As cyber warfare, online radicalization, and AI-driven disinformation increasingly shape modern conflicts, the escalating crisis in the Middle East has exposed how digital platforms can rapidly amplify instability far beyond the battlefield. To explore how governments, technology platforms, and civil society should respond to these evolving threats, Tural Akhundov, Research Fellow at CRESCENT Research Center, speaks with Lukas Andriukaitis, Co-Founder of Civic Resilience Initiative, about wartime information controls, the limits of current international cybersecurity frameworks, and the future of digital civil defense in an era of synthetic media and coordinated cyber influence operations.
How can governments and major tech platforms such as Meta balance the need for cybersecurity, counter-disinformation efforts, and national security with the protection of civil liberties, including freedom of expression, privacy, and uninterrupted access to reliable information, particularly when states impose internet restrictions during wartime?
The "balance" framing is often used to argue against any restrictions at all - but in wartime, that's a luxury position. Democracies that refuse to act decisively against hostile information operations don't preserve their liberties; they lose them to adversaries who exploit openness as a vulnerability.
Russia, Iran, and other similar actors don't play by liberal rules. They flood information spaces precisely because they know democratic societies hesitate to respond. Treating every restriction as a slippery slope hands them a permanent operational advantage.
That doesn't mean anything goes. Restrictions should be lawful, time-limited where appropriate, and reviewable. But we need to be honest that some interventions - rapid platform takedowns of coordinated inauthentic networks, restrictions on hostile state media, emergency authorities during active conflict - are legitimate and necessary. Ukraine has shown this: it banned Russian platforms and state-aligned outlets, restricted certain narratives, and kept democratic legitimacy intact.
The country didn't collapse into authoritarianism - it survived.
The Middle East crisis has shown how quickly online narratives can inflame tensions globally. Are current international cybersecurity frameworks enough to effectively address transnational online radicalization?
No - and the inadequacy is becoming dangerous. Existing frameworks were built for a slower, more polite world. The Budapest Convention, the UN GGE process, the Christchurch Call - useful as starting points, but nowhere near sufficient.
Transnational radicalization moves at a speed and scale these mechanisms can't match.
The Middle East crisis has made this brutally clear. Content inciting violence reaches millions before any coordinated response is even drafted. Definitions of incitement vary so widely across jurisdictions that bad actors simply route their operations through the most permissive ones. And platform-by-platform self-regulation has consistently failed: Telegram remains a near-ungoverned space for extremist coordination, and smaller platforms operate with effectively no accountability.
What role should universities, NGOs, and local communities play in identifying and countering foreign cyber influence operations before they escalate into real-world political instability or violence?
These actors are essential - but they can't substitute for state capacity and regulatory enforcement. That's a mistake the field has been making for too long. Universities should do the rigorous attribution and longitudinal research that justifies stronger policy responses. The closure of CrowdTangle and tightening of API access has been a deliberate platform strategy to limit accountability, and governments should compel access through regulation rather than asking nicely.
NGOs do detection, capacity building, and public communication - often better than governments. But they operate in an under-funded, fragmented landscape, while adversaries have unified command structures and sustained resources. Sustained core funding for credible civil society organizations isn't charity, it's strategic infrastructure. Governments should be funding it accordingly, and protecting it from the political pressure that has shut down counter-disinformation work in several democracies recently.
As non-state actors increasingly use AI-generated propaganda, deepfakes, and coordinated cyber campaigns during the Middle East conflict, what new forms of “digital civil defense” should societies build over the next five years?
The framing of "non-state actors" actually understates the threat - state actors are using these tools more aggressively and with better resources. Either way, the cost of producing convincing synthetic content has collapsed, and our defenses are nowhere near where they need to be. A serious digital civil defense agenda requires moving past voluntarism:
Mandatory provenance and authentication. C2PA content credentials and cryptographic signing of authoritative sources shouldn't be optional. Platforms should be legally required to label or restrict unverified synthetic content, particularly during elections and active conflicts.
National-scale media literacy, mandated and funded. Finland and Estonia treat it as core civic infrastructure for a reason. Other democracies should follow - and extend it to adult populations, who are disproportionately targeted and most vulnerable.
Lukas Andriukaitis, Co-Founder of Civic Resilience Initiative