Session 1-5 Transcript
(OEWG 2021-25)

This is an unofficial transcript

Ambassador Gafoor 

Good morning distinguished delegates. The fifth meeting of the first substantive session of the Open-ended Working Group on security of, and in the use of information and communication technologies 2021 -2025 is called to order. I’ve been asked to also remind you that the COVID-19 mitigation measures are in place for this meeting, and all delegates are kindly required to wear a mask or a face covering at all times, except when directly addressing the meeting, and I’ve also been asked to remind you that the delegation size is two persons for this combined conference rooms, one, two and three. I thank you very much for your cooperation with regard to the COVID-19 mitigation measures. Distinguished delegates, excellencies, I’d like to start by giving you an update on where we are, in terms of Agenda Item three, organizational matters. You will recall that yesterday afternoon I had given an update on my informal consultations. I would like to give a further update that I had two more rounds of informal consultations for delegations on the modalities of stakeholder participation yesterday evening, and also this morning, and I would like to report to you that the tone of discussions at the informal meetings have been very constructive. Delegations, I sense are committed to finding a consensual solution on the question or modalities for stakeholder participation. In the informal meetings, I have put forward proposals, and my understanding is that delegations are still reflecting on the proposals. Some delegations have also indicated their support for the proposals I have made. My assessment is that the issue of stakeholder consultations will benefit from further additional informal consultations undertaken by me in my capacity as chair of the working group, and it is indeed my intention to continue such informal consultations in my capacity as chair today, this morning, this afternoon, and possibly in the evening, as well. My sense remains that this is an issue on which consensus is possible. There are indeed differences that remain among delegations, but my sense is that the differences are not insurmountable, and a consensus is possible. As chair of this working group, I remain very much to finding and resolving this issue at this first substantive session of the Open-ended Working Group, and it is also my commitment and hope that we can find a consensual solution sooner rather than later this week. I assure you that I will continue my efforts by reaching out to all delegations in order to find a consensual solution on the important issue of stakeholder participation. While this issue is still in abeyance, and while we search for a consensus solution, I would like very much for the working group to continue its discussions on agenda item five . As you recall, distinguished delegates yesterday, we began a discussion on agenda item five, and there were several interventions already on the very first topic with regard to existing and potential threats and encouraged by the very constructive tone adopted by delegations and the very specific statements and proposals that are being made on the agenda item five(5), and I also appreciate the fact that delegations are responding to the guiding questions that I have put forward with regard to agenda item five. I’m aware that many delegations have traveled from Capitals from afar, and that many are ready and willing and enthusiastic about contributing and sharing their views and statements with regard to agenda item five. It is therefore important that we give all delegations an opportunity to start the discussions and continue the discussions with regard to the different topics under agenda item five. It is therefore, my hope that today, we will be able to do that, this morning and in this afternoon, to continue our discussions on the different topics under agenda item five, and, once again, as I said, a discussion on Agenda Item five, does not mean that we will not continue consideration of items related to Agenda Item three, which is organizational matters, and I propose to give you an update tomorrow morning on where we stand on the question of organizational matters. So on that basis, it is my proposal that we move forward, and continue a discussion on agenda item five, and, if there are no objections, I’d like to proceed with the speaker’s list that we had from yesterday. There are three remaining speakers with regard to Agenda Item five, topic one, which is existing and potential threats, and I invite interested delegations to indicate their interest in taking the floor on this first topic, and,  once we have exhausted the speaker’s list on the first topic, which is existing and potential threats, we will move on to the second topic, which is the question of rules, norms and principles of responsible behavior, and the ways for the implementation, and if necessary to introduce changes to them or elaborate additional rules of behavior, which is topic two. So, that distinguished delegates is my proposal. I’d like to see if there are any objections to that. I see none, it’s so decided. I thank you very much for your cooperation and your very constructive approach this morning, and for your support for my efforts to find solutions to the question of modalities for stakeholder participation, but also your support for my proposal to continue with our discussions on agenda item five. With those comments, I’d like to invite the remaining speakers from yesterday, which is Cuba, Iraq, and Switzerland, who have indicated their interest to speak from yesterday, and others are welcome to indicate their interest to speak on Agenda Item five, topic one at this point. So Cuba, you have the floor on Agenda Item five, topic one. You have difficulties. 


The misuse of ICT is one of the greatest concerns that all states must face today. Therefore, current and potential threats is one of the fundamental topics to be discussed within this group with the aim of achieving a common understanding identifying possible measures where cooperation can happen to prevent and counter these threats. We support proposals aimed at elaborating common terminology with regard to cybersecurity. In this regard, Cuba shares the concern around the implications of malicious use of ICTs, and their negative impact on maintaining international peace and security. The current militarization of cyberspace and attempts to legitimize armed conflict through the use of information and communication technologies is a serious threat. We express our concern regarding the covert and illegal use by individuals, organizations and states of the information and IT systems of other nations to attack third countries because of their potential to provoke international conflict. The threat represented here is exacerbated by the reiterated practice by some states of unilaterally attributing the source of the incidents around ICTs without any detailed impartial or transparent investigation. We, therefore deem it necessary to establish a multilateral mechanism for the attribution of cyber incidents within the context of the United Nations to determine unequivocally and impartially the source of incidents related to information and communication technologies. Critical infrastructures supported using ICTs  are fundamental elements to guarantee social stability and the national security of countries, and there any vulnerability in the face of attack is a threat for states. Cuba rejects the carrying out of activities linked to ICTs which may damage or steal important data from such state infrastructure, or which use these data to carry out activities, undermining national security and the state’s public interests. We deem it very dangerous, that there is undue use of media platforms including social networks to promote hate discourse, incitement to violence, dissemination of false news, subversion, destabilization, and misrepresentation of reality for political and interventionist ends, and as a pretext to unleash war or the threat or use of force. Chair, not all states see the real and potential threats in the same way or give them the same priority. However, it is the responsibility of this group to address them all with the same rigor. Cuba reiterates its willingness to participate actively in the analysis and adoption of cooperation measures to prevent and counter existing and potential threats in this area. Thank you very much. 

Ambassador Gafoor 

Thank you very much, Cuba, Iraq, you have the floor please.


Thank you, Chair. Good morning, everyone. I am going to make this statement by Iraq on the existing and potential threats, in particular the safety of data and cooperation measures. The international community Mr. Chair, currently is witnessing growing use by terrorist and criminal groups of information and communication technologies for the purpose of propaganda, data collection, and the recruitment of new people, and to conduct their extremist activities or ensure that their plans are funded. Furthermore, the cyber attacks could be damaging to the economy of a country and could undermine national security. Given all of that, we think that we need to answer some questions under agenda item five, and here we need to say that some Government and Public institutions as some private entities in Iraq in the course of recent years were subject of repeated cyber attacks, and they hindered their work and impacted their technological infrastructure. This was to the benefit of terrorist groups that had helped them launch terrorist activities in Iraq. Iraq did try to counter these threats and risks by undertaking the following measures: they created a National Group in 2017. Whose specialty is cyber security and reaction to cyber attacks. The groups of function inter alia is to protect the internet infrastructure to disseminate information about the private nature of data and it is also to protect the national networks and data centers as well as the Government sites hosted on the internet. They have to cooperate national activities in this matter and to support the public and private institutions and to make sure that they have the best protection, and to better protect their internet services, by establishing local entities within each institution and these entities are linked with this group that we created. Futhermore, we put together a national strategy in this area. The goal of this strategy is to determine the gaps and to have a centralized approach in order to protect data and prepare infrastructures and train experts, as well as to raise  public’s awareness. Furthermore, we created a technical committee on telecommunication and data security so as to deal with cybersecurity. In the light of all of this, we underscore the importance of doing the following; First of all, member states should make efforts within their constitutional responsibilities to counter any and all cyber attack, the kind of attack that could damage their sovereignty, and undermine their good relations with countries and thus promote peace. Secondly, we should re- double our efforts and cooperate and be flexible and have the political will, so as to establish a rules and norms and principles of responsible behavior of states, the kinds of norms and principles and rules that could meet the challenges that we’re facing. Third, we need to support all international initiatives here and support the role played by the United Nations to encourage dialogue amongst member states, so as to arrive at an agreement in the area of internet security and its peaceful use. I thank you. 

Ambassador Gafoor 

Thank you very much, Iraq, Switzerland to be followed by Nigeria, Switzerland, please. 


Thank you, Mr. Chair for giving me the floor. First, let me thank you for your update on agenda item three. As you, Switzerland wishes to resolve this issue during this session, so that we can focus on the very important substantive discussions. You have our full support to find a solution and trust in your wise leadership. In addressing your questions concerning existing and potential threats, Switzerland would like to make the following statement. Information and communication technologies can be harnessed in powerful and good ways to support democracies and liberal societies, to increase transparency and accountability, to facilitate access to information, which in turn makes it easier for citizens to stay informed and to communicate. Despite these benefits, we are increasingly concerned that states and non-state actors use cyberspace in a way that is inconsistent with the framework for responsible state behavior, which consists of international law, voluntary norms, CBMs, and capacity building. The existing and potential threats outlined in the Open-ended Working Group report 2021 ought to be the basis for discussion throughout our work. In our review, assessment of the Open-ended Working Group remains valid and needs to be built upon, and this goes equally for the GGE report 2021. The malicious use of ICTs is aimed at undermining international peace and security are at the heart of our mandate. We should focus on those malicious activities that have the potential to destabilize international peace and security. Well, there’s some examples that can have a destabilizing effect and ultimately can pose a threat to international peace and security in our view. Interstate conflict as a result of malicious use of ICTs conflict between states are multifaceted and hybrid. Cyber malicious activities are playing a leading role in this regard. The number and sophistication of cyber malicious activities are of great concern over the last decade, the number and sophistication of malicious use of ICT by state and non-state actors has increased, thus threatening the stability of cyberspace. This means that people and organizations may no longer have confidence in their use of cyberspace in a safely and securely manner, or be assured of the availability and integrity of services and information. Democratic processes and political institutions are at risk. Over the last years, cyberspace has become more and more closed, insecure and more fractioned. Malicious cyber activities, such as disinformation campaigns have been used as instruments to meddle in open societies and weaken political processes and institutions, thereby undermining people’s trust in democratic outcomes. The malicious use of ICTs targeting critical infrastructures in small medium sized enterprises. Malicious cyber activities directly carried out against critical infrastructures can cause severe damage and have a negative impact on the functioning of essential services, such as health care. The COVID-19 pandemic has illustrated how vulnerable our societies are and how dependent we are on the function of critical infrastructures. While the healthcare sector has already been subjected to cyber malicious activities for awhile malicious actors have taken advantage of this, of the global health crisis to target technologies on  which health care systems and providers rely. Small businesses are the backbone of the Swiss economy. Swiss small and medium sized enterprises have been subject to increasing surges of malicious cyber activities. Increasing connection of physical devices to the Internet leads to a heightened degree of interdependencies. These interdependencies increase the vulnerability towards cyber attacks. The vast expansion and diversification of connected devices multiplies the attack surfaces. Due to the interconnectivity and interdependence, we are concerned that an attack on a small and medium enterprise can potentially pose a threat to critical infrastructures. Cyberspace has also been increasingly used for the purpose of advancing national security interests, political and economic interests. Malicious cyber activities can have unintended effects on Switzerland and create unintended damage of particular concern or attacks on the supply chain as threat actors continue to develop techniques and tools to undermine and manipulate legitimate software. Ransomware, we’re observing an intensification of the threat in number and quality. Ransomware has become a persistent threat worldwide, including to Switzerland. In recent months, as in previous years, they have led to several service interruptions to critical infrastructure worldwide. In many cases, small and medium enterprises are also affected. Our group ought to focus on those criminal activities such as ransomware that could pose a threat to international peace and security. The source of the threat is not the technologies to be clear. Of course, they’re prone to vulnerabilities which in turn can be exploited for malicious purposes. At the heart of the problem lies, in our, view both state and non state actors’ behavior. They have been using cyberspace and ICT tools, techniques, tactics, procedures and capabilities for a range of malicious purposes. Our work should include the study of new technologies, such as the inter alia, quantum technologies, artificial intelligence and the Internet of Things, as the exploitation for malicious purposes could have severe negative effects on international peace and security. On your second question, on what capacities and structures are needed at the national level. I would like to mention some examples we see as necessary. A legal and political framework, laws, strategies, technical capacity, capacities, like Certs, forensic analysis, TTP intelligence, the capacity to analyze the threat landscape and to inform the decision makers about potential effects, motivates like sabotage or espionage, etc. Attribution that means the capacity to identify the perpetrator, means who, in order to assign responsibility. Public-Private Partnerships are in our view, very important, a strong collaboration with the private sector and academia, capacity to take countermeasures, like a legal framework to have this possibility, and of course, awareness raising, which is one of the first step one should take, like a programme on prevention and awareness raising on potential threats for different stakeholders in Switzerland, as we have it, and we call it profilux. The Open-ended Working Group can serve as a platform for exchange and good practices and experiences made at national and regional level. The Open-ended Working Group could organize dedicated meetings on specific threats as well as seminars, or workshops. Thank you, Mr. Chairman. 

Ambassador Gafoor 

Thank you very much, Switzerland. I’d like to call upon Nigeria the next speaker, but I’d like to announce the speakers list so far for topic one of Agenda Item five. Nigeria will be followed by The Czech Republic, Netherlands, Pakistan, Indonesia, Israel, Syrian Arab Republic, Germany, UK and Canada. So we start now with Nigeria, you have the floor, please.


Yeah, thank you, Mr. Chair. I’m considering that Nigeria is coming on board for the first time since we commenced on Monday, I wish to congratulate you for your appointment as the Chair of the Open-ended Working Group and assure you of Nigeria’s full support in helping to achieve the objectives of this committee. Mr. Chair, our resolve to embrace digital transformation is increasingly impacting almost every aspect of our lives, as countries of the world exploit its benefits to transform their economies and operations. Also, the cyberspace is fast evolving, dismantling barriers to commerce, security and alliances seamless communication across borders, for people to collaborate, and share information. Despite these gains, like several other countries across the globe, the growth and development of the cyberspace accompanied by significant and inherent challenges. Thus, the increasing dependence on the cyberspace comes with risk that threatens national security, impedes the peace and progressive use of cyberspace as well as the negative impact on critical infrastructure of nation states, whose operations are reliant on the ICT. It is also more worrisome on the increasing involvement of state actors in cyber attacks across the jurisdictions to the already existing threats associated with non-state actors. To this end, Nigeria shares the same views and agreed on the applicability of existing international laws in the cyberspace. We also fully support the call for advancement and operationalization of the 11 norms of responsible behavior in the cyberspace to address the current challenges in the domain. We also believe that the final report of the GGE precedent sets by the just concluded Open-ended Working Group should be a baseline to progress as well as the way forward for this OEWG because of the inclusive nature of participation, especially from relevant stakeholders. Mr. Chair, we want to assure you of our willingness to cooperate and collaborate in progressing our discussions in this committee. I would like to say that the cooperation that was facilitated by the United Kingdom in the implementation of the Commonwealth Cyber Declaration of 2018 had positive impact, and, I believe it was a success because of the attendant benefits. The success of the Commonwealth Cyber Declaration was because of the inclusiveness and wide stakeholder’s participation. Stakeholder participation was also enshrined in the recently reviewed Nigerian National Cybersecurity Policy and Strategy launched in February 2021, which is  widely accepted and currently being implemented. It’s also in this experience, that Nigeria supports your proposal of stakeholders participation. It should be welcomed and this participation should be well coordinated to allow members to make relevant input as appropriate, which will also be respected. On the potential threats in the cyberspace, state or non-state actors alike have continued to threaten and undermine the peace, peaceful use of technology for economic, social and national development. The rates of malicious attacks through ransomware and advanced persistent threats achieved through different means, have dominated the cyber domain for some time. There are also huge concerns on the terrorist use of Internet to facilitate terrorist recruitment, propaganda, terrorist recruitment propaganda against legitimate Government authority, and terrorist financing also constitute serious risks detrimental to national security of nation states. Cyber attacks on critical infrastructure and Critical Information Infrastructure by both state and non State actors have also huge negative impact on our national resources, influencing Democratic processes through compromise of election facilities are on the increase, thereby impeding progressive use of cyberspace for economic prosperity, or national development. The use of the dark web as a marketplace for the sale of malicious software, and other nefarious activities also worrisome. This must be viewed as a huge risks to achieving international peace and security. Compromise of supply chain on software’s and hardware vendors is also an important area to be considered. I want to reiterate and Nigeria is also concerned on the indiscriminate use of social media platform to propagate fake news, hate speech, and misinformation detrimental to public safety and national security. These platforms have been hijacked by non state actors, including terrorists to progress their criminality in cyberspace. Unfortunately, most of these social media companies are domiciled outside the judicial or some of some member states, thereby frustrating the effort of constant authority from protection of their citizens from negative impact of these challenges, which in some cases undermined sovereignty of member states. We therefore urge this committee to look closely on how to address these issues as a matter of urgency. In our view, robust Incident Management Framework, including operationalization of Computer Emergency Response Team, capacity building at different levels, multi stakeholder engagement, and the whole of society approach to implementation cyber security is vital to addressing some of these challenges. Localizing developed norms to ensure responsible behavior, as developed by previous committees is vital to addressing some of these challenges as well. Collaboration with stakeholders at every level within the States and, cooperation between member states is also very vital. Mr. Chair, let me remind us that COVID-19 has forced the migration of activities online. Most people work from home, and our children have to study from home as well, also using various online platforms. As a result, cyberbullying and other nefarious activities has also increased within the period. Hence, we have a responsibility in this meeting, to consider strongly the protection of young, the minors, the weak and the vulnerable online. Continuous sensitization and awareness on the vulnerabilities and mitigation measures to address these challenges are actually very, very vital. We want to turn the delegate that made a statement on Monday, from the European countries on the willingness to share their experience with other member countries, and the call for capacity building. This will greatly assist developing countries or countries with low capacity to meet up on demand of addressing array of challenges in the cyberspace. Mr. Chair, I also want to remind you that on Monday, you highlighted the issue of trust and confidentiality. As countries we have responsibility to our citizens, our countries, as well as our binding force as member states of this committee. It is also fair, and just to be considered in our discussions for a robust consensus agreement for the benefit of all member states. This is to ensure transparency, inclusiveness, democratic process, as well as to commence substantive sessions to further discussion of substantive sessions, which is to sustain the next discussions in the next five years. Thank you, Mr. Chair. 

Ambassador Gafoor 

Thank you very much, Nigeria for your statement and for your suggestions. I give the floor now to the Czech Republic. 

Czech Republic 

Thank you. Thank you, Mr. Chair. The Czech Republic aligns itself with the EU statement delivered today. We consider discussion on current and emerging threats to be increasingly important and we are sure that this trend will continue. It’s obvious that development of information, communication technologies improves our lives provided unprecedented opportunity for economic growth and increasingly constitute the backbone of our society. At the same time, there are serious risks and threats and we have to try to cope with them as well. Mr. Chair in my contribution I’d like to avoid providing you with a long list of rights. Instead, I would like to concentrate on a main concern of the Czech Republic. Those were not adequately reflected in the previous report of the Open-ended Working Group, so it’s important to reiterate it again today. First, the Czech Republic is increasingly concerned over the misuse of ICTs  to violate, surpress or undermine legally binding obligations that states have under international human rights law. This includes blocking of political content, internet shutdowns, mass surveillance, and adopting other similar technical measures or digital standards that aim to violate existing commitments of states to uphold freedom of expression, right to privacy and the right for peaceful association and assembly. The Czech Republic is strongly committed to upholding a human centric approach to cybersecurity. To us, this means first and foremost, ensuring that end users of ICT can have confidence in ICT products and services they use by guaranteeing the integrity, availability and confidentiality of data, by promoting ICT supply chain security and implementing security by design solutions, and by ensuring that cybersecurity measures are not used as a pretext for violating human rights in cyberspace. As for further threats with the advent of new technologies, artificial intelligence in particular, they must also ensure that all cybersecurity decisions will be made by humans, and that decision makers remain responsible and accountable for their decisions. New and emerging digital technologies can indeed work as enablers of rights and freedoms, but without appropriate safeguards, and respect for existing rules ICT technologies can also become tools of oppression and control, which could pose not only a serious threat to the safety and security of individuals, but also undermine the foundation of existing multilateral systems. The Czech Republic wishes to therefore stress that upholding the existing rule based international system in cyberspace is key to ensuring a future where all of us can reap the full benefits of information and communication technologies. The legally binding rules and principles that form the bedrock of existing multilateral system, be it the law of state responsibility, international humanitarian law or international law of, human rights must be upheld equally online and offline, and should underpin of all our future deliberation. In this context, The Czech Republic as a founding member of the foreign The Freedom Online Coalition would like to highlight the conclusion of the summit of the Freedom Online Coalition which took place in Helsinki beginning of December this year. Finally, I would like to echo our Swiss colleague in underlining the growing international threat of ransomware. Thank you. 

Ambassador Gafoor 

Thank you, Czech Republic, Netherlands to be followed by Pakistan. Netherlands please. 

The Netherlands 

Thank you chair. In our modern world, cyberspace has become a pillar of our society, bringing economic growth and social progress to our citizens. It increases access to information, knowledge and development allows for greater and faster innovation facilitates the free flow of new ideas, and opinions, and in a growing number of societies. It is a means for citizens to efficiently access essential services. These benefits are enhanced by the global open free and interoperable nature of the internet, which the international community should uphold and promote. However, The Netherlands is deeply concerned with the increase of malicious ICT activities in cyberspace and the misuse of ICT. Such activities have a direct impact on trust and increase the risk of escalation and conflict in cyberspace and beyond. In our national cybersecurity assessment, The Netherlands assesses that disruption and sabotage have the most impact on national security because of their potentially disruptive effects on society and well being of our citizens. This also includes theft of intellectual property. From The Netherlands’ perspective, aggressive and coercive ICT operations below the threshold of actual armed conflict, and ICT activities to prepare them are occurring more regularly and constitute an urgent challenge to international peace and security. Some examples of existing challenges and potential threats that the global community is facing include cyber operations against the integrity, functioning, and availability of the internet, as referred to in the acquis this technical infrastructure essential to the general availability or integrity of the internet or the public core was referred to on critical infrastructure in both the previous OEWG and GGE reports its norm 13 F. This technical infrastructure essential to the general functioning of the internet also needs protection against tendencies to control it in a way that would undermine the integrity or availability of the internet. We see these tendencies coming from a broad range of actors. In particular, the internet governance model, which is based on multistakeholder governance should in no way be undermined. The private sector, civil society, technical community and other stakeholders are indispensably connected to the functioning of the internet. Recent developments have also reaffirmed that operations against critical infrastructure more broadly are problematic and constitute a threat to international peace and security. In this context, we again highlight threats against, for example, the healthcare sector and electoral processes. In addition, new and emerging ICTs and their use in malicious cyber operations is an area of increasing concern. The OEWG should therefore not be blind to threats arising from new developments, and should stress that states should at all times respect the UN consensus framework in their use of such technologies. States experience different impacts by malicious ICT activity. Through its discussion, the Open-ended Working Group can help ensure capacity building is sensitive to these differences and increase states’ resilience. The national survey proposed by Australia, Mexico during the previous Open-ended Working Group could be helpful to in this regard, as it identifies potential gaps where capacity building can help. Chair, The Netherlands attaches great value to the agreed normative framework of responsible state behavior. The agreed norms especially via the additional layer of understanding developed in the GGE report provides useful suggestions to address threats. We can enhance the application of the framework by concrete implementation, for example, by regular institutional dialogues as the Programme of Action. Moreover, it should be stressed that voluntary non-binding norms are not non-committal in addressing existing and potential threats. We are convinced that building the capacities to implement the normative framework will significantly strengthen international peace and security and allow all states to enjoy the benefits of ICTs. It is up to responsible states to uphold the norms and address each other in case of non compliance. Chair, Finally, the Open-ended Working Group should adopt a human rights based approach when addressing threats. It has to be crystal clear that cybersecurity and human rights are not competing values or interests, but are interdependent and mutually reinforcing. Threats to cybersecurity are more often than not, also threats to human rights, examples, maybe privacy concerns arising from surveillance practices, as well as threats to the availability or integrity of the internet, which have implications for access to the Internet. In a growing number of societies no access to internet means no access to certain essential services. Any measures aimed at improving cybersecurity should be in full conformity with human rights law and comply with our international obligations deriving from it. Thank you. 

Ambassador Gafoor 

Thank you very much, Netherlands Pakistan to be followed by Indonesia, Pakistan, please. 


Thank you so much, Mr. Chairman. Information and communication technologies provide vast opportunities for social economic development and are increasingly growing in importance for the international community. However, there are disturbing trends in the global ICT environment, which include a significant increase in incidents involving the malicious use of ICTs by state and non-state actors. The diversity of malicious non-state actors, the different motives, speed, sophistication, and an anonimity associated with the malicious ICT action and the difficulty of attributing the source of an incident all increased risk. States are rightfully concerned about the danger of destabilizing misperceptions, the potential for conflict and the possibility of harm to the citizens, economy and national security. Transfer, replication, reproduction of malicious technologies pose a real threat as well. Stockpiling vulnerabilities in ICT system, and the potential threat posed by autonomous cyber operations that are capable of actively impersonating networks, and people further undermine security in the ICT environment. There exists real threat associated with the manipulation and theft of digital identity, private data, as well as targeted propaganda campaigns in ways that could undermine national economies and impair national security besides jeopardizing personal security of individuals. Threats in the global ICT environment also undermine full realization of the opportunities offered by emerging technologies like artificial intelligence, cloud computing, big data, Internet of Things, e-governance services, blockchain technology and digital finance. Mr. Chairman, harmful hidden functions embedded in ICTs is pose a threat to ICT supply chain, erode public trust in digital commerce and undermine national security and global development. Malicious use of ICTs thus impede social and economic development and progress towards the achievements of sustainable development goals, and in an increasingly interconnected world, varying levels of capacity for ICT security, among states can immensely increase and amplify vulnerability. Thus, the widening digital divide among countries and regions poses a serious threat in the global ICT environment. The use of digital technology can enable new pathways for intentionally false and misleading information to be created and amplified by states and non-state actors for political, ideological or commercial motives at an alarmingly growing scale. The spread of disinformation on online platforms, including on social media can be designed to spread racism, xenophobia, and incite all form of violence, intolerance, discrimination and hostility. The rapid spread and proliferation of disinformation as this necessitates the need to disseminate factual, timely, clear, accessible and evidence based information and require all relevant stakeholders to address the challenge of disinformation. In this regard, there is need to work with the United Nations systems, including the departments communication of the relevant agencies to counter proliferation of disinformation. Moreover, countering disinformation and hostile reports requires sustained efforts, international cooperation, multi dimensional and multi stakeholder responses that are consistent with international law, including humanitarian and rights law. Mr. Chairman, it is important that the business enterprises including online platforms and social media companies ensure that their commercial objectives do not undermine human rights, their business models and business operations, data collection data processing practices, and advertisement policies should be compliant with international human rights law. They must not allow the platform to be used for spreading disinformation which lead to discrimination and incitement to hatred, hostility walls and polarization. In light of increasingly concerning digital landscape, we believe that this group, can further discuss, develop and cooperative measures to address the existing and emerging threats in the sphere of ICTs. I thank you, Mr. Chair. 

Ambassador Gafoor 

Thank you very much Pakistan. Indonesia, please.


Mr. Chair, emerging technologies and rapid growth of digitalization provide myriad opportunities. However, its vulnerabilities can be exploited for malicious ICT activity. As one of the fastest growing digital economies in Southeast Asia, the issue of the security and stability of ICT environment remains an important priority for Indonesia. Last year, my country experienced more than 450 million cyber attacks. As for this year, during the period of January to August 2021 alone the number has almost doubled, as we experienced around 888 million attacks. Indonesia remains concerned about the increasing malicious uses of ICT and its serious impacts towards the maintenance of international peace and security. As people’s dependence on digital to increase, particularly during COVID-19 pandemic, international community is struggling to contend with the growing scope, scale and complexity of threats in the ICT environment, which poses risk to safety and well being of individual. We wish to underline that development in the field of ICT themselves do not represent a threat to international peace and security, but rather its responsible uses for non peaceful purposes. Moreover, Indonesia remains concerned over the development of ICT capabilities for purposes that undermine international peace and security and wishes to highlight the increasing development of ICT capabilities for military purposes by number of states, which may potentially trigger conflict escalation. Mr. Chair, we are of the view that perceptions of threats in the ICT environment are strongly influenced by different level of capabilities in each country, such as capacities to develop resilience, protect critical information infrastructure, identify threats, as well as respond to them in a timely manner, and also maturity level of the national policy related to the ICTs. We appreciate references regarding the protection of critical infrastructure or CI, particularly health and information facilities, in the means of pandemic situation in the 2019, 2021 or OEWG report. Protection of critical infrastructure requires comprehensive efforts from a technical, institutional, and policy perspectives. In our national capacity, Indonesia has identified our critical infrastructure classification, and integrated it to the national cyber strategy roadmap. We encourage all states to implement this approach in securing their critical infrastructure, thereby contributing to concerted efforts towards strengthening the safety and security of critical infrastructure in today’s interdependent and interconnected world. In this regard, the OEWG plays an important role in identifying various threats emanating from the activities of states and their proxies, as well as non state actors in the ICT environment. We also recognize the importance of inputs and views on this issue from other relevant stakeholders, especially regarding its technical aspects, and how stakeholders can help states in identify and understand the nature of threat from a practical standpoint. The OEWG can also encourage states to strengthen their institutional capacity, legal and policy frameworks, as well as technical capabilities according to their respective national priorities. As a concrete way forward, we propose that the OEWG may consider developing comprehensive guidelines covering aspects of prevention, protection, and countermeasures, either for data users and systems, which can be used as a reference in helping states better prepared in tackling threats in a sphere of information security, as well as assisting states in incorporating those guidelines into domestic policies. We also underline the importance of reference to an implementation of various previously agreed recommendations, including reports from the previous OEWG and GGEs. I thank you, Mr. Chair. 

Ambassador Gafoor 

Thank you very much, Indonesia. Israel you have the floor please. 


Thank you, Mr. Chair. In recent years, and very likely that in future years as well, cyber threats seem to reflect increased sophistication of malicious actors, stronger capacities and continued malicious attempts to attack high value targets. During the COVID-19 pandemic, Israel as many other countries, has gone online, remote work, e-learning, digital services, e-commerce, etc. This shift has increased the attack surface, thus exposing networks. In fact, according to international cyber security institute’s, Israel was among the most cyber attacked states in the world over the last year. Recently, Israel experienced cyber attacks aiming at critical infrastructure and essential systems. For example, the attack on a remote Israeli water facility, although not causing any real damage was indeed very alarming, not just to Israel, but to the whole free world, as it demonstrates rogue states’ and criminals’ determination to damage the most basic services to humankind, such as access to water. The recent ransomware attack on an Israeli hospital, like many similar attacks around the globe, including the WHO’s systems are yet another example of an infrastructure that should be protected from such malicious and irresponsible behavior. Israel experiences continuous malicious efforts to penetrate and damage its critical infrastructure. So far, to no avail due to the hard work, awareness and combined efforts of the government and the private sector. It is the functional continuity that is at stake. Mr. Chair, civil aviation is a global sector and we have seen a growing interest of rogue states and malicious cyber actors in the sector. The last pandemic has hurt the aviation sector, among other effects. It also deprived resources from cybersecurity investments. Israel has launched its national initiative to build aviation cyber resilience, and is working on that issue with other partners. We have recently led a multinational cybersecurity simulation together with the UAE and other countries to raise awareness and improve information sharing. Ransomware attacks have risen dramatically, both in numbers and sophistication, and governments need to accelerate the response and combine forces with the private sector. Cooperation shouldn’t stop there. This is a global threat that merits a global response in collaboration between agencies, cyber and law enforcement. States need to break the interagency and interstate silence and do it in a manner that balances human rights and law enforcement. Cybersecurity, privacy and law enforcement sometimes pull in different directions, and we need to come up with practical solutions consistent with human rights principles. Israel commends and takes part in the US-led multinational initiative to combat ransomware. The digital market is increasingly moving to service based models. Sometimes digital service providers such as the cloud platforms and web hosting servers are exploited by malicious actors to attack third parties. Basic steps such as, know your client practices by digital service provider could reduce these attack vectors. Mr Chair, looking to the future, one can foresee some new potential threats that may rise from emerging technologies. It may affect cybersecurity and the wellbeing of humanity, providing from one side new possibilities, but from the other side more opportunities for malicious actors using new tools to attack in cyberspace. The recent pandemic has indirectly led to the abundance of business and personal data, including biometric data, being stored online. Advanced Analytics are vastly improving what can be extracted from data. This combination raises alarm that such data might be misused, and should be guarded carefully by developing next generation data protection capabilities. Another tendency we should take into consideration is the combination between rogue state, criminal actors and terror organizations acting as proxies. Such tendency allows safe havens to criminals and cyber terrorists providing hacking as a service while being permitted to pursue their malicious activity serving their own interests. Mr. Chair, what more can be done? First, Israel suggests making our info sharing process faster and more efficient. Information sharing is the heart of cyber security and speed is of importance. Israel is now operating Cybernet, an efficient sharing system built for cyber professionals that allows a many to many sharing of relevant practical information. Israel launched this initiative that will allow cross country sharing of information, which also serves as a place where various applications and investigation tools are available to explore and mitigate attacks, preventing them from propagating the sector and market both domestically and internationally. Second, one of the most challenging threat vectors in cyber is via the supply chain. One weak link in the chain such as an under protected IT vendor or compromised component could end up becoming gateways for attackers. This is a multifaceted challenge, requiring careful coordination with the private sector in the building of international trust. The world has never been so interconnected, and we are only as strong as our weakest link. Israel implements methodology, a digital platform and a certification scheme for supply chain security, compliance officers in private corporations across border interoperability of this scheme could help build trust and greatly contribute to the cyber hygiene as an international mechanism. Third, the ICT companies should build more secure by design products, and push for security by default systems, meaning that the end user will get a safer version with less attack surface by default. To conclude, Mr. Chair, Israel stands ready to cooperate with other states on prevention and mitigation of risks and threats, aiming at building a stronger global resilience. Thank you. 

Ambassador Gafoor 

Thank you very much, Israel for your statement. I take this opportunity to remind all delegations to share your statement on the e-statements portal. I know that many delegations are making very detailed and thoughtful presentations, and I think it will be useful for all of us to have access to the text of the statements. So do upload your statements on the e-statements portal. Thank you very much. I give now the floor to the Syrian Arab Republic to be followed by Germany. Syria, you have the floor please. 


Thank you, Mr. Chair. Concerning existing and potential threats, we would like to make the following remarks. In the recent years, we have seen a great development in ICT. However, we’ve also seen a significant increase in existing and potential threats, whether emanating from countries or non-state actors, including, terrorist groups and organizations. Electronic weapons and attack systems are being developed. This technology can be used for military purposes. Cyberspace is being used to infringe upon the sovereignty of states or interfere in their internal affairs and destabilize them. In addition, the spread of terrorism, the recruitment of terrorists spreading misleading information and inciting to racism and xenophobia. This all leads to a deterioration of the social economic conditions. This constitutes a threat to international peace and security. ICT is being used for all these aforementioned purposes. In this context, we stress the need to address existing and potential threats and risks by enhancing the safety of data, including the transfer of data over boundaries, the protection of personal data and the protection of supply chains. We also stress the principle of equality of sovereign equality and the non-interference in an internal affairs and refraining from using force and settling disputes by peaceful means. These are important principles that I would like to stress. In conclusion, Mr. Chair, we must also put an end to unilateral coercive measures imposed by the United States and the European Union. These measures which are illegal, constitute an additional factor that contributes to the increase of these threats and risks that affect other countries. We are being deprived of advanced software and technological tools that would help us to contain and control cyber content. These illegal measures also reduce the chances of our countries to respond to these threats. Thank you, Mr. Chair. 

Ambassador Gafoor 

Thank you very much, Syria. I give now the floor to Germany to be followed by the UK. 


Thank you Chair. Germany’s fully aligned with the statement of the European Union on this item, and wishes to add a few remarks in a national capacity. Germany has witnessed an extreme rise in the number of cyberattacks over the last years, with enormous damages for our society and economy. The following data illustrates this picture 44,000 emails containing malware were detected in networks of the German government administration in only one year. The German Federal Office for Information Security describes the state of our national IT security, as tends to critical of particular concern to my government, have been hacking incidents, directed from abroad against German politicians ahead of our federal elections in September, thereby directly targeting our democratic processes. The German government has responded to this threat landscape by putting a new national cybersecurity strategy in place this year, which takes a comprehensive whole of government and whole of society approach. This strategy sets concrete goals, timelines, and controlling mechanism for improving national cyber resilience. Given the importance of regional cooperation, Germany has also contributed actively to the elaboration of the cybersecurity strategy of the European Union, as outlined in the intervention of the European Union yesterday. In reaction to the rise of cyber incidents originating from state actors, Germany has put in place this year a national mechanism that allows for the attribution of such cyber incidents. This mechanism contributes to building public awareness of existing cyber threats and defends the principles of the framework of responsible state behavior by publicly calling out malicious activities steered by states. How can this Open-ended Working Group focus its work in a way that effectively responds to the existing landscape of cyber threats, also, keeping in mind their constantly evolving nature and increasing Interplay we are seeing of cyber instruments with other dynamic technological developments, such as AI. Germany suggests putting a focus on cooperative measures, confidence building, and cybersecurity capacity building, and we look forward to elaborating these points further in the dedicated sessions later this week. Thank you. 

Ambassador Gafoor 

Thank you very much, Germany. I give now the floor to the UK to be followed by Canada. UK please. 

United Kingdom 

Thank you, Mr. Chair. Working together to understand the evolving nature of the threat of malicious cyber activity is crucial to setting the context in which we develop practical measures for international cooperation. Hostile activity against critical national infrastructure, and governments will always be one of states key concerns. Over the last 12 months, the UK is national cybersecurity center dealt with 777 significant national level incidents, up from 723 the previous year, with around 20% of organizations supported linked to the health sector and vaccines. The real world impact of such activity has been heightened as we have seen healthcare and public services disrupted and food and energy supplies affected. Where we want to focus primarily on the threat to governments and defense, we must now recognize the real world impact of irresponsible activity on the broader economy and society. That change must be matched in our response. The increasing scale and severity of ransomware attacks is one element, which heightens the risk to essential services or critical national infrastructure. In the UK, education has been among the top sectors targeted. We have seen local councils suffer significant disruption to public services was the ransomware attempt against the University of Oxford’s COVID-19 vaccine researchers have the potential to cause significant disruption to the UK is pandemic response. Such malicious activity affects not only our governments but our peoples. International cooperation against cybercrime is the focus of another UN process which movements not duplicate here. But this activity highlights the need to urgently focus on implementation of the existing norms, which hold solutions to parts of this challenge. In particular, those addressing critical national infrastructure are key here, as are those related to reasonable steps a state may take to address malicious activity emanating within their territory. This OEWG can and should ensure that coordinated capacity building serves as a force multiplier in the fight to minimize the ransomware threat, whilst also offering a response to states whenever they do not address the activities of cyber criminals within their territory. Mr. Chair, in the last 12 months, the compromise of the software company Solar Winds and the exploitation of Microsoft Exchange servers have again highlighted the threat from supply chain attacks. The UK considers these intrusions targeting less secure elements in the supply chain of the economic government and national security institutions extremely serious. The national security interest of states is not served by reckless use of capabilities, which, in the case of Microsoft exchange server left tens of thousands, of no organizations have no national security interest, needlessly and disproportionately impacted in the US alone, and we are further concerned by the increase in the use of ICTs in ways that are not in line with states’ human rights commitments. We will propose concrete actions on this issue under the upcoming norms discussion. Supporting states to develop the capacities and structures required at the national level to prevent, detect and respond to threats is a crucial element of this area OEWG’s work. Alongside facilitating this through supporting needs assessments, and the development of national strategies, the UK will also address the issue of incident management processes. Finally, Chair, we note the inclusion of data security in this section of the group’s mandate. This is not a term the UK uses or fully understands. So, we will listen carefully to what our Chinese colleagues have to say in due course, before we respond on this topic. Thank you. 

Ambassador Gafoor 

Thank you, UK. Canada, you have the floor please.


Thank you, Chair. Good morning colleagues. I’m pleased to take the floor to discuss the topic of threats. I’d like to start by answering your first question which was about examples of urgent and challenging threats that we face today. The first one that I will mention is the growing threats to critical infrastructure and the increased connectivity between systems. Another important one that several colleagues have talked about today is non-adherence to the norms of state behavior in cyberspace, and the third related one is ransomware. Ransomware is a growing cyber threat, that compromises the safety of Canadian citizens, as well as others in the international community. While it is criminal, it is also a threat to public safety and to national security. Worldwide, it poses a significant threat to the critical infrastructure and essential services on which citizens depend. It can even lead to physical injury or loss of life. Internationally, Canada works collaboratively with a number of partners to address ransomware by actively sharing lessons learned and, as appropriate, more closely aligning policies, activities, public messaging and industry engagements. I linked this topic to the GGE norms earlier because since ransomware is one of the most important threats that we face now, the way that we can potentially address it in this group is to tackle ransomware incidents that are at a high enough bar that it implicates states and we can use the norms potentially to address this. Three of the norms from the 2015 GGE report are on critical infrastructure, including the response ability to not allow malicious activity to emanate from your territory. So in this sense, I would associate with the UK and the need for us to all take additional measures to implement the norms of the 2015 GGE report, which were reaffirmed in the 2019 consensus reports of both the deep GGE and the OEWG. We can perhaps discuss this topic further during the discussion on norms. To finish answering your question, there are other future cyber threats that we could discuss in this group, including the massive growth of the Internet of Things, artificial intelligence and quantum computing. Just quickly to tackle your second question about what capacities and structures are needed at the national and international levels. I would say, there are many things that states could do. States should have national cybersecurity strategies, CERTs. States-ideally should have statements on how international law applies in cyberspace in their view. Canada is working on our statement, which we hope to publish soon. We also need to do better at capacity building, and sharing best practices and information to better protect ourselves and others. I would also like to associate with The Netherlands, when they mentioned the survey proposal that was made by Mexico and Australia. This is one that Canada supported as well. We intend on answering the questions in the survey in our next statement of Canada’s national views on cybersecurity, and we encourage others to do so as well. We can also expand further on capacity building in the agenda item on that particular issue. Thank you. 

Ambassador Gafoor 

Thank you very much, Canada. Denmark, you have the floor, please. 


Thank you, Mr. Chair. I’d like, first of all, I’d like to commend you for your resolve to find a solution on the modalities and Denmark is right behind you in that. On agenda item five, although it has been a truly remarkable year with the two consensus reports and a GA resolution, we have not experienced much improvement in the world outside the walls of the UN. It’s not that we expected that the OEWG or the GGE report to change the threat of malicious cyber activity at the moment at least. But I’m highlighting this because for each incident, countries are moving further from each other. This year alone, Denmark has in our national capacity, and through the EU, shared our deep concerns regarding malicious state sponsored activities such as the supply chain attack against Solar Winds, exploitation of zero days vulnerabilities, such as Microsoft exchange servers, and lately the Ghostwriter campaign attempting to interfere with democratic processes of certain EU member states. Such behavior is absolutely unacceptable and runs counter to this OEWG process. Moreover, the threat from cyber criminals are now among the absolute top concerns for our companies and tops the list of our national threat analysis. We’re even seeing ransomware as a service being offered by organizations harbored by states deeply involved in this process. This is in direct opposition to the norms of preventing misuse of ICT in your territory. Therefore, I call on the countries who is knowingly harboring these criminals to adhere to the principles of due diligence. On the issue of development of military capabilities and the concerns delivered by certain major countries have on this more than a little strange. Some of these countries are literally doing the equivalent of arms parading by burning off stockpiles zero days at public events, and so, I said this at the last week of the GGE and I’ll say it again, I think the train has left the station. Countries around the world are developing cyber capabilities for military purposes, or they’re buying it directly-from private companies. It is our opinion that the technology is not the problem, but it’s how a country chooses to use it. That is why we need transparency, for example, through the development of military doctrines. All that said, we still believe there’s very strong value in this OEWG process. That is why one of the initiative of our national cyber and information security strategy, which actually launched this morning, if anyone is interested there’s a promise from the government that we will engage even more in this processes. Thank you, Mr. Chair. 

Ambassador Gafoor 

Thank you, Denmark. Floor now to Chile please.


Our countries are today facing the serious threat of cyber attacks and malicious activities in cyberspace, which jeopardize critical infrastructure and the correct functioning of public and private institutions. The damaging incidents linked to information and communication technologies are increasingly frequent and sophisticated, and are constantly evolving and diversifying. Recently there has been an increase in malicious activities such as ransomware and the proliferation of non-state actors whose criminal activities have even jeopardized national security and states. It’s important to underscore that these actors are permanently changing their tactics and increasing the complexity of their methods, so as to benefit from the vulnerabilities detected. Therefore, the development of new technologies is an important aspect to consider in this debate, particularly because these can be used as powerful tools to develop new techniques and procedures for malicious attacks and activities. Chair, the threats we are facing can affect states differently depending on their level of digitalization, capacities, security and resilience in the context of information and communication technologies as well as their infrastructure and level of development. The threats can also affect different groups and entities in different ways. To counter these threats, states need to improve their capacities and generate structures and coordination plans not only at the level of government, but also by bolstering effective partnerships with civil society, the private sector and academia from a human rights focus. For this to happen, we require not only capacity, creation and development at human level, but also the development and acquisition of systems to prevent, detect, investigate and respond to these threats. Training and permanent capacity building is an essential necessity, as is also the ability to develop a culture of security in the field of information and communication technologies. In this way, the implementation of the existing framework of agreed upon measures in the previous reports of the Open-ended Working Group and the Group of Governmental Experts are fundamental in advancing the cybersecurity agenda. We currently have a number of international initiatives whose aim is to provide assistance in cooperation and capacity building, such as, for example, the Global Forum on Cyber Expertise, or the cyber security programme of the Inter American Committee Against Terrorism in the Organization of American States. In this regard, the OEWG can move towards recognizing the work of various international initiatives and work jointly with them. Chile therefore deems it fundamental for there to be constant coordination work with regional organizations who can cooperate and directly assist in establishing diagnoses of states needs and the threats that they are facing. Likewise, this Open-ended Working Group can help to bolster dialogue and inter regional cooperation by promoting cooperation between states, for example, through agreements or organising events and conferences, which help to increase understanding of the level and scope of these threats. In this regard, we deem it important to underscore the need to establish a line of work whose aim is to understand and identify the threats that we face not only as states but also as other stakeholders in society. Therefore, this Open-ended Working Group could recommend  conducting a study on this in coordination with regional organizations and other stakeholders or interested parties, thereby fostering cooperation and collaboration to counter the existing and potential threats in the domain of information security. Thank you very much. 

Ambassador Gafoor 

Thank you very much, Chile. To be followed by Brazil, Fiji, Malaysia, Costa Rica, France and Australia. These are the speakers I have at the moment for topic one of agenda item five. Brazil, you have the floor please.


Thank you, Mr. Chair. Brazil considers the malicious use of information and communication technologies one of the most complex challenges to international peace and security of our times. With the widespread use of these technologies, which permeate all aspects of our lives, we have become more vulnerable to the impacts of cyber operations. Therefore, as recognized by the previous OEWG report, without accompanying measures to ensure ICT security, increasing connectivity and relies on ICTs can bring unintended risks to our societies and threatens international instability. As pointed out by many delegations, we are especially concerned by the proliferation of malicious ICT activities against critical infrastructure and critical information infrastructure, which support essential public services. To address this threat, we believe that it is of paramount importance that states develop robust national systems in order to avert potential damage to their critical infrastructures. In Brazil, the protection of critical infrastructure-is addressed since 2008, in our national defense strategy. Additionally, in 2020, the Federal Government approved the national strategy on critical infrastructure security, a legislation that established an integrated approach that includes governmental bodies and private sector. We believe that an exchange of practices on how each country’s dealing with the protection of critical infrastructures and how are they acting to create resilience can be beneficial to the work of this group, in order to identify the best ways to mitigate the threats to this infrastructure, and to cooperate to build capacity on this front. Furthermore, since we recognize that interstate and public private cooperation may be necessary to protect the integrity, functioning and availability of critical infrastructure, we could use the interaction with the stakeholders to address this specific challenge. Mr. Chair, my country sees with great concern the growing malicious use of ICT by non state actors, the disruptive potential of these actors can not be minimize it, especially considering that some of them are capable to achieve ICT capabilities previously only available to states. Furthermore, it is of concern that these actors may used as proxies to governments or simply may claim that they are acting on behalf of a certain country. This scenario blurs our threat perceptions, leads to unexpected escalation, and makes an adequate diplomatic and political response increasingly difficult. Against this backdrop, we perceive the weaponization of ICTs as a pernicious trend that should be reverted or at least restrained not only by voluntary rules, norms and principles of responsible behavior, but also by a rather elaborated interpretation on how international law applies to cyberspace. A topic we are going to discuss further down the road, but one that carries great potential in the daunting task of lowering the risks brought by the possible use of cyberspace as a conflict arena. Thank you very much. 

Ambassador Gafoor 

Thank you very much, Brazil. I give now the floor to Malaysia to be followed by Costa Rica. Malaysia please. 


Thank you, Mr. Chair. Excellencies, distinguished delegates. I will start by noting that the transitioning of the world into industry 4.0 web technologies are the driver for this inevitable global social economic disruption are enabled by ICT’s and internet. While the social economic benefits brought by ICT and internet is real. The economy and strategic benefits of cyber attacks also increased significantly. The security threats and vulnerabilities are dynamic and cut across national boundaries given the global nature of the infrastructure. In recent days, we have seen the rise of conflict between states that escalated to cyber environment. This has increased frequency of highly sophisticated incidents  involving malicious use of ICT by state actor that have serious consequences to this aside for the geopolitical tensions. First, it will hinder the abilities of many states and societies to benefit from  these disruptive technologies. Secondly, this will further equip the criminals and terrorist group with more sophisticated tools and techniques that will make the malicious ICT activities more destructive. Crime as a service has taken significant leap forward with criminal further use advanced and complex tools, partnerships and collaborations that might make large organizations. Referring to the previous OEWG and GGE reports militia underscore that the existing and potential threats stated in both reports remains valid and significant. We are now dealing with unprecedented time of pandemic COVID-19. An adjustment that we need to make with regards to this pandemic on policies, best practices and procedures has changed now on how we operate. When pandemic COVID-19 happen procedures that were once considered well established need to be rewritten. Best practices need to be rethought and policies were stretched to the breaking point. Any devices or application connected to the Internet are susceptible to cybercrime. Most habitual methods of compromise are done to malware infections, insecure network connection and weak login credential for authentications. Attacks and exploits can occur when user clicks on a malicious link in an email, website or application advertisement. It can lead to various types of malware infection, suggest ransomware, trojans stealing credential, crypto mining malware that use up your computing resources, botnet that listens and respond to the command and control server and other rogue software that will scan the network to discover other vulnerabilities devices to be targeted. In complex cybercrime cases there are multiple actors involved in the malware distribution, the remote command and control as well as financial transaction. The crime scene so to speak, are spread across multiple end users devices, third party applications and cloud services which require speed and cooperation from various parties involved. Mr. Chair, some examples of urgent and challenging existing and potential threats are increasing phishing attacks primarily throughout the COVID-19 pandemic require a more concerted swift and effective measures by hosting provider and enforcement entities in blocking and take down malicious site at the level of hosting provider, especially those that affect the critical information Infrastructure, such as phishing and banking trojans targeting multiple banks, utilities and health sector. Second, supply chain attacks due to vulnerable application and with Internet of Things solutions that are rolled out to the market without due care given insecurity assurance, we are seeing more applications that by default, under basic package are vulnerable to attacks and require additional investment in security to make it secure for use. The third one is growing number of high profile ransomware attacks in 2021. At least, as mentioned by many delegates, ransomware has become a service that can be acquired. A collective thought and decision need to be made to determine the need to refrain from paying the ransom in order to prevent financing the organized crime. Mr. Chair, the main duty of state is and will always be able to defend the nation, its economy and prosperity as well as its citizen from threat and harm by internal and external factors, be it from cyberspace or otherwise. In the cyber environment it is-therefore pertinent for states to set rules, standards and expectation over all elements and stakeholder under his control and responsibility to ensure a safe and secure cyberspace. To be able to do that states need to have strategies that tackle the aspects of people,process and technology. People represent the need of knowledge, skills and expertise enhancement as well as capacity and capability building among the human capital of the digital era. Process covers the development and strengthening and implementation and maintenance of law, regulations, procedures and guidelines to effectively govern our cyberspace. Technologies covers the technology required for us to effectively implement cybersecurity measures. For that, our malicious cybersecurity strategy 2020- 2024 is a strategic document that we have outlined as key objective categorized into five strategic pillars that will govern all aspects of cybersecurity planning and implementation in Malaysia. The MCSS has been designed with a view to provide trust in cyber environment, not only for national security, but also to support the Government’s agenda in digital economy, industry 4.0 and adoptions of other disruptive technologies for malicious [unclear]. The vision of this strategy is to have a secure, trusted and resilient cyberspace while at the same time fostering economic prosperity and citizens well being and its mission to fortify the whole local capabilities to predict, deter and respond to cyber threat through structures, governance, competent people, support best practices, processes and deploy effective technology. MCSS introduced the whole nature of nation approach concept, where all the stakeholders are included in the national cybersecurity agenda. There is one pillar that solely looks into the focus of strengthening global cooperation in both the public and private sector, as well as establish strategic alliances with international partners and entities that share our vision. For this Malaysia is committed to promote an open, secure, stable assessible and peaceful ICT environment. The nature of internet today may contribute to the misperception, misinterpretation and misrepresentation of cyber attacks, cyber threat or cyber attacks, leading to potential escalation or tension between states. As such, it is imperative to instil trust and transparency between state to close international cooperation on cyber issues, and as well as to collaborate with trusted parties from international community. Capacity building and the act of operationalize the voluntary norm as part of national cybersecurity strategy will raise the baseline of global cybersecurity. Continuous effort with incremental improvement will instil trust of the commitment of states to the framework of responsible state behavior. Thank you, Mr. Chair. 

Ambassador Gafoor 

Thank you very much, Malaysia. I give the floor now to Costa Rica.

Costa Rica

Thank you very much Mr. Chair. Implementation is crucial to Costa Rica, we must start connecting threats and ICT incidents to the agreed upon norms. When talking about actions taken to mitigate threats, states, media and civil society should start making stronger connections to show what activity violates the various consensual norms, or which specific norms can help tackle common threats. For example, norm 13-C of the 2015 GGE confers an expectation that if states are aware of, or notified of malicious activity coming from their territory, they will take steps to detect, investigate and address the situation. Implementing this norm does not require that states monitor all ICT activity or they take other steps that contravene international human rights law, including the right to privacy. The spirit of this norm requires a real commitment among states to take action to address the undermining of the stability of side of cyberspace. It is about translating our words into action. Costa Rica is also deeply concerned by recent ransomware attacks carried out by private or non state actors, or spyware companies caught operating on a state’s territory. This requires action by that state to stop the malicious activity emanating from their territory in accordance with norm 13-C. Threats have differentiated impacts on people’s or groups facing marginalization or vulnerability because of their sexual orientation or gender identity, ethnicity, race, and other social cultural and hierarchies and age groups. More research and examination of the ways in which cyber threats have different intersections with existing social hierarchies, particularly the gender dimension, can help in designing policies that do not exacerbate existing gaps. Engagement with local civil society organizations can help make governments aware of the impacts of policies and threats on different segments of society. In general, cybersecurity discussions should not be limited to technical issues only, but should include these elements to ensure that in efforts to address ICT threats, states do not inadvertently inflict other types of harm, or further marginalize vulnerable groups. It is crucial for Costa Rica to ensure that efforts to combat ICT threats and improve cybersecurity are not made at the expense of human rights and the state’s obligations under international human rights law. Costa Rica takes note of a recent report published by UNIDIR on the connections between the first and third committee processes. Engagement across these processes can also help mainstream the normative framework towards efforts to address specific cyber threats, while also ensuring that international law, including human rights law, is adhered to. I thank you. 

Ambassador Gafoor 

Thank you very much, Costa Rica. I give the floor now to France.


Thank you, Mr. Chair, please allow me to first of all assure you that you have my delegation support as you’re trying to come up with an acceptable solution as regards the participation of other stakeholders in the deliberations of this process. Now, on the agenda item on existing and potential threats. Within the course of the UN discussion, states have long recognized that information communication technologies provide considerable opportunities for development and cooperation, but at the same time that their malicious use brings with it threatsfor international security and stability and the security of international individual states. We had in 1998 the foundational resolution 53/70 on ICT progress in the context of international security. It formulates this statement, and unfortunately, subsequent  events confirmed that. Since then, various working groups within the United Nations in this area have gone into greater depth on the malicious use of ICTs and tried to capture the rapid developments as technologies developed and their use spread. As we have in the conclusions of the previous OEWGs and GGEs these threats, in fact, continue worsening and diversifying. First of all, therefore, Mr. Chairman, the most serious threats, according to us consists of internet fragmentation, which would undermine the integrity of the network and seriously increase in the future the threat of international instability. Secondly, the report of the Open-ended Working Group and the Group of Governmental Experts also noted that states develop their capacities in the area of ITC, including for military purposes and the use of such capacities and future complex is something that becomes it’s becoming increasingly likely. Therefore, my delegation thinks that it’s necessary to continue our work in order to have a better in depth common understanding of the way international law, the UN Charter and international humanitarian law for example, apply to the use of ICT by the states. It is the international law after all, which governs the potential use of force by States be it to through the use of ICT’s or any other means, and it is therefore the international law that has to guide our efforts to preserve peace and security in cyberspace. The norms of responsible behavior do not replace international law, but they play a primordial essential role in introducing predictability and transparency in state and state behavior, and we therefore- are  ready to actively contribute to discussions aiming at clarify the understanding and facilitating the implementation of a normative framework within the international law, the norms of responsible behavior, and the relevant confidence building measures. Intensifying exchanges on the implementation of this normative framework is in the view of my delegation a number one cooperative measure in order to counter the threats that we are discussing. Next, the reports adopted by the Open-ended Working Group and the Group of Governmental Experts noted the catastrophic consequences that could results from attacks carried out including by non-state actors against critical infrastructure. One of the more alarming examples quoted by many a delegation here is, of course, a spread of ransomware attacks. They can target individuals, companies, government administration, but also critical infrastructure such as, for example, energy companies or hospitals. Now, given these threats,  it is in our interest to continue exchanges on the implementation of responsible behavior and norms, and also to disseminate best practices on how to designate and protect critical infrastructure and also specify the state of due diligence obligations in the face of malicious activity conducted by non state actors in their territory, and the discussion of this group could perhaps further consider the ways of how to better control the malicious cyber tools. Therefore, the use of offensive used by states, but also by companies today and by individuals tomorrow, perhaps is something that in the view of delegation warrants our special attention. Next, as was stated by the report, or the most recent one of the GGE, the increase in the threat also has to do with a spread of the surface of attack. In other words, the widespread use of ICTs in our everyday life, multiplies the risks and opportunities for malicious use. In addition to this spread of the surface of attack, it is also and especially the inadequate security level in the design of ICT products that could increase our collective exposure to the malicious use of the of the ICTs. The recent cyber attack cases have shown this scope of the damage that could result from the attacks which exploit the gaps in supply chains. These considerations means that we have to have greater cooperation with the private sector. In order to strengthen the security of supply chains and heighten the general resilience level of our networks. The previous Open-ended Working Group report in paragraph 22, correctly underlined the need to increase cooperation with the private sector, civil society, our research institutions and technicians so this cooperation can also be developed here. Mr. Chair, given the rapid development of ICT threats, keeping the agenda item on existing and potential threats on our agenda is extremely relevant and useful. This will allow us to over the five years of the whole process to continue updating our understanding of the challenges we face and to do it based on states’ analysis, but also on contributions from other stakeholders. I thank you. 

Ambassador Gafoor 

Thank you very much, France. There are four more speakers, Australia, Argentina, Fiji and Poland. It’s a happy situation that we have with so many delegations addressing topic one. I also would like to move us to topic two, which is the question of how we can further develop the rules, norms and principles of responsible behavior of states and the ways for the implementation, and if necessary to introduce changes to them or elaborate additional rules of behavior. So after the four speakers we will go straight to topic two, and I therefore also welcome indications of interest to comment on that topic. So we’ll start now with Australia. You have the floor please. 


Thank you, Chair, I take this opportunity to first thank you for your tireless and very considerable efforts to find a compromise on modalities and know that your proposal set out in the informal meeting last night has Australia’s full support. Turning to the threats issue that we are discussing today, I want to thank delegations for their nuanced enunciation of some of the threats that are faced in cyberspace, both currently and into the future, and in particular, those who have spoken on the emerging cyber threats to critical healthcare infrastructure, electoral processes, and the damage that ransomware is reaping across all sectors. I’ll be brief, and rather than talking about specific threats, I’d like to make two general points on this part of our agenda, and then take the opportunity to respond to some points that have been made by other delegations. First, we’re all aware that cyber threats faced by our global community is significant and growing, but this group is unique. It’s the only universal UN forum mandated to explore and address international security issues inside cyberspace. I encourage us all to recognize the significance of  that mandate. This group should focus on those threats, which could have serious implications for international peace and security. The threats that emanate from the malicious activity of states and their proxies, as noted by Indonesia, and threats that reach that threshold, due, for example, to their scope, severity, and impact, increasing the risk of escalation to conflict, and we are focusing on those threats unique to this mandate, and to this group, without losing sight of the links between our work and that work currently occurring in other fora across the UN, which I’ve heard is very important to many delegations. Secondly, I’d like to emphasize the value in creating a clear link between the existing and emerging threats that we’re identifying here today and throughout this process and the remainder of our work, discussing recommendations and proposals for responses and responsible use of technology through the application of international law, including international human rights law and international humanitarian law, norms, CBMs and capacity building. In doing so, Australia considers it important to take into account the human rights impacts of certain cyber threats, as was put very eloquently by Nigeria and Pakistan. The gendered impacts of malicious cyber activity, as was put by my colleague from Chile, that cyber threats to international peace and security can be context specific, and a difference in capacity can impact vulnerability to and the impact of malicious cyber activity, and that ICTs are not themselves a threat. It’s only when they used inconsistently with international peace and security, that they may pose a threat a technologically neutral approach to recommendations will future proof our work. Finally, a few delegations have raised an issue that I’d like to take this opportunity to respond to, and that is the military development of cyber capabilities. I align with Denmark’s remark, and particularly points made on transparency. Transparency breeds accountability, predictability, and stability. I want to emphasize that it’s not the technologies themselves that are of concern, it is their misuse. Just as many states are exploring economic development opportunities with these technologies, countries are also exploring military application of these technologies. Australia is of the view that it is legitimate for states to be exploring these possibilities, provided that it goes hand in hand with acknowledgement that states activities in cyberspace, are guided by the same rules that apply to military action in the physical world. If used responsibly, military cyber tools can have highly discriminant results with limited results on individuals and civilians. If used responsibly, they can be more discerning than kinetic weapons, and depending on the understanding of what responsible state behavior is, is indeed a focus of the work we have here. All military cyber operations must be conducted in accordance with international law and the norms that we have agreed here in the UN. This includes states binding UN charter obligations to peacefully settle disputes, and to refrain from using force in international relations. Australia has spoken publicly. What have we spoken publicly about? The benefits of IHL applying in cyberspace, but we should also consider the costs if IHL, international humanitarian law, were not to apply, hypothetically, were actually not to apply in cyberspace. Rather than discourage militarization of cyberspace. It could actually motivate parties to use cyber means and methods of warfare over traditional kinetic weapons. Faced with significant limits on the guns and the bombs and the tanks under IHL, states could place greater reliance on unregulated cyber tools that would achieve the same or worse destructive impact. We have differing views on the merits of military cyber capabilities, as expressed here today. The core concern, however, is the misuse of these technologies. I suggest to the extent that we consider this issue an existing and emerging threats of our mandate, it’s captured along the lines of noting the development of these capabilities and expressing concern about that misuse. Finally, I wanted to note with thanks the recognition of the survey of national implementation of our framework, which were proposed by Mexico and Australia, received significant support from many countries, in our last session of the OEWG and was included in the recommendations of OEWG 2021. I’ll speak to that further to that survey in my remarks under norms and CBMs. Thank you. 

Ambassador Gafoor 

Thank you very much, Australia. Argentina, please.


Good afternoon. Thank you Chair. We believe that analyzing existing and potential threats is one of the most important topics on our agenda. The correct analysis could ensure we make the right decisions. We wish to point out that based upon a renewed basis of analyses thanks to the consensual reports of the Open-ended Working Group, which was finalized at the beginning of this year, the use of information and communication technologies is essential for daily life, and the economic, political and social development of countries based upon human rights and the exercise of all rights. Maintaining free, open, safe and peaceful cyberspace is therefore essential for the use of ICT to the benefit of the international community. Unfortunately, there are always threats, the pandemic has accelerated and exacerbated the scope for attacks leading to greater challenges to states. One of the key aspects of the challenges of combating such threats is the fact that the virtual climate consists of various actors who can be anonymous, and have fictitious identities, and, due to the ubiquity of the web, it is always difficult to distinguish actors and their intentions. This can enter into conflict with other areas and endanger international stability. Therefore, one of those important challenges is preventing the maluse of ICTs generating into international instability. There are recurrent cases of misuse of the internet against critical infrastructure, and information infrastructure, which is crucial to states and these fall under recognized umbrellas, but are of an increasing concern. How to decrease such risks requires multiple actions, certainly by strengthening the responsible behavior of states and the framework for that better understanding of how international law works, increasing capacity, identifying critical infrastructures, cooperating with different stakeholders alongside mechanisms or ways of attributing responsibility under the auspices of the United Nations, all of these we believe will undoubtedly help to counter these challenges. The malicious use of ICTs for criminal ends is of increasing concern and a great challenge because this is increasingly complex and sophisticated in its methods Important national public organizations have suffered ransomware attacks with great impact. All of these incidents are worrisome because they decrease trust in the internet, and lead to increasing social and economic problems on both private and public sectors and also have repercussions on the least developed and most vulnerable sectors. These challenges require inter alia, greater synergy between the public and private sectors, particularly exchange of information on vulnerabilities, greater coordination between state authorities, increase in Human Resources capacity, better international cooperation, particular in judicial procedures and international judicial cooperation, and also an importantly, awareness raising among society. The increasing integration of technologies into the internet of the things artificial intelligence and quantum computing, whose peaceful uses based on all people would be all of enormous benefit for societies. But the malicious use of all these technologies leads to a real and increasing challenge for national authorities, which must be addressed. International cooperation and greater synergy between public and private are key to counter these challenges. We believe, Chair, that this working group is certainly the ideal platform to generate and facilitate the various actions which are being proposed. Thank you very much. 

Ambassador Gafoor 

Thank you very much, Argentina. Fiji you have the floor please. 


Thank you Chair, Good Morning, Chair, colleagues, and dear friends. Fiji, like our fellow member states congratulates the Chair on your appointment, and leadership in our first substantive meeting, especially through these challenging period of the pandemic. Our task is to equitably extend benefits of digital technology, while ensuring that the rights, values and principles championed by the United Nations are upheld among digital actors in online spaces. Digital technologies are evolving as we speak, bringing new challenges and changes every minute, which is why these efforts will require more flexible and fluid approach than this institution has ever pursued. The final OEWG report is a well considered foundation that must be expanded on with urgency over the next five years to ensure the United Nations maintains its place as the beating heart of global peace and security. But, for it to succeed, we must become as adept at change as the technology that is rapidly remaking and reshaping digital spaces. Fiji affirms that international law and the UN charter in its entirety applies in cyberspace. Tailoring our methods of enforcement into the online arena is our shared challenge today and always, Fiji is mindful of the groundwork that has been undertaken in the rounds of negotiations from 2004, which gave rise to the 2013 UN GGE, conclusion report stipulating the applicability of international law, including the United Nations charter, in cyberspace in which was re-emphasized in the 2015 UN GGE report and reaffirmed in the OEWG final consensus report in March. Chair, with regard to your guiding question on initiatives by states to ensuring ICT security. I would like to highlight that the Fijian Parliament passed the Cybercrime Act of 2021, which is aligned to the Budapest Convention against cybercrime. To harmonize the offense elements of cyber enabled crimes and adjust as the challenges which stem from the trans border collection of electronic evidence. Fiji has been invited by the Council of Europe to be a party to the Budapest convention. This approach lends predictability which lends stability which makes the harmonization of laws, a more effective tool for states to manage the use of ICT and confront cybercrime, and we also note that work is being undertaken by the Cybercrime ad hoc committee. We’re also working on the establishment of a national CSIRT, and we’re active members of the Pacific cybersecurity officials network, the Pacific Islands law offices network and the Pacific transnational crime network to name a few, and these are effective regional frameworks already in place. A person coming online for the first time today faces more threats than any other point in this technology’s short history. The International Telecommunications Union recently revealed that 2.9 billion people have never been part of the digital world. We cannot allow 2.9 billion people to be shut out from the opportunities of the digital economy, nor can we want only expose them in their private information to the risks of unregulated digital spaces. We have to extend the opportunity of connectivity to these communities by ensuring that there are online safe spaces that await them. In Fiji, we are committed to bridging the last digital divide by connecting the remaining 5% of Fijians without digital access and globally we support a concerted effort to extend digital technology to ensure that all people have equitable and safe access to cyberspace. Fiji joins other member states and affirming that international humanitarian law applies in cyberspace. We in no way sanction cyber warfare or a resort to conflict in any domain. As a small island developing state with a finite resources at our disposal, especially in the ICT space, Fiji knows how to create efficiency through innovation within existing international law and the voluntary non binding norms of responsible state behavior, and as one of the most climate vulnerable nations in the world, we’re particularly mindful of the urgency of ensuring that all ICT infrastructure is made to be climate resilient. In the face of a changing climate and a ramp up in cyber incidents, we cannot separate physical and digital security. Fiji has endured 13 cyclones in five years. It is not difficult to imagine a compounding crisis scenario with severe storm, destroying critical cyber infrastructure, crippling our increasingly digital economy and rendering us more vulnerable to cyber attacks. The private sector of course, plays a critical role in creating and deploying digital technologies, ensuring a safe cyber world is a shared or collective responsibility, and, if we are to achieve that vision, we all need to work together more closely than at any other time. Concerning confidence building measures underscored by capacity building, which addresses the questions outlined Chair in your letter, Fiji reaffirms that this is a crucial pillar that will empower all member states to independently develop their own views and can be a catalyst to the development of international law. We note that special consideration is needed to address the unique challenges faced by small island developing states with our limited resources, including personnel who can attend and participate in the various forums. Indeed, initiatives such as the women and international security in cyberspace fellowships, continues to make great strides, building capacity and increasing women participation. Small island developing states have fewer resources and lack economies of scale restricting our ability to attract investment from large ICT companies. We also pay higher costs in service delivery due to the disparate nature of our islands. The government has stepped in to bridge those costs, but these unique challenges should denote special attention. Fiji calls for continued engagement to tackle common challenges before us such as climate change, vaccine equity, the infodemic of disinformation, misinformation and malinformation and the future challenges that we may face, which may spawn from digital technology and which digital technology can help to solve. As always, Chair, Fiji stands ready to work with you, fellow member states and non-state stakeholders to deliver meaningful tangible progress towards the goal of an open, secure, stable, accessible and peaceful cyberspace.Thank you. 

Ambassador Gafoor 

Thank you very much Fiji for your statement, it’s very good to hear the voices of the smaller countries, especially small island developing states. I give now the floor to Poland. You have the floor please. 


Thank you, Chair. A lot of colleagues offered their views of which majority Poland shares. Austrailia summarized many of them very well, and thank you for that. So for the sake of time, I shall limit my interventions to only a few points. The development of new technologies, of which almost all depend on digital components, is faster than the development of national and particularly international efforts to mitigate threats related to cyber domain. Digitalization of almost every aspect of functioning of modern states and societies opens tremendous opportunities for enhancing our lives, but equally tremendous opportunities for attacking individuals, civil society, private sector, local and central governments or critical infrastructure. In this context, it’s worth noticing that definition of critical infrastructure changes and expands constantly. Now, it contains not only military installations, transportation or energy systems, but as COVID proved it may include health protection system, or medical research facilities. The range of types of malicious activities is constantly growing, and so is their complexity from single phishing, privacy violations, intellectual property stealing to complex attacks on critical infrastructure, or ransomware extortions for example. More often, such activities are becoming hybrid in their nature, where initial cyber attacks are used to steal data, and gain access to resources used later for conducting massive and complex disinformation campaigns. Many of such attacks are conducted very precisely under the threshold wall to avoid more active deterrence activities and responses. There are private actors, state organizations and their proxies involved in such malicious activities. Poland is a target of such attacks and malicious activities on a daily basis. Cyber enabled disinformation attacks are targeting Poland, Polish individuals, central and local government representatives, politicians, representatives of civil society, but also private sector industry, or academia etc. Their goal is to strain relations  with our neighbors, undermine trust into international organizations of which Poland is a member, damage- trust in public institutions and overall democratic system. Poland is constantly improving our national defense and protection capabilities both on the technical and structural and legal levels. However, enhancing our defense capabilities is also very much related to cooperation with our allies and partners. This important cybersecurity dimension is expanding, and we see closer cooperation both on technical and political levels within the European Union. Some examples were pointed out in the statement by the EU yesterday, In the context of the Open-ended Working Group works, Poland would like to expand some experiences and tools, elaborated both on our national and as well as our European levels, to the global level, to the benefit of all United Nations member states. As pointed in my statement within the general exchange of views, Poland sees a close connection between implementation of international law or norms, and capacity building or confidence building measures.It is very important, but it’s very difficult to implement norms or laws, if there is no instruments to do so. Many countries in the world still do not have operational cyber incident response teams to recognize an early stage attacks or malicious activities. They may not have necessary legislation, or no mechanism to take effective counteraction. Therefore, Poland, is very much focused on supporting capacity building activities. That’s why we also support, we’re initial co- sponsor of the Australia-Mexico project of survey of national implementation, to help to recognize the situation needs of the countries. Poland also supports Programme of Action as a complementary to the Open-ended Working Group process, focus on practical help and support in building necessary capabilities on sharing best practices coming out of the practice of other countries. On the importance of CBMs, we will be speaking under different points of agenda. So I stop here, and I thank you very much. 

Ambassador Gafoor 

Thank you very much, Poland. I’ve no more speakers, and I certainly do not intend to summarize the discussions we’ve had this morning, but just to say that all the remarks were very substantive with regard to topic, one, regarding existing and potential threats. Very substantive, detailed and thoughtful statements, and very specific ideas have been put forward. And I know that in the course of the interventions, although we were discussing topic one, several delegations also spoke about norms, as well as capacity building, and also some refer to international law. There’s no doubt that a lot of these issues are interrelated. But still, I think for the purposes of discussions, it’s good to go topic by topic. So I’d now like to invite comments from delegations with regard to topic two, which is rules, norms and principles of responsible behavior of states and the way for the implementation. So we’ll start with the speaker’s list, from now on. Colombia, Republic of Korea, European Union, starting with Colombia, you have the floor please.


Good afternoon, Chairman, thank you for giving you the floor. Colombia was intending to speak on the previous point. We believe that the development of technology is exponential, and it’s therefore impossible for us to exhaustively list all the existing and potential threats in the digital environment. Nevertheless, we draw attention particularly to those threats which jeopardize sovereignty, the economy, social cohesion, or in general terms, destabilization. We must be attentive to prepare for the malicious use, which generate, which affect critical infrastructure and essential services and this can affect peace and security within states and international security too. The recent developments of technology and an IT climate, which is increasingly complex provide instruments to malicious actors who which must be countered, adequately with full respect for the fundamental rights and freedoms in the context of international law, and the rule of law. Dissemination of false information is one of the most used tools and one of those most difficult to combat, as is the use of the dark web. In these cases, we must create synergies with the private sector, industry, civil society organizations, academia and the public sector to build resilience to these threats and to share and manage in a safe way critical information. To do this, capacity building is key for prevention and reaction to these cyber threats. We must ensure the generation of greater capacity, response capacity and greater cooperation as well. Thank you very much. 

Ambassador Gafoor 

Thank you very much, Colombia. Republic of Korea, followed by European Union. 

Republic of Korea 

Thank you, Mr. Chair. We also support your proposal on modalities, as we believe it shows a minimum requirement of transparency, and hope that this can settle the modalities for the stakeholder participation. Now, back to the topic 2, my delegation reaffirms the primary governance by international law of state actions in cyberspace, and the additional guidance by the voluntary non-binding norms. Yet the GGE agreed norms embody what is expected of every state in its behavior in cyberspace, and also determines whether such behavior is responsible or reprehensible. As my delegation stressed during the gender exchange of views, our firm focus should be placed on their implementation rather than their creation. A national survey, as recommended by the previous OEWG can serve as a starting point and stepping stone for their coherent and transparent implementation. The survey can include respective national experiences and good practices, or norm implementation. My government has drafted and made known its views and practices on norm implementation. In doing so, we found it helpful to compare other states’ notes, which in turn enabled us to learn better practices. This will be an evolving document to be further updated and additionally elaborated. Among those norms, the Republic of Korea would like to highlight the principle of due diligence, that states should not knowingly allow their territory to be used for internationally wrongful acts with the use of ICTs. As an elaboration on this norm, Korea has suggested a guidance note, as in the annex or previous OEWG report, providing for a procedure in which each state should take appropriate and reasonable steps to address the situation if it is aware of, or if notified of an internationally wrongful act. This can give a procedural clarity to the norm implementation, and strike a chord with Canada’s proposed guidance text and the proposal by Croatia, Finland, France and Slovenia, as mentioned in the same annex. My delegation again would like to call for your keen interest and attention in relation to this elaboration of due diligence as this norm is becoming increasingly important in addressing any transboundary incidents in an orderly manner, including ransome ware. Equally important is that we make express reference to these norms when we assess and judge any behavior in question. My delegation understands that the further development of norms can take place in parallel with norm implementation. However, our order of priority should be first the implementation of the agreed norms. Second, the clarification and elaboration of the norms and then only when inevitable, the creation of new norms. If we have to create a new norm at all, we have to caution ourselves against any temptation to politicize the process. I would like to recall that agreed norms were a result of expert driven process. Any attempt must be balanced, technically sound, pragmatic and result oriented, one with the experts input rather than leading to a polarizing debate. My last point is about the meaningful participation of multi-stakeholders, as the pandemic has told us partnership with civil society, academia and private sector is instrumental in effective implementation of these norms, especially when we underscore the need of whole society or government approach. We should listen to their views on norms and their implementation. I thank you, Mr. Chair. 

Ambassador Gafoor 

Thank you very much, Korea. European Union, please.

European Union

Thank you, Mr. Chair. First of all, let me thank you very much for all the efforts that you are undertaking with regards to the multistakeholder participation, and please let me state here that we support the informal proposal you have put forward, and we look forward to resolve this issue soon. I have the honor on this agenda item, indeed, as well to speak on behalf of the EU and its member states, the candidate countries Montenegro, the Republic of North Macedonia and Albania, the country of stabilasation and association process and potential candidate Bosnia Herzegovina as well as Ukraine, the Republic of Moldova and Georgia all align them with this statement. Being derived from international law, rules, norms and principles of responsible state behavior are key to maintaining international security and stability, and enhancing our common understanding about these rules, norms and principles and advancing our implementation should be at the core of our common efforts. Through these efforts, we will be able to reduce cyber threats allowing us to reap the benefits that cyberspace and in particular the internet provide. To achieve results and to address the urgent needs for security and stability in cyberspace, the EU and its member states believe that our discussions in the Open-ended Working Group should further invest in areas where consensus has been achieved. In accordance with the UN GGE reports and the final substantive report of the Open-ended Working Group. We should urgently invest in a practical implementation of the consensus recommendations that are provided. In this regard, the Open-ended Working Group could elaborate on and strengthen the 11 norms of responsible state behavior, in particular by enhancing the understanding of the implications that these norms of responsible state behavior imply. Such exchanges could allow clarifying the expectations that these norms sets and should offer insight in the best practices on how these norms could be put in practice. In addition, the discussions within the Open-ended Working Group could allow states to enhance global capacities in the area of implementation of norms, and to contribute to the National Survey of the implementation of the UN-GA resolution 70/37. The EU and its member states stand ready to elaborate on the implementation of the EU cybersecurity strategy and share its experience through capacity building efforts on the implementation of the UN framework for responsible state behavior in cyberspace. Since 2015, and the adoption of the 11 norms, the EU and its member states created a solid cybersecurity framework with at its core a network information and security directive that provided legal measures to boost the overall level of cybersecurity within the EU. It ensures as recommended in the United Nations Framework to EU member states preparedness by requiring them to be appropriately equipped. For example, this includes computer emergency response teams, a competent national authority, as well as public private cooperation. It also creates a culture of security across sectors that are vital for our economy and society and that they rely heavily on ICTs, such as energy, transport, water, banking, financial market, infrastructures, healthcare and digital infrastructure. Given the fast evolving cyber threat landscape, the cybersecurity strategy adopted in December 2020 addresses these new challenges, and a proposal for revised network and information security directive of the EU looks into improving cyber resilience and incident response capacities as well as public private cooperation and strengthens the competence authorities of the member states and the EU as a whole. The implementation of the United Nations framework for responsible state behavior through the development of cybersecurity legislation, the establishment of CSIRTs will allow us to completely an imminently advanced security instability in cyberspace. The EU and its member states look forward to work with states and other stakeholders to take this forward, and to include through dialogue, including on the possible Programme of Action as a permanent and inclusive platform in the United Nations to even further advance the work on implementation and capacity building of these measures. Thank you very much. 

Ambassador Gafoor 

Thank you EU, the floor now to Japan, please. 


Thank you Chair for giving me the floor. The 2015 and 2021 GGE reports mentioned 11 voluntary non-binding norms of responsible state behavior. These items were agreed by governmental experts as requiring the implementation, at least its norms, but they include items which affirm or relate to rights and obligations under international law. The inclusion of such norms among the 11 items does not mean that the rights and obligations and existing international law are not extinguished or altered. On the other hand, being compliant with the already established norms is essential for maintaining a stable cyberspace and establishment of a mutual trust. Therefore, it is obvious that the international community should put into practice the agreed norms adopted by consensus, at the UN General Assembly. In order to understand the status of the implementation by respective states, it is necessary to promote sharing of information by countries to the OEWG Secretariat more actively and easily. Specifically, setting a periodical submission and elaborating a format for submission will be necessary. Based on that, it is important to understand the status of each states’ practice prior to the meeting, then it states participate in the meeting. Regarding the refinement of already established norms, the OEWG should first aim to reconfirm the contents of the norms rules and principles for the responsible behavior of states section of the 2021 GGE report, which should be the basis of the discussion in the OEWG. It is desirable that once any areas that can be elaborated or identified, OEWG would start its elaborations. On the other hand, since the formulation of additional norms is expected to be not easy to reach consensus by all UN member states, OEWG is recommended to focus first on the implementation of the already agreed norms. As for the implementation of the norms, it is essential for Governments to establish their domestic systems and regulations. Moreover, implementation of those systems and regulations by multi stakeholders such as private companies, including critical infrastructure operators and NGOs, is important as well. It is also important to report and share necessary information to predetermine points of contact when an incident happens. Thank you, Chair. 

Ambassador Gafoor 

Thank you, Japan. Egypt, followed by the Russian Federation. Egypt, please. 


Thank you, Mr. Chair. I just wanted to express our appreciation to your efforts to find common ground amongst delegations and to reiterate our support to you, Chair and to the last proposal regarding the modalities of stakeholders. With regards to topic two, I just wanted to highlight that voluntary non-binding norms of responsible state behavior of ICT can reduce risks to international peace and security in the short term. Nevertheless, taking into consideration the unprecedented risk and the rapid technological development, there is a need to step up international efforts to develop rules on ICT security, consistent with international law, in order to sustain an open, secure, stable and peaceful ICT environment in the long term. Such rules must not limit or prohibit any action that is otherwise consistent with international law. However, they should set standards for responsible state behavior and prevent conflicts in the ICT environment, while avoiding any undue restrictions on peaceful uses of ICTs or hampering international cooperation or technology transfer. The elaboration of such rules would contribute to more cooperation and trust not only between governments, but also between governments and the private sector. Previously, GGE reports reflected consensus on norms for responsible state behavior in the security and use of ICTS. While we should also consider developing the agreed recommendations on the 2019- 2021 OEWG and the last GGE. As well as relevant regional endeavors also provide a wealth of possible practical measures that should be consolidated under the UN umbrella. The task before this Open-ended Working Group is to agree on recommendations on where the existing norms may be codified into practical binding rules that take into account the complexity and unique attributes of ICTs, as well as the differentiated technical capacities of member states. Furthermore, the principle of common but differentiated responsibilities in the ICT environment should represent a key element in guiding the ongoing efforts in this regard. Thank you, Mr. Chair. 

Ambassador Gafoor 

Thank you, Egypt. Russian Federation, please 


Mr. Chairman, distinguished colleagues, I would like to join in with those who express their gratitude to the Chair for his tireless efforts to continue the work within the substantive sessions. We do highly value his efforts and this is because we in turn think that the future work on rules, norms and principles of responsible behavior in cyberspace is a priority area for our joint efforts in line with a mandate of the Open-ended Working Group. We are convinced that there is a need to continue working on a comprehensive list of such rules, and this is because of the rapid technological progress and the development of ICTs. What we agreed upon in the past is not sufficient to fully regulate to this area. We therefore are surprised by the consistent opinion issued by some states when they talk that these rules have to be optional and optional only given the current conditions, where this is something that national security of states is dependent on. This is an egregious proposal. It’s similar to making sure that the traffic rules are optional, and voluntary. I think this only benefits those who are travel down roads in tanks. In other words, it only benefits those who are on the rule of the strong in all areas including ICT. Currently, to the contrary, an increasing number of international community and developing countries first and foremost are wondering about the need of making sure that there is an international legal regulation in the ICT. They think that international law should be adopted to this specific area of activity through having a compilation of general and mandatory rules of the game for one and all. In this regard, Russia therefore views the future scenario of our work as follows. In the short term, we think it would be desirable to have an overview of an existing list of rules we have enshrined in UN resolution 74/27 on the basis of their recommendations in the report of the GGE issue issued in 2015. Then undertake further efforts to broaden this list, this compilation. It’s also important to think about the prospects of enhancing the status and making universal the rules of responsible behavior, which are currently voluntary and non-mandatory. If we were to do this, we would lay the foundation of regulating both state and non-state actor behavior in the ICT area. It is our view that in this area as well as in the other areas of our mandate, the Open-ended Working Group will also take into account what has already been achieved in the past. The proposal coming in from the chairman of the working group number one contains the proposals from many countries on the rules, norms and principles of behavior, and considering these was considered to be desirable to continue in the future. We could also go to the experience gleaned by regional organizations in this area. Taking into account the fact that there is no universal legal regulation of the ICT sphere, the next step in the global discussion should be studying the possibility of working on the legally binding norms, and we have always spoken in favor of starting working on the legally binding norms on the behavior in cyberspace, and the content and the format of such norms is something that we suggested be worked out on the edges of the United Nations on many occasion, and we think that would be desirable to do this as quickly as possible. It is our view that this will be the foundation for a universal legally binding instrument, a convention on ensuring international cyber security, a mandatory binding convention, which could also be a guarantor of making sure that we have a stable and safe system in the world. And in order to move forward here, Russia could provide a relevant concept here. We think that a specific measure on implementing the rules of behavior is not going to provide us with the result we want, unless a list of rules or norms and principles of responsible behavior are made universal and mandatory in nature. Now, as we work on norms, we should also be looking at the possible ways of regulating the activity of the IT companies in the digital area. I thank you. 

Ambassador Gafoor 

Thank you, Russian Federation. I think we’ll take one more speaker and then we’ll have to adjourn for lunch and then come back at 3pm. So South Africa will be the last speaker for this morning, South Africa, you have the floor. 

South Africa 

Thank you Chairperson. On rules, norms and principles of responsible states behavior and theeir implementation, South Africa believes that voluntary norms add an additional layer of understanding to the applicability of international law in cyberspace and is therefore an important aspect of our work and outcomes. South Africa looks forward to the exchange of views on where member states may see the need for further development of rules, norms and principles for responsible state behavior. Chairperson, it may help our work to approach this discussion from the assumption that efforts towards implementing the current norms and of further development are not mutually exclusive. Having said that, we are also cognizant of the potential strain or difficulty of handling both the implementation of current and development of future norms in parallel and what this could have on our limited resources. Another point of departure that may assist our work is to agree that the further development of norms rules and principles should be understood as a process of evaluating, updating when necessary, and refining rather than seeking to develop a completely new set of norms. The latest first committee andd GA adopted resolution on developments in the field of information and telecommunications in the context of international security supports this understanding. It is our understanding that if the focus was to be solely on development of new norms, the impact of the international community’s efforts in addressing the fast emerging threats will be minimal. At a practical level, my delegation believes that it’s important for member states to document the implementation in a standardized template, so that gaps may be identified and addressed. For this reason, South Africa supports the use of the model of the National Survey of implementation of United Nations General Assembly resolution 70/237. Chairperson. As for national efforts, South Africa’s cybersecurity policy framework is aimed at creating a secure cyberspace environment and reinforcing the regulatory framework. Project information and infrastructure in cyberspace, reduce vulnerabilities, build capabilities to prevent and respond to attacks or threats and reduce damage from cyber incidents. We aim to achieve this, through structured and regular interdepartmental and interagency coordination and implementation according to the respective mandates. Coordination with the private sector forms an essential part of this work. Finally, Chairperson, my delegation appreciates some of the practical proposals that have been made in terms of implementation of rules, norms and principles, and we believe that the proposed Programme of Action on implementing the UN framework in this regard is one aspect of implementation that we can consider as an action oriented approach. We should go hand in hand with capacity building and strengthening our global response to security challenges. I thank you 

Ambassador Gafoor 

Thank you very much. South Africa. I have on my list Switzerland, Islamic Republic of Iran, Iraq, Netherlands and Mexico. So we will continue our discussions this afternoon at 3pm. On topic two, with the first speaker being Switzerland. The meeting is adjourned. Thank you very much. My apologies. To remind the meeting at 3pm is in the General Assembly Hall. We apologize that we are switching between rooms. I’m not sure which is a better arrangement 123 or GA Hall, but it’s a function of room availability. So we will be at General Assembly Hall at 3pm. Thank you very much.

Leave a Reply

Your email address will not be published. Required fields are marked *