Cybersecurity and UN Peace Operations: Evolving Risks and Opportunities

This paper discusses the growing potential cybersecurity vulnerabilities of UN peace operations. Fast-moving changes in the cyber capabilities of state and non-state actors, the changing nature of asymmetric warfare, and the positioning of the UN in relation to global and regional geopolitics are increasingly placing peace operations in the crosshairs of complex cybersecurity threats. In parallel to these external trends, internal trends in missions’ intelligence, surveillance, and data management technologies also make them more vulnerable to cyber threats. At the same time, there are opportunities for missions to leverage cybersecurity infrastructure to support the implementation of their mandates, including in the areas of mediation and political settlements and the protection of civil society actors.

The paper provides an overview of the cyber threats facing peace operations and opportunities to leverage cybersecurity tools for mandate implementation. It also documents the operational and policy challenges that have arisen and the Secretariat’s efforts to address them. It concludes with several recommendations for the UN as peace operations seek to operate in an increasingly fraught political and cybersecurity environment:

  • The Secretariat should develop cross-cutting operational concepts and guidance for cyber threat assessments.
  • The Secretariat should articulate its understanding of its duty of care for staff privacy and develop operational guidance and expertise for mitigating threats to privacy.
  • When facilitating political processes, peace operations should consider whether cybersecurity measures will be equally effective in deterring hacking attempts by all parties to ensure they do not exacerbate “information asymmetries.”
  • The UN should explore the boundaries around missions evading or obstructing surveillance or intrusion activities by host states to secure their operations.
  • The Secretariat should mitigate the volume of data exposed to external systems, including by deploying UN-owned and UN-operated intelligence and surveillance devices when possible.