Cyber space is increasingly used in conflicts – three ways mediators can thwart threats

Published on Friday, 9th of September 2022

The digital world is increasingly important to understanding conflicts and crafting the resolution processes. Mediators need to identify digital risks, strengthen norms and rules in cyber space and boost transparency in dealing with cyber issues, writes Janne Taalas, CEO of CMI.

CEO of CMI, Janne Taalas. Photo: Maria Santto

Cyber space is increasingly relevant to conflict resolution and mediation. In terms of mediation, conflicts in the cyber space are not isolated phenomena, but an extension of the real world conflicts driven by geopolitical, socioeconomic and political issues. Cyber space is used in more and more conflicts to muster support and resources as well as to attack adversaries.

The rise of the cyber dimension to conflicts gives a new facet to mediation but does not mean a complete forgoing of traditional methods. The digital world is increasingly important in understanding the dynamics of conflicts and in designing processes for conflict resolution. But resolving cyber issues alone is not enough. Any sustainable peace needs to comprehensively address the underlying causes of a conflict. Digital issues need to be dealt with as a part of mediation efforts and not as a standalone element.

Mediation has been more active in embracing social media (see for instance “UN Digital technologies and mediation in Armed Conflict”) and there are increasing efforts to use social media data in analysing conflict dynamics and even attempts to add clauses restricting the use of social media in peace treaties. There has been less attention by mediators on tackling malicious cyber activity, including spying, hacking, sabotage and terrorism.

I propose a three-pronged strategy for mediation to better address malicious cyber activity. First, there is a need to recognise its significance and identify digital risks. The best place to start is the Cyber Hygiene and Digital Risk Management E-learning Platform for Mediators created by the UN, CyberPeace Institute and CMI.

The second part of the strategy is to bolster the norms and rules of cyber space that have developed over the last ten years. UN processes have established norms of responsible state behaviour in cyber space. At the same time there has been several processes (such as the Paris Call) that aim to clarify rules for non-state actors, namely companies. Any mediation work should aim to strengthen these efforts to create more regulated and predictable behaviour and to support the nascent confidence building measures in cyber space.

Third, mediation should know the importance of transparency in dealing with cyber issues. Enhanced attribution in cyber space is increasingly a key enabler of mediation work. The threat of transparency constrains the capabilities of malicious perpetrators and helps deter them. Transparency concerns over the unintended consequences of cyber operations have also arisen. Earlier hostile cyber operations such as NotPetya and WannaCry malware have had significant knock on effects and wreaked havoc among the general population. Mediators should be vocal on the potential catastrophic damage instigated by parties to conflicts who resort to malicious cyber operations.

These three elements of the strategy are not new to mediators used to dealing with highly conflictual situations and parties that are willing to use any available means to prevail. Maybe the most novel aspect to them is the deepening cooperation with private companies. Cyber space differs from other domains where a conflict develops through its linkages to the actions of private actors. It is truly a multi-stakeholder operation. Mediators therefore need to boost their partnerships with companies that are active in cyber space.

This article was first published by Cyberwatch Finland 2/2022.