ICT 4 Peace Foundation

[Talk] Cyber operations, armed conflicts, and international law

Event recording

Event description

Event date: 23 June 2022, 17:30–18:30 CEST

In this talk, researchers from the Geneva Academy will shed light on the different examples of cyber operations (e.g. Stuxnet, NotPetya, and SolarWinds) allegedly conducted or sponsored by states to explicate their geopolitical effects and challenges to international law. As the importance of ICT grows in the modern world, cyber operations have become an integral part of state and non-state actors’ strategies against other states and actors. Researchers will present their findings as part of the project on disruptive military technologies.

For more information, and to register, please visit the official page.

CyberPeace Institute

Address: Av. de Sécheron 15, 1202 Genève, Switzerland

Website: https://cyberpeaceinstitute.org

Stakeholder group: NGOs and associations

 The CyberPeace Institute, an independent, neutral, and collaborative non-governmental organization, was created to enhance the stability of cyberspace. It aims to decrease the frequency, harm, and scale of cyber-attacks on civilians and critical civilian infrastructure, and increase the resilience of vulnerable actors. The Institute subscribes to the following principles in its work:

  • Impact: Reducing the frequency, harm, and scale of cyber-attacks by pushing for greater restraint in the use of cyber-attacks, increasing accountability for attacks that occur, and enhancing capabilities to prevent and recover from attacks.
  • Inclusiveness: Being inclusive and collaborative in the approach, cooperating with, and supporting, existing synergistic efforts.
  • Independence: Operating free from the direction or control of any other actors, including states, industries, and other organisations.
  • Integrity: Ensuring that its work and interactions with the cybersecurity community and victims of cyber-attacks reflect the highest ethical and analytical standards.
  • Neutrality: Supporting the stability and security of cyberspace rather than the interests of individual actors; as such, engaging with stakeholders and cyber-attack victims regardless of geographic location, nationality, race, or religion.
  • Transparency: Being transparent about its operations and methodologies, when it is feasible and responsible.

Through field analysis and global campaigning, the Institute’s goal is to protect the most vulnerable and to achieve peace and justice in cyberspace.  Its work is structured around three pillars: assistance, analysis, and advancement. These pillars form the core of the Institute’s mission, building on the simple reality that infrastructure, networks, regulations, norms, and protocols are merely enablers in cyberspace.

To fulfil this mission, and to deliver products and services which have a real impact, the Institute has four strategic objectives, ensuring a human-centric response to the technological, ethical, and regulatory challenges of cyberspace. Each of these objectives enables operational, tactical, and strategic responses with the goal of empowering people by maintaining a vibrant, open, free, and peaceful online space. The first three objectives are aligned with the three pillars, while the fourth objective ensures that the Institute and its staff are at the forefront of what will be tomorrow’s challenges in cyberspace.

  1. Strategic Objective 1: To increase and accelerate assistance efforts towards the most vulnerable, globally.
  2. Strategic Objective 2: To close the accountability gap through collaborative analyses of cyberattacks.
  3. Strategic Objective 3: To advance international law and norms in order to promote responsible behaviour in cyberspace.
  4. Strategic Objective 4: To forecast and analyse security threats associated with emerging and disruptive technologies, to innovate breakthrough solutions, and to close the skill gap to address global cyber challenges.

The Institute has an international scope, and is independent, apolitical, and impartial in its operations, publications, and partnerships.

Digital Activities

The Institute provides assistance to vulnerable communities, analyses cyberattacks to increase accountability, advocates for the advancement of the role of international law and norms for responsible behaviour in cyberspace, forecasts future threats (with a focus on disruptive technology), and supports capacity building.

Example of operational activities include:

  • Mapping the threat landscape in relation to critical civilian infrastructure.
  • Supporting the delivery of assistance at scale to the most vulnerable victims of cyberattacks.
  • Co-ordinating resources to amplify the impact of existing assistance efforts.
  • Conducting forensic and impact analyses of sophisticated cyberattacks and cyber operations, in co-operation with a consortium of experts from academia, industry, and civil society.
  • Co-ordinating relief efforts through a network of volunteers and providing knowledge products to increase resiliency.
  • Advancing the role of international law and norms governing the behaviour of state and non-state actors in cyberspace.
  • Analysing responses to violations of norms, and how normative or legal gaps are exposed and undermined.
  • Increasing public awareness of the real-life impact of cyberattacks, and providing a platform where vulnerable populations can tell their stories.
  • Analysing potential threats and opportunities stemming from the convergence of disruptive technologies (e.g., artificial intelligence, brain machine interface, augmented Reality, virtual Reality, 5G, etc.).
  • Acting as a platform to share innovative approaches and capacity-building strategies.

Digital policy issues

Critical infrastructure 
Consistent with its human-centric approach, one of the Institute’s key areas of focus is the protection of civilian infrastructure from systemic cyberattacks. For instance, in 2020, the Institute, together with a number of partners, launched Cyber 4 Healthcare, a targeted service for healthcare organizations fighting COVID-19. The initiative helps people find trusted and free cybersecurity assistance provided by qualified and reputable companies. In May 2020, the Institute issued a call for governments to stop all cyberattacks on healthcare organizations and to work with civil society and the private sector to ensure that medical facilities are protected and that perpetrators are held accountable.

Following that appeal to governments, the Institute launched a Strategic Analysis Report in March 2021.  Playing with Lives: Cyberattacks on Healthcare are Attacks on People  urges governments to remove rewards for criminals and hostile states attacking healthcare. The first of its kind, this analytical report focuses on the impacts of attacks on people and society and highlights the responsibilities of nation-states in leading the way for attacks to decrease globally and threat actors to be held accountable.  It maps existing initiatives and provides actionable recommendations to governments and policymakers to engage with civil society, industry and academia and design collective solutions.

Cyberpeace: From Human Experience to Human Responsibility
While the international community has recognized the need to be more “human-centric,” the CyberPeace Institute believes that an increased focus on human impact is not enough. In our pursuit of cyberpeace, we must start with the human impact. In each and every response, we must recall that the digital is human.

In cyberspace, everyone has a role to play. This collective action is essential to promoting justice, effecting change and ensuring human security, dignity and equity.

The CyberPeace Institute is gathering testimonials and digital evidence from the field to track these diverse accountabilities, ensuring that cyberattacks and cyberoperations are investigated in their local context. Closing the accountability gap will be made possible by shedding light on responsibilities in the context of the societal impact of irresponsible behaviour.

Network security 

To increase the scale and impact of its efforts to assist civilian victims of cyber-attacks, the Institute is building the CyberPeace Builders network, composed of volunteers from a range of backgrounds and locations worldwide, administered by a dedicated management structure, in collaboration with partners with established assistance capabilities. The network will provide emergency incident response and longer-term recovery plans to civilian victims recovering from significant cyberattacks perpetrated by malicious actors. It also assists vulnerable individuals in increasing their resilience and guarding against future cyberattacks.

Interdisciplinary approaches 

In order to contribute to closing the accountability gap in cyberspace, the Institute seeks to advance the role of international law and norms. This includes initiatives such as: publishing analyses of the economic and social impacts of cyberattacks; driving external engagement with stakeholders, individuals, and organizations focused on enhancing the stability of cyberspace; conducting reviews of cyberattacks based on international law and norms; and assessing potential remedies to fill the identified gaps. The Institute is actively engaged in the work of the United Nations Open-Ended Working Group on Developments in the Field of Information and Telecommunications in the Context of International Security, and is co-Chair of the Paris Call Working Group 5:  Building a cyberspace stability index, one of six groups established in November 2020 which are dedicated to ensure that fundamental rights and principles that apply in the physical world are respected in cyberspace.  More information on the Paris Call here

Capacity development 
In 2020, the Institute initiated a series of CyberPeace Labs webinars, bringing together experts from academia, the private sector, international organizations, civil society, and governmental bodies as discussants. Within the context of the COVID-19 pandemic, the first CyberPeace Lab:  Infodemic: A Threat to Cyberpeace, explored how malicious actors exploit infodemics to facilitate cyberattacks. The discussions from the series produced a set of best practices and actionable recommendations to inform initiatives undertaken by the Institute and, ultimately, to improve resilience against cyberattacks and bring about online peace.

The Institute also aims to facilitate the creation and scale-up of operational partnerships for cyber capacity-building, notably with grassroots practitioners and civil society organizations, to maximise the beneficial impact on local communities and individuals, while taking into account specific human contexts.

The Institute is also developing tailored products, such as the Resilience Toolkits, which are tailored to improve cyber hygiene.  These Toolkits reflect specific local and regional contexts and are designed, produced, and delivered in collaboration with local partners and stakeholders to accelerate existing efforts at the regional level.

In 2021 the Institute launched the Cyber Awareness Café, an online resource that promotes cyber awareness through sharing of information and cybersecurity tips with NGOs and local entities around the world.

Digital tools

In addition to its CyberPeace Labs, the Institute shares useful video materials and discussion recordings on its YouTube channel, maintains blogs on Medium, and is an active user of a number of social media channels, for example, Twitter, LinkedInInstagram and Facebook.

United Nations Institute for Disarmament Research

Acronym: UNIDIR

Address: Palais des Nations 1211 Geneva 10 Switzerland

Website: https://unidir.org

Stakeholder group: International and regional organisations

Founded in 1980, the United Nations Institute for Disarmament Research (UNIDIR) is an autonomous institute within the UN, conducting independent research on disarmament and related problems.

Digital Activities

UNIDIR is concerned with cybersecurity, such as threats and vulnerabilities related to information and communication technologies (ICTs), and the use of new technologies such as artificial intelligence (AI) applications in warfare. It supports the UN GGE and OEWG processes. It focuses on research and awareness raising on this topic with a broad range of stakeholders and maps the cybersecurity policy landscape.

Digital policy issues

Cybersecurity 

UNIDIR’s Security and Technology Programme (SecTec) builds knowledge and raises awareness on the security implications of new and emerging technologies. Cyber stability is one area of focus for UNIDIR. Key topics include electronic and cyberwarfare, the role of regional organisations in strengthening cybersecurity, and the exploitation of ICT threats and vulnerabilities. UNIDIR provides technical and expert advice to the chairpersons of the UN GGE and OEWG on norms, international law, confidence-building measures, capacity building, co-operation, and institutional dialogue. The annual cyber stability conference brings various stakeholders together to promote a secure and stable cyberspace and in particular the role of the UN GGE and OWEG. In addition, UNIDIR organises a series of workshops on the role of regional organisations in strengthening cybersecurity and cyber stability. The Cyber Policy Portal is an online confidence-building tool that maps the cybersecurity policy landscape, fostering transparency and reducing the risk of conflict in cyberspace.

Artificial intelligence 

‘AI and the weaponisation of increasingly autonomous technologies’ is one of the current research areas of UNIDIR, which aims to raise awareness and build capacities of various stakeholders, including member states, technical communities, academia, and the private sector. Research on AI covers a broad range of topics from human decision-making, autonomous vehicles, and swarm technologies.

Future of Meetings

Any reference to online or remote meetings?

Digital tools

Cyber Policy Portal

Graduate Institute of International and Development Studies

Acronym: IHEID

Address: Maison de la paix, Chemin Eugène-Rigot 2A CH-1211 Geneva, Switzerland

Website: https://graduateinstitute.ch

The Graduate Institute of International and Development Studies is an institution of research and higher education at the postgraduate level dedicated to the study of world affairs, with a particular emphasis on the cross-cutting fields of international relations and development issues.

Through its core activities, the Institute aims to promote international co-operation and contribute to the progress of developing societies. More broadly, it endeavours to develop creative thinking on the major challenges of our time, foster global responsibility and advance respect for diversity.

By intensely engaging with international organisations, non-governmental organisations, governments and multinational companies, the Institute participates in global discussions and prepares future policymakers to lead tomorrow’s world.

Digital Activities

As part of its main strategy, the Institute seeks to develop digitally-driven innovation in teaching and research, as well as information technology (IT) services. At the same time, as a research institution focusing on global challenges and their impacts, digitalisation has become one of its fundamental and policy-oriented research areas.

Over the years, the Institute has developed a performing IT infrastructure with secured data storage space and digital platforms (e.g. Campus, Moodle, TurntIn, Zoom, MyHR, Salesforces, Converis, etc.) to provide seamless services as well as dematerialised/paperless processes (e.g. student applications, course registration, etc.) for students, staff, and professors.

Various publications address topics related to digitalisation and its impact, such as big data, robotics, crypto mining, terrorism and social media, data in international trade and trade law, Internet governance, digital health, microfinance and Fintech, smart cities, etc.

The Institute also organises workshops, seminars, film screenings, and other events that cover Internet-related issues, ranging from the digital divide and the governance and regulatory aspects of data to cybersecurity.

Digital policy issue

Capacity development 

The Institute provides a multidisciplinary perspective on international governance, including research and teaching on Internet governance, digital trade, and artificial intelligence (AI).

In terms of teaching, its Master, PhD, and executive education courses are increasingly focused on the effects of digitalisation on society and the economy, and more generally the global system. Some examples of courses are Internet Governance and Economics’, ‘Internet Governance: the Role of International Law, Cybersecurity and Virtual Insecurity’, ‘Artificial Intelligence and the Future of Work’, ‘Technology and Development’, and ‘Big Data Analysis’. Digital skills workshops are also organised for students to provide them with basic digital competence for their future professional or academic life (e.g. big data analysis, digital communication strategy, introduction to programming with Python, data analysis in various contexts, etc.)

In terms of research, a growing number of researchers and PhD candidates analyse the impact of digitalisation on international relations and development issues. A few examples of research topics are Internet and AI governance, digitalisation of trade, fintech, AI and humanitarian law, regulatory aspects of data, digital inclusion, and open government data. Some of the prominent research initiatives are listed under respective digital policy issues sections below.

The Institute also supports professors in developing pedagogical skills and in using digital tools. Workshops are offered to all faculty members at the end of the summer to prepare them for hybrid teaching and the use of new technological tools in the classroom.

Artificial intelligence 

The Institute hosts the new Digital Health and AI Research Collaborative (I-DAIR) directed by former Ambassador of India and Visiting Lecturer at the Institute Amandeep Gill. I-DAIR aims to create a platform to promote responsible and inclusive AI research and digital technology development for health. This platform is supported by the Geneva Science and Diplomacy Anticipator (GESDA).

The faculty also carries out a number of digital policy-related research projects, some of which focus on AI in particular. For example, the project titled ‘Lethal Autonomous Weapon Systems (LAWS) and War Crimes: Who is to Bear Responsibility?’ aims to clarify whether and to what extent the requirements for ascribing criminal responsibility for the commission of an act – and in particular the key concepts of culpability theories – can be applied to the use of LAWS in combat operations. This analysis will serve to identify lacunae and inconsistencies in the current legal framework in the face of the advent of military robotics.

Sustainable development 

A number of projects carried out by the Institute’s members aim to address the relation between digital technologies and sustainable development. For instance, the ‘Modelling Early Risk Indicators to Anticipate Malnutrition’ (MERIAM) project uses computer models to test and scale up cost-effective means to improve the prediction and monitoring of undernutrition in difficult contexts.

The project ‘Governing health futures 2030: growing up in a digital world’, hosted at the Global Health Centre, explores how to ensure that digital development helps improve the health and well-being of all, and especially among children and young people. It focuses on examining integrative policies for digital health, AI, and universal health coverage to support the attainment of the third sustainable development goal.

Focusing on the Global South, the project ‘African Futures: Digital Labor and Blockchain Technology’ strengthens empirical knowledge on changing trends in employment in the region by way of a two-pronged approach to the increasingly interconnected global division of labor: i) App-based work mediated by online service platforms and ii) the use of blockchain technology in mining sites for ethical sourcing, traceability, and proof of origin.

Inclusive finance 

Projects carried out by the Institute’s members also address the role of digital technologies in enhancing financial inclusion. The project ‘Effects of Digital Economy on Banking and Finance’ studies digital innovations and how fintech extends financial services to firms and households and improves credit allocation using loan-account level data comparing the fintech and traditional banking.

Online education 

The Institute has developed digital tools (e.g. app for students, responsive website) and used digital services (e.g. social media, Facebook, Google ads, etc.) for many years in its student recruitment and communication campaigns. Digital tools are also part of the pedagogical methods to improve learning. Flipped classrooms, MOOCs, SPOCs, and podcasts, to name a few, are used by professors in master and PhD programmes, as well as in executive education.

Thanks to the above developments, the Institute was able to respond quickly and effectively to the COVID-19 pandemic in March 2020. In a week, the Institute moved to distance working and online teaching.

Digital tools

  • Digital collections that allow free access to historical documents, texts, and photographs on international relations from the 16th to 20th century;
  • Two free online courses (MOOC) on globalisation and global governance.
  • Podcasts showcasing professors and guests’ expertise (What Matters Today, In Conversation With, Parlons en).
  • Podcasts are also integrated into the curricula of several international history and interdisciplinary master courses to encourage students to use social network platforms to popularise their findings.

Future of Meetings

Any reference to online or remote meetings?

  • Events, sessions, and seminars are held online (usually in Zoom), e.g. information sessions for admitted and prospective students are taking place online.

DiploFoundation

Address: 7bis, Avenue De La Paix, CH-1202 Geneva, Switzerland

Website: https://diplomacy.edu

Stakeholder group: Academia & think tanks

DiploFoundation is a leading global capacity development organisation in the field of Internet governance.

Diplo was established by the governments of Switzerland and Malta with the goal of providing low cost, effective courses and training programmes in contemporary diplomacy and digital affairs, in particular for developing countries. Its main thematic focuses are on Internet governance (IG), e-diplomacy, e-participation, and cybersecurity.

Diplo’s flagship publication ‘An Introduction to Internet governance’ is among the most widely used texts on IG, translated into all the UN languages and several more. Its online and in situ IG courses and training programmes have gathered more than 1500 alumni from 163 countries. Diplo also hosts the Geneva Internet Platform (GIP).

Diplo also provides customised courses and training both online and in situ.

Geneva Internet Platform

Acronym: GIP

Address: WMO Building, 7bis, Avenue de la Paix, CH-1202 Geneva, Switzerland

Website: https://giplatform.org

Stakeholder group: NGOs and associations

The Geneva Internet Plaform (GIP) is a Swiss initiative operated by DiploFoundation that strives to engage digital actors, foster digital governance, and monitor digital policies.

It aims to provide a neutral and inclusive space for digital policy debates, strengthen the participation of small and developing countries in Geneva-based digital policy processes, support activities of Geneva-based Internet governance (IG) and ICT institutions and initiatives, facilitate research for an evidence-based, multidisciplinary digital policy, bridge various policy silos, and provide tools and methods for in situ and online engagement that could be used by other policy spaces in International Geneva and worldwide. The GIP’s activities are implemented based on three pillars: a physical platform in Geneva, an online platform and observatory, and a dialogue lab.

Geneva Centre for Security Policy

Acronym: GCSP

Address: Chemin Eugene-Rigot 2D, CH - 1211 Geneva 1, Switzerland

Website: https://gcsp.ch