How to safeguard the internet after the war in Ukraine 

The war in Ukraine has not only created untold suffering for multitudes and the greatest crises in international peace and security in decades. It also has potentially serious consequences for the future of the global internet as we know it, and a large international meeting set for 2025 might prove decisive.

At least two alternative futures seem to be on offer. In the best case, the world can hope for a bright, stable digital future, with different parts of cyberspace working in tandem and available globally, and where international cooperation makes it increasingly safe and secure. The alternate vision is bleaker: a “splinternet” of competing internets and walled gardens, where cybercrime is rife, and the calamitous threat of civilization-crashing cyberwar is ever-present. The conflict in Ukraine has made this darkening web more likely.

The conflict in Ukraine has revealed to all what for many cyber professionals has long been clear: firstly, even state-on-state cyberconflict has a strong nonstate component. Secondly, international cybersecurity (including issues of peace and war) and internet governance (the management of the internet) are more entwined than some might like. And thirdly, the struggle over the future of the internet is largely a clash of visions of what it should look like, and who should manage it: a “closed” intergovernmental one, where states mold cyberspace to their purposes, versus an “open” one where the existing multistakeholder model of cooperation between the private sector, civil society and government continues to develop to manage the internet's resources together. And while much of the world seems united in condemning the invasion of Ukraine, there is much less consensus on what the future of the internet should look like.

While the world has been mesmerized by the physical devastation in Ukraine, a hidden conflict is underway in cyberspace. Sources show that at least 150 cyber incidents have taken place since the outbreak of the war. Many of them have been directly exercised or countered by non-state actors. On invasion day, a series of DDoS attacks, all running off criminal botnets, took down several government websites. A number of cyber-vigilantes have hit Russian websites. At the same time, a new wave of criminal ransomware attacks has hit Europe and its energy companies, often with the appearance of being politically affiliated. Private companies, from Elon Musk’s Starlink to AirBnB have rushed to provide support to Ukrainian civilians but also to its military. In the weeks prior to the conflict, Microsoft's Threat Intelligence Centre identified and responded swiftly to a destructive malware targeting the Ukrainian government and financial services. At least as pernicious as the cyberattacks have been the incessant information war, which has already shown how fragmented the information domain really is, and how politically effective leveraging that fragmentation can be, especially in influencing one's own population. Throughout the Cold War, few “truth bubbles” were more contained or deeper reaching than those that have become visible during the present conflict. This is the essence of what the “closed” internet has on offer: conflict, confusion, and above all, aspirations of centralized control.

Despite these aspirations, the internet is currently governed by a more “open”, multistakeholder model that engages governments, the private sector, civil society, and international organizations. This multistakeholder approach emerged from the World Summit of the Information Society (WSIS) in 2005, where the principle of a non-state-led internet was effectively agreed upon. The process also led to the creation of the Internet Governance Forum (IGF) that, today, serves as a platform for public policy discussions on internet-related issues. The year 2025, the 20th anniversary of WSIS and the year the IGF’s mandate expires, will be a decisive moment for internet governance. Just as they did at the first WSIS, and again in 2015, decision-makers will consider how, and with what legitimacy, key parts of the internet are governed. If discussions fail then the fragmentation of the internet is a real possibility.

A likely defining parameter in these discussions of “who runs the internet” will be perceptions on security. Currently, international cybersecurity issues are often kept rigorously separated from discussions on internet governance – largely to keep discussions on “bad content” from influencing discussions on the internet managed. Despite hosting parallel processes, which in 2021 saw reports from both a Group of Government Experts (GGE) and an Open-Ended Working Group, international cybersecurity discussions at the UN have largely concentrated on “norms of behaviour” – for instance, an injunction not to interfere with another country's critical infrastructure in peacetime – and even these supposedly agreed norms have been sorely tested as of late. Other processes – like the so-called Ad-hoc Committee working towards a draft convention on cybercrime – are both deeply siloed and so clearly identified with Russia that progress seems difficult in the current environment.

To bridge this divide, the UN Secretary-General has launched a wider discussion on “digital cooperation”. This evolving concept, stemming from the Secretary General’s Roadmap for Digital Cooperation, largely addresses issues of access, capacity building, internet governance, and other issues – all of which should be agreed upon by a multistakeholder coalition of governmental, private sector, and civil society leaders in the fall of 2023 in a newly-proclaimed Global Digital Compact (part of the Secretary General’s 2021 report Our Common Agenda). If the Compact unfolds as planned, it will be one of the most prominent proofs of how mainstream the concept of multistakeholder has become. It might also represent the best chance to keep international discussions from completely derailing on the road to the WSIS+20 meeting in 2025.

More recently, many “like-minded” nations have begun to recognize the importance of a broader approach as well – one that recognizes the overlapping role of security, trust, and multistakeholder governance in the continued flourishing of the internet. After months of deliberation with international partners, on April 28 the Biden administration with endorsement from 60 other nations, including the entire EU, UK, Japan, Canada and Israel issued a “Declaration for the Future of the Internet” aimed at supporting “a future for the internet that is open, free, global, interoperable, reliable, and secure”.

These discussions must continue and recognize the interconnectedness of cyber and internet governance issues. Efforts to sustain a multistakeholder internet governance model cannot stop with declarations by states. They must be supported by all stakeholders who benefit from the internet and its associated communications and technologies.

Toward that end the World Economic Forum is convening a Global Dialogue on Digital Cooperation. This dialogue will ensure an impartial platform for strengthening the multistakeholder governance model of the internet and help support a more positive and inclusive digital future.