The concept of cyber peacekeeping can be dated back to the early 2000s when Cahill, Rozinov and Mule (2003) stated that “cyber warfare would likely have devastating effects well beyond the boundaries of the combatants and that some kind of peacekeeping capability in cyberspace would be needed”. While at the time these effects were largely unknown and theoretical, today we have seen first-hand how cyber warfare can impact societies. These impacts have been wide ranging, from cyber-attack induced power outages in the Ukraine leaving civilians without essential services (Whitehead, Owens, Gammel, & Smith, 2017) to accusations of electoral interference which harm confidence in the results and social cohesion (Lam, 2018). Cyber peacekeeping has therefore emerged as a practical solution to address the challenges that cyber warfare presents beyond the immediate battlefield (Robinson, Jones, Janicke, & Maglaras, 2018). This article contributes to the field by proposing an approach towards building a cyber buffer zone.
Background
A review of the literature shows that a number of approaches towards cyber peacekeeping have been proposed. Robinson et al. (2018) proposed an approach which largely mirrors existing United Nations Peacekeeping doctrine, describing peacekeeping activities which would be both feasible and valuable to perform in a cyber warfare context.
Akatyev and James (2015) propose a cyber peacekeeping model, including a set of goals and proposals of activities to perform during three stages: no conflict, conflict and post-conflict. In the no conflict stage, cyber peacekeepers work to unite efforts to keep the peace and prevent the outbreak of cyber conflict. In the conflict stage efforts are directed to orchestrating an international response and containing the harmful effects (e.g. through preventing the spread of malware or cyber weapons). Finally, in the post-conflict stage, they propose that cyber peacekeepers are tasked with preventing further destruction and recovering critical infrastructure back to operation. In this regard, the model covers all three phases of warfare with the primary goal of protecting civilians. Akatyev and James have made further contributions by surveying the legal landscape and potential obstacles towards the establishment of a cyber peacekeeping force (Akatyev & James, 2017).
Robinson et al. (2019) have explored how the existing UN Peacekeeping activity of observation, monitoring and reporting could function as a cyber peacekeeping activity. They reach a number of conclusions which form the basis for future work. For example, they propose that any cyber terms in peace agreements should avoid relying upon attribution of cyber-attacks and that securing the expertise required for a cyber peacekeeping operation will likely be the largest challenge to overcome. They conclude that observation, monitoring and reporting could bring value, if it is applied carefully, and that this value would be especially apparent at critical national infrastructures. However, they also suggest that it may function better when performed as part of a cyber buffer zone.
As awareness on the need for cyber peacekeeping has risen, authors such as Dorn and Webb (2019) have highlighted an increasing interest in the concept of cyber peacekeeping at the United Nations. They note the Digital Blue Helmet program as an indicator of the organisation’s acknowledgment that cyber incidents will be part of future peace operations and offer suggestions on ways forward (Dorn & Webb, 2019).
Where the literature is in agreement is that cyber peacekeeping will become necessary as cyber warfare increasingly becomes a part of our future. Dorn (2017) states that cyber peacekeepers could patrol and act in cyberspace just as current UN peacekeepers patrol and act in the world’s conflict zones. When considering the potential impacts on civilians during cyber warfare, he concludes that making an investment in cyber peacekeeping seems like a bargain when considering the alternatives (Dorn, 2017). Nabeel (2019) agrees, noting that there has been an increasing demand for an International-Level Cyber-Security Regime which can regulate the activities of states in the realm of cyberspace.