Blue Cyber Diagram

Cyber Blue Helmets – Can Cyber Peacekeepers Help Sustain Peace in Cyberspace?


Months and even years before the Russian convoy of tanks and artillery started crossing the border into Ukraine, initiating attacks on the ground and in the air, another war has already been underway—the war in cyberspace.

War and peace in cyberspace

Examples of this “war in cyberspace” include the 2015 hack of the Ukrainian power grid, leading to widespread outages, and the 2017 disabling of various Ukrainian government websites using NotPetya malware, which created damage that went beyond Ukraine. The NotPetya incident gained status as one of the worst cyberattacks in modern history. And in February this year, Microsoft detected and warned of a new series of offensive cyberattacks directed against Ukraine’s digital infrastructure, including Ukrainian military institutions, manufacturers, and several government agencies. Other recent cyberattacks have targeted the financial sector, agriculture sector, and even emergency response services and humanitarian aid efforts. All these—and similar attacks targeting civilians—open a new chapter in cyberspace’s “rules of war,” and could be seen potentially as a violation of the Geneva Convention, which aims to protect civilians in war.

Although some experts claim that the cyberattacks launched by Russia in this current conflict have been relatively minimal and less damaging than they could have been, many believe that, considering Russia’s significant cyberwarfare capabilities, major attacks are yet to come. The most recent attempted attack on Ukraine’s electricity grid is likely the sign that more similar attacks will follow. Preparing for defense in cyberspace is challenging, as methods of attacks are advancing faster than the global community can respond. Policy and legal frameworks, including different formal and informal initiatives, are all still in early stages of development. Some positive latest developments include the United Nations (UN) groups (such as the Group of Governmental Experts and the Open-Ended Working Group), industry coalitions (the Charter of Trust, the Cybersecurity Tech Accord), and multistakeholder initiatives (the Paris Call for Trust and Security in Cyberspace).

“At the end of the day, there is always going to be room for the most sophisticated actors to be innovating ways around that (protections)—that’s why Microsoft has been in particular very concerned about escalating cyberconflict that is driven by nation states. They are the most advanced and most resourced actors that have often limitless funds to contribute to this space…which raises the stakes for the entire ecosystem.” John HeringSenior Government Affairs Manager for the Digital Diplomacy team, Microsoft

Apart from nation states, there are also stateless actors, like Anonymous, that have conducted cyberattacks against Russian email systems and news channels. The diversity of actors involved makes potential solutions and responses more difficult to find or reach agreement on. In fact, the Ukrainian-Russian war adds another layer of challenges, in which civilians are joining cyberwarfare. Following Russia’s attack on Ukraine, Ukraine’s deputy prime minister and minister of digital transformation announced the creation of a volunteer cyber army, calling for volunteers to “continue fight on the cyber front.” This call attracted not only Ukrainians, but different international groups of hacktivists to join this cyberwar and start attacks on Russia, which soon resulted with distributed denial-of-service (DDoS) attacks on Russian government websites and on Russian banks. All non-Ukrainians who take part in the cyber aspect of this war could be treated as international combatants, and risk becoming parties in war.

“The involvement of cyber experts to participate in military attacks (whether offensive or defensive) has implications for these individuals who may unknowingly lose their civilian status and their legal protection as civilians under international humanitarian law.” Stéphane Duguin, Chief Executive Officer, CyberPeace Institute

With the war in Ukraine clearly showing that it is accompanied by a cyberwar, we explore the need for keeping peace in cyberspace with the potential help of a new international instrument: Cyber Blue Helmets, which could assist in keeping the peace in cyberspace and assist in including the sustaining cyber peace approaches in peace agreements.

Lessons from the Digital Blue Helmets program

In 2016, the UN launched the Digital Blue Helmets (DBH) program to serve as a “common platform for rapid information exchange and better coordination of protective and defensive measures against information technology security incidents for the United Nations, including agencies, funds and programs.” The DBH program is part of UN efforts to build capacity, strengthen coordination, and foster collaboration to enhance cybersecurity preparedness, resilience, and the response of the United Nations. No doubt these efforts are needed, especially in the context of recent increased attacks on UN missions and agencies. The 2021 UN secretary-general’s Strategy for the Digital Transformation of UN Peacekeeping also recognizes that “cyberattacks for financial gain, destruction or disruption of infrastructure, theft or manipulation of information are clearly on the rise and have begun to target peacekeeping,” and emphasizes the need to develop “cyber capacity and resilience in peacekeeping missions to ensure safety and security.” However, the DBH program, is limited in scope, primarily focused on protecting the UN infrastructure, and as such is not yet the right tool to respond to situations as the one we are facing today with the cyberattacks in Ukraine.

Nevertheless, lessons from DBH experience can be useful in designing and implementing better protection of the cyber peace in the future—contributing to the safety of cyberspace before, during, and after conflict.

“Since its formation in 2016, DBH is functioning as an internal cybersecurity team for the United Nations. Currently, it does not have an expansive mandate. However, the scope of the DBH can be expanded in the future to cover a number of issues, including cybercrime, counterterrorism, and cyber conflicts. Moreover, the DBH can complement ongoing UN peacekeeping activities.” Fahad Nabeel, Author of the Critical Evaluation of Digital Blue Helmets Program

Other potential models for cyber peacekeeping

While some researchers propose models for integrating cyber peacekeeping withing the current UN peacekeeping architecture, others see the DBH as a potential starting point of cyber peacekeeping. Other suggestions include an establishment of a Cyber Peace Corps, built on the Peace Corps model, in which cybersecurity professionals would volunteer their skills as cyber peacekeepers with a focus on nation-state cyber conflicts. CyberPeace Builders can also serve as a good example of a volunteer-based cybersecurity approach, enabled through a network of expert volunteers recruited from local and international companies and coordinated by the CyberPeace Institute.

In any of the various formats proposed, cyber peacekeepers would be mandated to protect civilians through prevention of cyberattacks, minimize the damage to infrastructure, rebuild infrastructure after conflict, and increase trust and security in cyberspace. These are not easy tasks for many reasons, including the challenges of getting countries to accept and agree to creating such an entity, the allocation of necessary resources, and the need for highly skilled expertise.

Nevertheless, the challenges should not prevent us working urgently towards finding effective solutions for cyberwar prevention and towards securing peaceful cooperation in a cyberspace. With many useful recommendations already collected from evaluations of DBH and other UN-led conflict prevention and mitigation projects, and with the Ukrainian-Russian war offering another warning for the international community, the moment can be seized to bring these recommendations closer to practice and ensure sustainable peace in the cyberspace.

To hear more about “Building Peace in the Age of Emerging Cybersecurity Risks,” watch the March 2022 edition of our Data for Peace Dialogue →

Photo Credit: Bill Woodcock, CC BY-SA 4.0, via Wikimedia Commons

Stay Connected

Join our mailing list to receive regular updates on our latest events, analysis, and resources.

"*" indicates required fields

This field is for validation purposes and should be left unchanged.