Every year in May, the UN Security Council (UNSC) holds its annual debate on the Protection of Civilians (PoC). In a concept note for the 2025 iteration held under the presidency of Greece, civilian protection was reinforced as a cornerstone of the UNSC’s agenda and as a core obligation under international humanitarian law (IHL) and international human rights law (IHRL).
The note also highlights that the nature of armed conflict has undergone profound changes in recent years, including due to the emergence of new technologies of warfare and cyber threats.
In a world of constant bloodshed and what feels like an increasingly inconsistent commitment to international law, it can be challenging to view cyber and digital security as being as dire of a threat to civilians in the way that bombs, drones, and blockades are.
But as the Russia-Ukraine conflict and the recent India-Pakistan crisis have demonstrated —among other incidents — a wide range of cyber tools and tactics are being put to use in instances of war, rivalry, and crisis. Often, this involves diverse non-state or non-governmental actors in ways that blur the line between civilians and combatants, with potentially dangerous consequences.
In his 2025 report on the Protection of Civilians, UN Secretary-General Antonio Guterres notes that, “The way in which information and communications technology (ICT) is being used in armed conflict also continues to raise concerns about compliance with international humanitarian law and the protection of civilians.” In order for bodies like the UNSC and its mandates to stay fit for purpose in a digital age, UN member states should do more to account for and mitigate these changes.
The Role of Cyber in War…and in Peace
A major concern is about how cyber operations can damage or disrupt essential infrastructure and services such as energy, transportation, water, communication, or even medical. This is already considered a high-priority risk by most countries during peacetime, but in instances of armed conflict, the potential impact of losing those services becomes more severe. Cyber operations that directly target civilians are also a possibility.
Guterres’ report highlights that the use of ICT has generated a larger role for civilians and civilian platforms armed conflict, thus exposing them to direct or incidental harm. While civilian involvement in war is not new, per se, the ICT environment can facilitate and multiply it. For example, Ukraine mobilized thousands of civilian volunteers in cyber actions against Russia through what became known as the “IT Army,” while civilian hacker groups from other countries joined the conflict too.
Finally, and while not exactly a cyber threat in the traditional sense, the use of digital and communications technologies for mis, dis, and mal information (sometimes likened to information warfare or influence operations, depending on context) is often cited as a particular concern in the context of PoC. This was particularly highlighted by several delegations during the annual Debate, and Guterres’ report specifically references Sudan, where “harmful information on social media has reportedly exacerbated divisions and fueled violence and the killing of dozens of people.”
Research from the International Peace Institute has further examined the relationship between cyber and UN peace operations, which are closely linked to the PoC mandate. Their research points out that peace operations are increasingly using advanced intelligence and surveillance technologies, generating more sensitive, centralized data. While this centralization offers some security benefits, it also presents a concentrated target for cyber intrusions. It also speaks to how the presence of non-state armed groups and non-state actors in peacekeeping environments introduces new cybersecurity challenges, as these actors may conduct surveillance operations that compromise UN communications and could increase host states’ willingness to intrude into UN networks.
Moreover, mission personnel and humanitarian organizations increasingly face hacking attempts intended to undermine them personally. The expansion of AI capabilities presents additional risks for manipulating information to target individuals or units. In 2022, for example, the International Committee of the Red Cross (ICRC) experienced a sophisticated data breach that compromised the personal data of over 515,000 highly vulnerable people
Yet, digital technologies and cyber capabilities can also bring benefits and opportunities for the implementation of mandates: encrypted communications can help maintain the integrity and confidentiality of mediation processes; missions can help protect human rights defenders and journalists from surveillance through cybersecurity assistance; and maintaining secure, independent communications infrastructure helps sustain protection activities during government-imposed internet shutdowns.
Why Does This Matter?
UN Security Council members have increasingly been taking note of how cyber activity impacts international peace and security and contemplating what its role should be, vis-à-vis the mandates of other UN bodies. As Stimson’s project on cyber in the UNSC has captured, there were an increasing number of both formal and informal UNSC meetings on cyber-related topics in recent years, including some that zoomed in on specific challenges like ransomware and spyware. These meetings and efforts have been beneficial in driving momentum on cyber-related topics within the Council.
Some states have highlighted the importance of mainstreaming cyber across existing UNSC mandates, including PoC, peacekeeping, and humanitarian operations. In this regard, a few have offered specific suggestions, such as for situational awareness briefings that could enable the UNSC to make informed decisions on specific geographical issues and in the context of peacekeeping operations or the protection of critical infrastructures, or to strengthening strategic communications in peacekeeping operations and special political missions.
Also relevant and worth reinforcing in the context of PoC is the universal agreement from all UN Member States since 2013 that international law, including the UN Charter, applies to state conduct in their use of ICTs. This includes IHL and IHRL. Quite a few of the UN’s non-binding norms for responsible cyber behavior also have relevance to PoC and related mandates, such as Norm A on the maintenance of international peace and security; Norm E on upholding human rights online; Norm F on the protection of critical infrastructure, and Norm I on supply chain integrity.
The Council should leverage the current momentum on cyber issues to more closely consider how to prevent and mitigate the negative impact of cyber operations and ICT misuse on civilian protection and, relatedly, international peace and security. A recent resolution from the National Red Cross and Red Crescent Societies on “Protecting civilians and other protected persons and objects against the potential human cost of ICT activities during armed conflict” gives good guidance in this regard. The digital age demands updated protection frameworks — and the UNSC should act with urgency to protect civilians now and well into the future.
