastructure and other capabilities such as information operations are increasingly frequent in real conflicts. Such attacks in situations of internal armed conflict or border disputes between states are becoming more common, posing significant risks to civilians, and to conflict resolution efforts more broadly. During the pandemic, increased attacks on health care infrastructure and research facilities were observed, including many dedicated to promulgating disinformation on COVID-19 vaccines.
Teresa Whitfield, Director of DPPA’s Policy and Mediation Division, highlighted that the simulation fits into increased attention to cyber issues in the Organization. Noting that in 2020 the Secretary-General referred to “the dark side of the digital world” as one of four major threats to global peace and security (with the others being global geostrategic tensions, the climate emergency, and growing global mistrust) the examination of the role of the UN in preventing a cyber incident from crossing over into physical armed conflict is a timely one.
In his 2018 Agenda for Disarmament, the Secretary-General highlighted that his good offices could “play a role in helping to mitigate, prevent and manage conflict stemming from malicious cyber activity committed within or across national boundaries”. Given the increasing use of ICT for political and military ends, DPPA decided to further integrate consideration of digital issues into existing analysis and practices.
DPPA’s Digital Technologies and Mediation in Armed Conflict report underscores that connectivity will continue to expand in the coming years and will change the dynamics of contemporary politics and conflict and require some attendant evolution in how mediation is carried out. Familiarity with the digital tools that can support mediation efforts is fundamental, as is an awareness of the harm digital technologies can cause. As well as a challenge, digital technology represents opportunities for mediators to conduct conflict analysis and engage with parties to a conflict.
Enrico Formica, from the Mediation Support Unit, observes that “Covid-19 accelerated the digital transformation of mediation operations, compelling mediation teams to incorporate digital interactions as part of their mediation strategies.” As a result, innovate hybrid models of in-person and online mediation have started to emerge. These combine sophisticated digital interactions with physical meetings organized at key moments and under specific Covid-19 risk mitigation protocols. Formica observed that while there is certainly hope of a return to normalcy, “we also believe that certain innovations are here to stay as they can bring additional flexibility and efficiencies to peacemaking efforts.”
One of the most significant challenges facing mediators today is managing the volume, variety and velocity of information on social media, including disinformation and hate speech. Harmful online content such as hate speech, dis- and misinformation are of concern and, as the UN’s lead entity for conflict prevention and peacebuilding, DPPA has a central role to play, including by engaging with social media companies and in implementing the UN Strategy and Plan of Action on Hate Speech. Mediators and their teams need to acquire digital literacy skills and understand digital safety and security issues, if they are to take on this latest challenge to conflict resolution efforts.