Session 2-4 Transcript
(OEWG 2021-25)

This is an unofficial transcript

Ambassador Gafoor  

Good afternoon delegates. The fourth meeting of the second substantive session of the Open-Ended Working Group on the security of and the use of information and communication technologies 2021-2025, established pursuant to General Assembly resolution 75/240 of 31 December 2020, is now called to order. In accordance with the decision that we made earlier this afternoon, we will continue our discussions on substantive issues under agenda item five, and also in accordance with the decision we have made, we will continue to hear the list of speakers in an informal mode of the working group. I therefore suspend the formal meeting of the working group at this point and we will resume our speakers list in informal mode. The formal meeting is now suspended and we are now meeting in informal mode of the working group to continue with the speakers list. I now give the floor to the first speaker, Germany to be followed by France. Germany, please. Microphone, please. Microphone for Germany? Please, Germany. 


Thank you, honorable Chair, for giving me the floor. Germany’s fully aligned with the statement of the European Union and wishes to add the following points in a national capacity. Guarding cybersecurity in today’s interconnected world is the precondition for the functioning of our states, economies and societies. It is also the precondition for international peace and security. For this reason, it is important that this group also focuses on analyzing the current threat landscape. With regards to current threats, Germany seeing a wide range of cyber challenges to its national security originating from state and non-state actors. Threats can be categorized as targeting state interests, such as the protection of our democratic processes, the protection of government data, including that of our citizens. Private sector threats Germany’s experiencing include cyberattacks against critical infrastructure, economic espionage with a focus on high tech companies, as well as ransomware attacks. However, the most concerning current cyber threats for Germany are spillover effects from the cyberattacks which Russia continues to launch on Ukraine in the context of its war of aggression. What concerns us most is that we see these spillover effects causing disruption to critical infrastructure in Germany, most notably our energy sector. We have also seen a concerning wave of hacktivism in the context of the war in Ukraine, adding another level of risk and instability to our networks. We should be mindful of the interconnectedness of our digital world. The NotPetya attack has sent a warning call of how single major cyberattack can cause massive damage across continents. The current level of cyberattacks and hacktivism, seen in the context of Russia’s war against Ukraine, is clearly putting networks worldwide at risk. This makes it imperative for us in the Open-ended Working Group, as the central UN body dealing with cybersecurity and tasked with elaborating solutions to advance stability and security in cyberspace, to focus on the side effects of the war on Ukraine and the world community at large. In this volatile situation, and responding to the test guiding questions, Germany sees it as necessary to advance our discussions towards measures that allow states around the world to strengthen their national cybersecurity, be it via cybersecurity capacity building, sharing of best practices, or dedicated cybersecurity training. Confidence Building Measures can make a direct contribution to security and stability in this complex landscape, and are more relevant than eve in the fragile situation of international security we find ourselves in. Germany looks forward to sharing more thoughts on this particular item under the dedicated agenda point following late in the week. The UN and this Open-ended Working Group can play a role by promoting these cooperative measures, and by offering a platform for implementation as outlined by Under-Secretary-General Izumi Nakamitsu in her opening remarks yesterday. We look forward to defining this UN role more closely as part of the work of this group. In reacting to the statements made by other delegations, Germany welcomes the level of technical detail displayed by Malaysia in describing the evolving threat landscape as well as the encouraging information international cooperation shared by Jordan, and the update on national cybersecurity measures given by Iraq. Germany also welcomes the thoughts offered by the Republic of Korea on building an implementation architecture at the UN level. Finally, Germany wishes to make a request to the secretariat. In addition to the explanations given by the Chair, could the Secretariat circulate to member states information in writing on the implications of the informal mode of this meeting and what this means for the status of our contributions made during the session. Germany believes that this could offer additional reassurance to member states that the work done during this week is fully recognized and will be reflected in any report or outcome document of this Open-ended Working Group. Thank you. 

Ambassador Gafoor  

Thank you for the statement, Germany. I give the floor now to France.


Thank you, Chairman. My delegation fully supports the statement delivered by the European Union and additionally, in my national capacity, I’d like to submit some analysis to the group with regard to potential threats to cyberspace. We believe that understanding the way these threats are developing, and ensuring that our framework is always adapted, is one of the great responsibilities of the United Nations and of our work. And in that regard, I’d like you to concentrate on six threats, I’ll be brief. Firstly, the successive GGEs and the first OEWG in their final report, identified as a source of major concern the development of states of cyber capabilities, mainly military, and the possibility that this capacity could be used in contravention of international law. Recent events, and particularly the behavior of Russia and the informations that it has, shows that this concern was well-founded. In this regard, I’d like to make a brief comment. Before us, we have a war that’s very much cyber and, of course, we have to include in our reflections, what, unfortunately we can observe every day. And it’s for two days now, the Russian Federation has tried to present itself as a victim. I hope that we won’t have to listen to these denials all week, the illegal aggression against Ukraine. Everybody knows who the aggressor is. General Assembly has been very clear in unequivocally condemning it last March. With regard to media and social media in Russia, I heard talk about that this morning, everyone knows who’s the major censor here. I won’t go any further on that point, because it’s not our business to deal with that, but we do need to understand the evolution of the threat. In that regard, I note the huge cyber attacks and disinformation campaigns over recent months in Ukraine. That is a risk to security and stability of cyberspace, and particularly important, since the effects of those cyber attacks can cross over borders and affect other countries. Secondly, in the context of the current tensions, there’s another threat to international stability and that’s been underscored by many colleagues this morning and that has to do with the very many people involved, activists, they get involved in offensive cyber attacks and that increases confusion and the risk of escalation in the case of a conflict. This situation is very concerning, as indicated by the EU in their statement. We recall there, that in the EU countries intentional attacks on information systems are criminal acts that are treated accordingly. And in that regard, my delegation reaffirms the absolute need to respect international law that applies in cyberspace as it does elsewhere. We also reaffirm the importance of good implementation by states of responsible behavior norms, particularly with regard to due diligence. To prevent the propagation of destabilizing cyber activities and prevent them from happening in the first place, the Open-ended Working Group, according to the wishes that you expressed Chairman offers a useful forum for states to have an exchange on their efforts and their good practices in this regard. Thirdly, during our exchanges in December, a number of delegations quite rightly mentioned amongst the most pressing threats, attacks against critical infrastructure. Even attacks by private actors for criminal purposes, using ransom software, for example, they can have huge effects in terms of national security and international security when they affect infrastructure delivering essential services, for example, in the area of energy and health. I would add that we have very many indications showing that these criminal groups can sometimes be backdoor influenced by states, and one of those states has helped us to see how this can work. To face this threat various areas of cooperation can be explored. The intensification of exchanges on threats and best practices in the area of protecting critical infrastructure in the Open-ended Working Group provides a good forum for these kinds of exchanges. In the future, the United Nations could think about formats for discussion that could involve technical experts, as needed, the world of research, and private actors, in order to have a regular exchange on the development of threats, and the challenges relating to the protection of critical infrastructure. The organization of these exchanges could be part of a possible Program of Action. Accompanying states in implementing norms and recommendations with regard to protecting critical infrastructure, international cooperation activities, particularly in the area of capacity strengthening, could help states in their efforts that they deploy to identify their critical infrastructure and to nationally implement adequate legislation, as well as teams to respond to incidents (CSIRTS). And here, once again, a Program of Action could make this work easier. Finally, cooperation with private sector actors, they have the responsibility to run their critical infrastructure, that sort of cooperation should be encouraged to adopt best practices in the area of resilience, but also to share in a timely way information on incidents and who the victims are. And in France, those that operate a critical infrastructure have to provide all of this information to the authorities on any attacks that they may have suffered. Four, my delegation would like to stress the threat to international security of giving easy access to malevolent software. The Open-ended Working Group can be the means of trying to prevent the dissemination of these kinds of tools or certainly legislate on that. Five, another major threat that you mentioned, Mr Chairman, in your summary of our December exchanges, relates to the vulnerability of certain ICT products. That threat is made worse by an increased surface area of attacks. Namely, the increasing use of ICT in everyday life in that area as well. Cooperation with the private sector I think would be very useful to make the public aware of cyber hygiene practices and also to examine the standard tools, such as certification and regulations that could improve the security of the supply chain, and through that, globally, increase the resilience of our infrastructures.  Finally, six, my delegation would like to draw the attention of the group to the threats relating to the free and interoperable nature of cyberspace. In the context of the international attention that we’re seeing this we could see an increasing siloing of cyberspace and the networks that, that includes, including at the very deepest levels. I, myself, am on several Internet governance bodies, and as I am aware, there’s never been a sanction with regard to states accessing deep levels of the internet. But this temptation is discussed increasingly, and it’s very dangerous. This fragmentation brings with it risks not just for the respect of human rights, the free circulation of information, and economic growth, but increasingly for international stability. Indeed, if we have several different internets, states might decide to engage in malevolent activities if they feel they could do this, by protecting a precarious internet and having another one in addition to that, our group should take account of this and it should lead us to redouble our efforts to preserve the architecture of a free cyberspace that is singular, open, stable, safe, and universally accessible. Thank you very much. The interpreters would appreciate texts please, thank you.


Thank you, very much, France. I give now the floor to the observer organization of the ICRC, which had asked for the floor, to be followed by Timor-Leste. ICRC, please.


Mr Chair, excellencies and ladies and gentlemen. The International Committee of the Red Cross is grateful for the opportunity to participate in the second session of the Open-ended Working Group. We take the floor in this segment on existing and potential threats to alert delegations to a growing threat of cyber operation against humanitarian organizations. We call on you, states, to take cooperative measures to prevent such threats and to ensure that humanitarian organizations are protected online, as they are offline. Since the beginning of 2022, the ICRC has been the victim of several hostile cyber operations. More concerningly, in January, we discovered that a server hosting the personal information of more than 500,000 people receive humanitarian services from the Red Cross and Red Cross Movement were compromised through a cyber operation that led to a data breach. While this is a shock it was not a unique occurrence. Over the past years, several international and  humanitarian organizations have been the victim of hostile cyber operations. If cyber operations target humanitarian organizations, there is causing severe consequences for the people we serve. Concretely, the cyber operation against our server breached the personal data of missing people and their families of unaccompanied and separated children of detainees, and of other people receiving humanitarian services. If in the long run this data could be misused to harm particularly vulnerable people. Moreover, the recent data breach forced us to take the compromised system offline, severely limiting our humanitarian services during this period. Every day, the Red Cross and Red Cross Movement helps reunite 12 people with their families and thus, every day during which these activities are disrupted prolongs the distress. Cyber operation also risks weakening the trust of people and parties to armed conflict that we depend on, which in turn affect our access and operation in humanitarian emergencies. A loss of trust can also pose a risk to the security of our staff. Digital threats to humanitarian organizations risk unsettling a long-standing consensus on the need for, and protection of, impartial humanitarian activities. The service provided by the ICRC, the wider Red Cross and Red Cross Movement and of the other humanitarian organizations are critical for vulnerable people and accepted by states and parties to armed conflict. For example, the Geneva Convention of Unarmed Movements statutes, which are agreed to by all states, mandate the ICRC to assist and to protect persons affected by armed conflict, and other situation of violence. This global consensus on the need and protection of humanitarian action must prevail in the digital age. For several years, the ICRC has emphasised the imperative that humanitarian data and digital infrastructure be protected against digital threats. We have recalled that international humanitarian law requires all parties to armed conflict to law and facilitate humanitarian activities and that humanitarian staff and relief consignment must be respected and protected. Such protection is not only needed in the context of armed conflict, but it is also essential during natural disasters and other emergencies. Humanitarian actions need protection in the physical world and in the global information environment on which our action relies. As states in the group of friends of the protection of civilian population put it aptly, I quote, “the trust of the people they serve is the currency of the humanitarian organization. The trust is a precondition for humanitarian action, therefore, we, as Member States must create an environment including a safe information infrastructure that allows humanitarian organization to successfully carry out their mandate.” End of quote. We urgently call on you, the states, to reaffirm that humanitarian organization, their staff, and humanitarian data must never be targeted, be in the physical or in the digital world. We are seeking a conversation to ensure that international, legal and other normative frameworks adequately protect humanitarian organizations from the negative secondary effect of the digital transformation. And we also invite you to support efforts of the humanitarian community to ensure the best possible protection against digital threats. We need your help, and we need the help of tech company, academia, and other experts. We cannot do this alone. It is our collective responsibility. Thank you. 

Ambassador Gafoor  

Thank you very much for your statement. Delegates, we have more than 20 speakers and of course, the time is passing, and I have been reluctant to impose a time limit because I do recognize that delegations have come with very prepared and thoughtful statements but I would encourage each one of you to be as succinct as possible and summarize, if possible, the key elements of your statement. And of course, you can choose to upload your statements on the e-delegates portal, and also circulate your statements to all delegations, and also to the office of the Chair. I would appreciate very much if delegations could kindly be as summarised as possible in your statements. I now give the floor to Timor-Leste, to be followed by the Syrian Arab Republic. Timor-Leste please. 


Mr Chair, Timor-Leste aligns itself with the statement made on behalf of NAM and supports strongly the working group’s role in addressing the security in use of information and telecommunication technology. As a small state Timor-Leste acknowledged both the benefit and the threat of the ICT to nation-building processes and the development process of the country in different sectors of the society. Timor-Leste does believe that as set forth for in United Nation charter maintenance of peace and security based on respect of national sovereignty of all its members will include the operation and regulation of the peaceful use of ICT. Given the rapid change and development of information technology, cooperation among states promote development and efficient separation of Information Technology facilities is crucial to protect states from future threats. It is desperately needed to have a mechanism that can promote technical assistance to these developed and developing states in this field. Under this, it is also important to have, at the global level, a common broad approach to address the issues. Mr Chair, Timor-Leste believes that the work of the Open-ended Working Group will then be beneficial with the substantive, inclusive and transparent process. In the sense that discussion must also include the applicability of an international law, international humanitarian to cyberspace and the use of information and communication technology. Furthermore, it is important to involve the relevant stakeholders such as civil society, academia and private sector, the civilian players of the industry, of the information and communication technology as they provide the necessary expertise to ensure inclusivity and transparency. Nevertheless, it always important to maintain the intergovernmental process of this process. Mr Chair, data sharing, control and technical cooperation are important, due to the implication of the malicious use of the ICTs in the maintenance of international peace and security in the defense of human rights and development. Malicious ICT activities against critical information infrastructures may and will undermine public trust and confidence in the political and electoral process, and in a public institutions. In this regard, what the OEWG may consider is addressing the international measure through a comprehensive approach to build a global culture of cybersecurity in the maintenance of international security. Other issues or threats such as misinformation and disinformation, malicious cyber activities are some of the main issues that small states and developing states such as Timor-Leste has concerns with. Timor-Leste views that cyberspace requires addressing the regulation of technology, [unclear] of that share. That given the cross-cutting nature and the impact of cybersecurity, the biggest challenge for developing countries like Timor-Leste is the proper coordination between relevant authorities and the lack of skill at the technical level. At the regional level, since 2018, Timor-Leste has participated in the initiative to reduce risk conflict stemming from the use of ICT through the Asian Regional Forum on the open-ended study group on confidence-building measures, which brought together a member of the ASEAN, and several other leading state in cyber technology. This is an example of how smaller states like Timor-Leste have benefited from regional or international cooperation. The Government of Timor-Leste has recently established a national Institution for Information, Communication and Technology, a body developed for the implementation of ICT policy, application and services for the government of Timor-Leste, both at the national and local levels. This body is under the tutelage of the Office of the Prime Minister. Among its missions, the body provides advisory support to government and public entities in ICT, information systems, electronic transactions and security, including the dissemination of approved laws and legislation. Given its recent creation, we acknowledge the need to have a system from different players in this field. In this regard, Timor-Leste has supported the creation of Program of Action, as an action-oriented form of institutional dialogue that would deal with capacity building and regularly shared actual efforts between state to its designated focal point and through the provision of periodical reviews. Thus, the POA can further be used as a starting point in addressing the implementation of states’ norms and behaviors inside cyberspace. And under this POA, the designation of a national focal point of contact will be beneficial to all particularly on the sharing of, for example, how various members have established assigned function to staff their point of contact. I thank you, Mr President. 

Ambassador Gafoor  

Thank you very much. I now give the floor to Syrian Arab Republic, please.


Thank you, Mr Chair. Thank you. First of all, we would like to thank you for the concerted efforts that have been made during the first substantive session but also in the context of this session. We are grateful for the flexibility with which you are steering the work of this group. We align ourselves with the statement of the Non-Aligned Movement delivered by the distinguished representative of Indonesia, concerning the risks that are posed or could arise in the sphere of digital security. We’d like to make the following remarks in our national capacity. I will be brief in accordance with your request, Mr Chair. Risks in the sphere of digital security are related to the development of cyber weapons which are currently being used for military and criminal purposes. For example, we are seeing the use of cyberspace to violate the sovereignty of states and interfere in internal affairs, but also to destabilize states. Cyberspace is also being used for terrorist purposes, and in order to recruit terrorists, as well as to spread hate speech and intolerance. All of this leads to violence and to destabilization as well as setting back our various economic and social systems, which constitutes a threat to international peace and security. In this context, we stress the need to combat these risks, which exist or could exist by strengthening data security, including cross-border data, as well as protecting supply chains, and the protection of personal data and ensuring their confidentiality. Technologies cannot be used for illegal purposes. That is why we must work in order to protect the peaceful aspect of these technologies, and this should not be to the detriment of scientific research. For that reason, we need to strengthen the responsible behavior of states in cyberspace by finding a balance between security on the one hand and development on the other. Lastly, Mr Chair, developing states and the least developed countries face greater challenges when it comes to information and communication technologies, and the risks of cybercrime are greater for those countries. Equally, unilateral, coercive measures imposed upon a number of countries, including my own, have an impact which is particularly harmful. We have very little access to software and very little access to the technology that we would need to control certain content in cyberspace, which allows some criminal groups to abuse these technologies and means that we are unable to control that. That is why we call for an end to these unilateral, coercive measures quickly and unconditionally. Thank you, Mr Chair. 

Ambassador Gafoor  

Thank you for the statement. I now give the floor to Brazil, to be followed by Botswana. Brazil. 


Thank you, Mr. Chairman. My delegation would like to thank you for enabling the start today of this session’s substantive discussion, which we accept to be informal for now in the understanding that every statement made will be considered in the preparation of the report. Brazil believes that this working groups must adopt an evolutionary approach regarding the previous OEWG report, as well as the GGE reports of 2010, 13, 15 and 2021, which were also endorsed by the General Assembly. Therefore, we propose that our discussions be directed towards reaffirming, implementing and further advancing the acquis across all agenda items. Regarding potential and existing threats, member states have already acknowledged, among other aspects of the acquis, the following. First, that the process of digitalization brings together with great benefits and opportunities also great exposure and vulnerabilities to the malicious use of ICTs. Second, that harmful ICT incidents perpetrated by state and non-state actors are increasing in frequency, scope and sophistication and that this brings implications for the maintenance of international peace and security, and consequently for human rights and development. Third, among other aspects indicated in the first OEWG report, I would like to emphasize the paramount importance for Brazil of protecting critical infrastructure, including critical information infrastructure supporting essential services to the public, which include medical facilities, among others. The distinguished delegation of South Africa has made some interesting comments regarding the importance of critical infrastructure, which we support. Mr Chairman, this group must be mindful of the interlinkages between the different elements of its mandate to better prevent, detect, and respond to existing and potential threats states need to refrain from using their cyber capabilities in a way that may be inconsistent with our common objective of promoting an open, secure, stable, accessible and peaceful ICT environment as translated into the agreed framework of norms for responsible behavior of states. This is important in itself and also considering that, due to the unique characteristics of cyberspace, the impact of any given cyber operation may have unintended systemic and global effects. The discussion on threats is also connected to those on how to enhance cooperation between states, towards building confidence, capacities and a deeper common understanding on how international law applies to the use of ICTs by states. Mr Chairman, the conclusions and recommendations of the previous OEWG remain valid and useful for the challenges of today and of tomorrow. Building upon that, and considering the rapid evolution of the cyberspace, what the GGE has called the ever evolving properties and characteristics of emerging technologies, this OEWG can and should deepen, update and complement the diagnostics on threats. In doing so, we need to be mindful of the perspectives of developing countries, whom in their diversity share the common challenge of facing cyber threats while not having yet completed, or sometimes even advanced on, their digital transformations. Inequalities between and within countries are as real in the cyber domain as they are in the physical one. The digital divide is as real for cyber capabilities, as it is regarding broader access to ICTs, an issue that member states discuss in other tracks of the UN. The statement made in this regard by the distinguished delegation of India has properly pointed out this mismatch between capacities as well as the need for exchanging information between incident response teams, and for improving cyber hygiene as first steps. We believe that those basic measures are crucial to elevating the general level of resilience against cyber threats. The differentiated experiences of and impact on countries were acknowledged by the previous OEWG, and this group should further elaborate on this topic. Developing countries’ initial or maturing capabilities regarding cybersecurity should not be taken for granted, nor portrayed exclusively through the lenses of the so-called weakest links on the security chain, but instead supported in their own merit, needs and priorities. I would like to make some comments on your guiding questions regarding Brazilian efforts to improve its general cybersecurity, but I will leave that to the portal of statements. I would just like to say that we are open to discuss our experiences and lessons learned bi-laterally with countries and also through any UN efforts, such as the survey on national implementation and others. Thank you, Mr Chair. 

Ambassador Gafoor  

Thank you very much, Brazil. I now give the floor to Botswana. 


Thank you Chair. As a developing country, Botswana faces a fast-evolving array of digital threats and risks from espionage, critical infrastructural sabotage, organized crime, misinformation, fraud through social engineering and many others. We know from the discussions that these threats are not unique to Botswana, but are experienced by other nations. For Botswana, the threats that have materialized have had debilitating effect on some of our critical national infrastructure and many of these have emanated from outside our borders. We believe in this regard that cybersecurity is key to protecting our critical infrastructure, and protecting the people of Botswana. Botswana suggests that capacity building as one of the dimensions of cybersecurity is essential, and efforts in this regard need to be ramped up at global level, and in particular, to assist the developing countries with necessary support to fortify their efforts. Chair, Botswana believes that collaboration and cooperation among states are essential, and we, therefore, believe frameworks for such collaboration need to be encouraged and fortified. States should work together through these frameworks and forums for mutual benefit. This will assist states to tackle attacks on their critical national infrastructure and data security, states must at national level, be seen to take all necessary steps possible to discourage non-state actors from committing the misuse of ICTs, commission of terrorism and noting that the disruptive and otherwise destabilizing cyber incidents sponsored by states cause human suffering. The COVID-19 pandemic has accelerated digitalization around the world, but as life shifts increasingly online cybercriminals have exploited the opportunity to attack vital digital infrastructure. In Botswana, where digital capacity continues to lag behind, we are opposed to the risk of being a target for cybercriminals with costly consequences. The OEWG platform helps us with perspectives on how to drive our public policies on the security of, and in the use of ICTs. We therefore would like states to view this OEWG forum in the same manner, that is, it is a forum for vulnerable states to learn from, and that the work of the OEWG is beneficial and therefore encourage them to focus on this, most importantly. It is our view that it will assist us to establish a robust foundation for cyber resilience and security. We are currently going through a transition, a digital transformation that will see us actively participate in the fourth industrial revolution. One of our government’s priorities is digitalization and we are looking to do it right, by incorporating from inception, adequate policies, laws and regulations for the protection of critical national infrastructure in data, the protection of personal data of our people and combating cybercrime. Implementation of the national cybersecurity strategy is vital and establishing structures such as the CSIRT and centers of excellence, and they need to be expedited. Considering the evolving nature of threats and risks in the cyberspace, necessitates that we establish permanent forums for exchange of knowledge at policy and technical levels that will afford states to share best practices with regard to critical infrastructure protection. Security and data policy, national cyber security risk assessment, and cybersecurity drills are some of the efforts that we can take to protect critical national infrastructure. However, for developing states the issue of capacity and capability limit is of utmost concern. While capacity and capacity limits may not be viewed as potential threats in themselves, we are of the view that they are because without adequate capacity we will be exposed to threats and we will not have what it takes to prevent or counter them. One other concern we note as a potential threat in this field of information security is the prosecution of perpetrators and the presentation of electronic evidence before the court of law, considering the transporter nature of cybercrimes. It is our view that mutual legal assistance should have a priority to ensure that laws are not only proactive but are preventative and reactive to threats that materialize. Thank you, Chair. 

Ambassador Gafoor  

Thank you Botswana. I now give the floor to El Salvador, to be followed by Austria. El Salvador, please. El Salvador. Please, you have the floor.

El Salvador

Chairman, before beginning, we would like to thank you for your decided leadership, and we reiterate our preparedness to cooperate with you towards their common goals. My delegation thanks you for convening this second session, with regard to the agenda item under discussion, El Salvador would propose the following preventive measures and responses to threats already identified during our first round of discussions. Firstly, in the public sphere, with a view to reducing threats of ransomware and to promote data security, we would suggest cybersecurity capacity building for officials at all levels in order to ensure the safe use of ICTs, particularly within institutional systems. We understand that these threats are due to compromised, sensitive data, so a better knowledge of how systems, internal systems can become vulnerable could be key to addressing this vulnerability and making the information systems more responsible. Generally, we suggest that education campaigns are carried out on cybersecurity, focusing on risks associated with the use of ICTs in order to promote a responsible use of them, that will make it possible for citizens to fully enjoy them in the digital world. The aim is to promote good habits and responsibility in the use of ICTs. With regard to the protection of critical infrastructure, including critical infrastructure against current and potential threats, we suggest that norms be developed that will make it possible, initially, to classify national assets and strategies to then create strategies to defend them or protect them. There, it’s important to continue to work on how we can share best practices to protect critical infrastructure at all levels. The final goal will be to have a resilient cybersecurity architecture that will protect critical national infrastructure for the establishment and strengthening of national response teams to cyber incidents. That is a central element for sharing information on threats and incidents in real time. Regionally, the Organization of American States has provided technical assistance for the establishment of response centers to ICT events, and El Salvador has benefited from that technical assistance that’s personalized and it strengthens our national institutions in the area of cybersecurity. And finally, we recognize the importance of continuing discussions on potential threats, given that we understand that progress in ICTs is developing at a pace. Thank you. 

Ambassador Gafoor  

Thank you, El Salvador. Austria, to be followed by China. Austria, please. Please press the button. Thank you. 


Mr Chairman. First of all, Austria fully subscribes to the statement made by the European Union. I would like to make some additional comments and questions raised regarding threats. On the 4th of February, in the margin of the Olympic Winter Games, the Russian Federation and the People’s Republic of China, issued a joint statement on the broad range of issues of international relations including cyber. The statement reaffirms the strong support for the two sides to state sovereignty and territorial integrity. The statement also emphasized, and I quote, that “The principles of the non-use of force, respect for national sovereignty and fundamental human rights and freedoms and non-interference in the internal affairs of other states, as enshrined in the UN Charter, are applicable to the information space”, end of quote. In stark contrast to the statement of the 4th of February, we have witnessed the blatant violation of these key principles of a rules-based international order and of international law only a few weeks later. Russia’s military aggression against Ukraine is a flagrant violation of the UN Charter and international law, in particular the principles of sovereign equality, and the prohibition of the use of force. A major red line has been crossed putting the entire international order at risk. Both the General Assembly and the International Court of Justice have called on Russia to immediately cease its use of force against Ukraine to fully respect Ukraine’s territorial integrity, sovereignty, and independence within its internationally recognized borders, and to withdraw its military forces from the territory of Ukraine. The Russian delegate in the morning criticized restrictive measures taken against his country, including in the banking sector. It is important to note that these measures were taken in response to the Russian military aggression against a sovereign neighboring country and in support of these objectives of the international community. In the weeks and months before, and since the start of this military aggression, there have been many reports of state-sponsored cyberattacks against targets in Ukraine. These include intrusion attempts defacements and DDOS attacks targeting Ukraine, with spillover effects also into neighboring countries. Many have already mentioned the NotPetya cyber attack a few years ago, which targeted Ukraine and caused major damage and economic loss, not only there but also in many other countries around the world. Unfortunately, the Russian Federation has a track record of malicious state-sponsored cyber attacks against other states, and as a safe haven for cybercriminals, which cause serious damage to many individuals and companies in all parts of the world. In response, the EU and its member states have applied the cyber diplomacy toolbox, including the means of targeted sanctions. While Russia has been acting as the main sponsor of initiatives on cyber at the UN, both relating to cyber security, our group here but also on cybercrime, and is even proposing a legally binding instrument, Iit is a persistent violator of the existing UN framework of responsible state behavior and cyberspace and fundamental principles of international law, which are also applicable to cyberspace. Last year, we were hopeful that the important consensus reached in both the Open-ended Working Group and the UNGGE would lead to a change of behavior. But instead, we were confronted with a continued increase of cyber attacks undertaken by state and non-state actors, as well as an unprecedented level of cybercrime, in particular ransomware attacks. And they’re also clear reports and indications that the Russian Federation had further escalated the cyber dimension of the ongoing conflict. At this moment, in our view, this is the most serious threat in the field of information security. Thank you, Mr Chairman. 

Ambassador Gafoor  

Thank you, Austria. China, to be followed by Switzerland. China, please. 


Mr Chairman, thank you for giving me the floor. In his intervention, the delegate of Austria mentioned the joint statement by China and Russia on the question of Ukraine. At the Security Council and the emergency meeting of the GA, as well as on occasion, China has repeatedly made clear our position. China has been consistent and clear-cut on those issues, and our views and positions are above the board. With regard to information security, at yesterday’s meeting my delegation has fully elaborated on our principal position, which I will not repeat here. I would like to, however, reiterate a few key elements of our position. First of all, maintaining peace in cybersecurity is crucial. Peace has always been the top priority of China’s cybersecurity policy. I have taken note of the so-called peacetime notion, referred to by some colleagues. China is is against the dichotomy of peacetime vis a vis non-peacetime in cybersecurity, because this will send the wrong signal to the international community. Humanity does not need a new battlefield, a peaceful and tranquil cyberspace is in the interest of all states. Second, cybersecurity concerns the common security of all countries. Cyberspace is a community with a shared future where all countries share will and woe. All countries should give up zero-sum mentality and cold war mentality, cold war ideology, adopt a new security concept featuring mutual trust, mutual benefit, equality and cooperation. On the basis of fully respecting the security of other states, all countries should commit themselves to achieve their own security through common security and take concrete measures to prevent the militarization of an arms race in the cyberspace. Practices such as leveraging one’s own cyber military advantage to brandish and develop offensive cyber military capabilities, introducing military alliances into cyberspace and pushing to formulate rules of engagement in cyberspace will not contribute to peace in cyberspace, and no country or military block will gain unilateral cybersecurity as a result. Thirdly, the first-mover advantage in cyberspace should not be weaponized. Cyberspace should not become a battlefield for interstate clashes. The legitimate rights and interests of countries should not be harmed. All parties should promote the establishment of a multilateral, democratic and transparent global internet governance system. Fourthly, The adoption of a framework for responsible state behavior is an important achievement and hard won achievement at the UN, and should be fully, completely and accurately implemented. Shortly after the adoption of the consensus reports of 2021, GGE and OEWG, a certain country moved to ignore the consensus that countries should, quote, “develop and implement globally interoperable common rules and standards for supply chain security”, unquote. Driven by its narrow geopolitical agenda, this country intentionally cobbles up small circles to discuss supply chain issues. One can only assume that the true goal is to design a framework that all other states abide by, but which they will ignore. Thank you, Mr Chairman. 

Ambassador Gafoor  

Thank you for the statement. I now give the floor to Switzerland, to be followed by Estonia. 


I would like to say something about the malicious cyber activity against the ICRC. We just heard about this before by the ICRC delegation. On the 18th of January 2022, the ICRC determined that its servers had been compromised. Upon request, the Swiss National Cybersecurity Center quickly provided support to the ICRC and subsequently assisted in handling the malicious cyberactivity. The investigation showed that servers hosting personal data belonging to more than 550,000 people worldwide were hacked. This was a sophisticated and targeted attack. The actors used a very specific set of advanced hacking tools designed for offensive security. These tools are primarily used by advanced, persistent threat groups that are not publicly available and therefore, out of reach to other actors. The actors used sophisticated obfuscation techniques to hide and protect their malicious programs. This requires a high level of skills only available to a limited number of actors. Switzerland condemns these attacks on the ICRC, it is a very worrying malicious cyber activity. The protection of the Red Cross and Red Cross movement’s humanitarian mission should also extend to its data assets and infrastructure. Switzerland believes that it is critical to have a firm consensus among states. The humanitarian actors and their data must never be subjected to a malicious cyber activity and that their data must never be misused. We invite all states to work together to affirm this consensus. On question number one, due to the complexity of the threat and increasingly interdependent structures of ICT-based processes, a holistic approach on a national, as well as international level, has to be taken. Switzerland has always been of the opinion that non-intentional disruption due to supply chain failures was one of the most prevalent threats, especially to smaller and highly connected societies in states. Exemplary for this is the failure of parts of the Viasat ICT infrastructure on February 24. It led to the disruption of ICT-based processes and communications in Germany in regard to remote controlled windmills as well as various non-intentioned disruptions in France, Greece, Poland, Hungary, the Czech Republic, Slovakia, Italy, and Morocco, just to name a few. Switzerland is concerned about the increased use of cyberattacks in the framework of the ongoing armed conflict in Ukraine. In particular, if directed against critical infrastructure, the potential for unintended spillover effects has increased. It is therefore all the more important that all parties abide, and all actors abide, by the existing rules of the international law, especially international humanitarian law and existing voluntary norms. In Switzerland, the National Center for Cybersecurity advises the public provider of critical infrastructures in smaller and medium-sized companies on threats pertaining to cyber. The NCSC releases early warnings and issues technical and non-technical information on how to increase the general cyber hygiene, raising the awareness of cybersecurity at all levels, inter alia, the management level is a top priority of the Swiss authorities. Having technical good practices and respective security measures in place is key. However, due to the complexity of nowadays reliance on various ICT suppliers nationally and internationally, as well as increasing interdependencies for a risk management approach, focusing on dependencies, critical processes and business continuity must lay at the core of any preventative set of measures. This approach has to be informed by close cooperation and sharing of technical, as well as strategic information between states and their respective national critical infrastructure provider on a national level, as well as between the respective peers on an international level. The NCSC provides subsidiaries support in case of malicious cyber activity through information sharing. Moreover, the NCSC helps analyze and manage the incident if the fact that entity so wishes. Regarding question two, Switzerland regards the management of risk as well as dealing with threats on a technical, organizational, and management level, first and foremost as the responsibility of the respective entity. The underlying rationale is self-responsibility. However, with regard to critical infrastructure providers, Switzerland has a long-established collaboration between the Swiss NCSC and those organizations providing critical infrastructure services. This includes the proactive sharing of technical information as well as continuous threat assessments and advisories on a national and sectoral level. The strong focus on continuous situational monitoring and providing critical infrastructures with respective actionable threat intelligence allows for an informed risk analysis, as well as more effective risk management with regard to existing and potential threats. With regard to question three, I’d like to thank the distinguished delegate of Timor-Leste for her statement. She told us how her country could profit from the exchange with other Asian countries in the framework of ASEAN, is exactly what we also would like to mention here. States can use the existing platforms at the national, regional and international levels, and work together to share best practices with regard to critical infrastructure protection. On a national level, for example, we do this in the framework of the Geneva dialogue and the regional level in the framework of the OSCE, and on the international of course, in this group, as well as with UNIDIR. And Botswana just mentioned in their statement that they are also see this Open-ended Working Grop as a place to share this kind of information. As present and potential threats to ICT play out in an inherently interdependent and international context, cooperation between states on a bilateral, regional and global level is key. With regard to question four, in order to establish a sustained and robust real-time information exchange and cooperation between states, trusted processes and formats must be used on a technical level, such as the formal CSIRT networks and FIRST, they have already been mentioned this morning by several delegations. As the present and potential threats against ICTs is global in nature, Switzerland supports and favors any kind of CBMs in order to establish the groundwork for more inclusive collaboration and participation, especially if those states are not yet embedded in existing regional platforms and processes. While actionable information exchange and collaboration between states must be solidified and further increased with regard to present and potential threats against ICTs, it is key to have all built the necessary capacities in order to digest various layers of information within the necessary timeframe. In this regard, Switzerland supports capacity building through various fora and initiatives, such as the GFCE, Geneva dialogue, and others. And finally, I would like to show another delegation that have identified ransomware as one of the biggest threats. And I support Canada’s statements in this context. Thank you. 

Ambassador Gafoor  

Thank you for the statement. I now give the floor to Estonia, to be followed by Kenya. Estonia, please. 


Thank you so much, Mr Chair. Estonia aligns itself with the comprehensive statement of the European Union. I would like to make a couple of following remarks in the national capacity. Year by year, the threat picture is getting more complex. The data cyber attacks that Estonia suffered in 2007 are now a new normality. That was an awakening call to take cybersecurity seriously and to consider cybersecurity as an integral part of the digital development. The threat landscape is now much wider. We have increasing number of actors in cyberspace and more sophisticated tools in use. However, the main principles remain the same. Open, free and secure internet with accompanying digital services cannot function without proper attention to cybersecurity and threats. Our experience has shown that the main way to conquer the threats is to build up our own resilience, transform cyber hygiene into a daily routine, share experiences, hold exercises, both on technical as well as political level, have a meaningful and daily partnership with the private sector, contribute to capacity building, advocate the agreed normative framework and cooperate in good faith on the international scene. Unfortunately, good faith is not something that we’ve experienced today from the Russian Federation. Along with an unprovoked and unjustified military aggression against Ukraine, there is also an ongoing cyberwar. Like in the physical world, there is no respect to any rules on behalf of the Russian Federation, while targeting civilian critical infrastructure and facilities. This clearly undermines the principles that we have collectively decided to adhere to, and undermines the whole concept of responsible behavior of states in cyberspace. This, however, is nothing new, cyber attacks have been and are part of the Russian Federation’s modus operandi, be it as part of its military campaign against Georgia in 2008, against Ukraine in 2014, as well as now. If we are to talk about the threats and how to address this, we need to keep in mind also this context. Thanks, so much. 

Ambassador Gafoor  

Thank you for your statement. I now give the floor to Kenya, to be followed by Ghana. Kenya, please. 


Thank you, Chair. My delegation would like to commend your efforts in ensuring the continuation of this important process including an engagement to the substantive issues. Kenya does acknowledge and appreciate the efforts by the international community to cooperate and collaborate in addressing the issues on existing and potential threats in this sphere of information security, including data security. We note that increased dependence on the information and communication technologies and the growth of digital economies exponentially has increased these threats and associated vulnerabilities, particularly during the pandemic period. Information communication technologies, and especially the merging technologies, are among the drivers of the Information Age. Therefore, their ethical use is imperative to accelerate among other processes the achievement of sustainable development goals and peace efforts. And it is these benefits we ought to safeguard from threats by both state-sponsored and non-state actors, and ensure security in the use of ICT. In its quest to be a digital economy, Kenya has developed the necessary infrastructure to facilitate the digital delivery of services in various sectors, such as administration of education, access to management of health care, improvement to access to justice, promotion of financial inclusion, and access to government services through the digital government. With such an extended digital exposure Kenya aims to secure its critical infrastructure from the existing and potential threats. To address this, Kenya therefore is developing various policies, legal and regulatory frameworks as well as undertaking relevant capacity building, training and awareness campaigns. The government in collaboration with other stakeholders is enhancing technical capabilities and tools in the management of cyberspace. There is also regular identification and designation of Critical Information Infrastructure. Kenya continues to participate in regional and global collaborations. This is to enhance information sharing and build trust networks. In spite of the above mitigation measures, we see value in concerted global efforts to address them. We would like to highlight, in particular, the issue of ICT and violent extremism that is conducive to terrorism. The ubiquitous, programmable and data-driven nature of emerging technologies although beneficial has also opened a door for misuse of armed groups and terrorists. Kenya calls for enhanced cooperation and partnership between states and the international community, especially through recommendations emanating from these Open-ended Working Group to build a cyberspace security capability that is robust and responsive in responding to member states capacity building needs in this area. I conclude by affirming Kenya’s readiness to contribute to enhancing global efforts, legal frameworks or norms that will promote a free, peaceful and stable cyber domain and at the same time mitigate the existing and potential threats. Thank you. 

Ambassador Gafoor  

Thank you for the statement. I now give  the floor to Ghana, to be followed by Australia. Ghana, please 


Mr Chairman, I thank you for giving me the floor, and I’d like to take this opportunity to assure you of the cooperation and full support of my delegation in the discharge of your duties. My delegation associates itself with a statement delivered by the Non-Aligned Movement and wishes to make the following remarks in our national capacity. Mr Chair, we are all aware of the major role information and communications technology plays in our lives. Some may even find it hard to remember a time when mobile phones, computers and other devices were not a part of everyday life. While technology certainly makes life easier and more convenient the disturbing threats to the global ICT environment, including the malicious use of ICTs by both state and non-state actors, are slowly emerging into a global digital pandemic, that the international community must address as quickly as possible. The misuse of ICTs, particularly for terrorism purposes, poses a grave challenge to international peace and security especially as we advance in the fourth industrial revolution. The danger of direct cyber attacks on ICTs and ICT-dependent infrastructures is highlighted in the 2015 report of the Group of Governmental Experts. An issue Ghana believes requires an immediate response and deems it necessary to highlight the importance of cooperation among states in the investigation of ICT incidents. Mr Chairman, it is essential to highlight Ghana’s efforts at a national level to put in place the necessary legislative framework to address some of these cyber-related issues. In 2020, Ghana passed the landmark Cybersecurity Act, which established the cybersecurity authority with a mandate of developing mechanisms that safeguard the country’s Critical Information Infrastructure, regulate cyber security operations, protect children online and develop a secure and resilient digital ecosystem. Ghana has also revised its national cybersecurity policy and strategy, adopted the Economic Community of West African States regional cybersecurity and cybercrime strategy, and the regional critical infrastructure protection policy, and ratified the Budapest and Malibu conventions. With regards to your guiding questions concerning existing and potential threats, Mr Chair, ransomware, misinformation, online sexual exploitation, criminal and terrorist use of ICTs and the risks presented to Critical Information Infrastructure by ICTs, particularly the sustainability of the financial sector, among, the current threats in the sphere of information security. The 2015 GGE reports identified the most hazardous ICT attacks as those directed at critical infrastructure. As such, Ghana places a high value on the protection of Critical Information Infrastructure. We believe that developing a framework for Critical Information Infrastructure Protection is essential to ensuring a safer and more resilient digital ecosystem. To this end, Ghana has developed a criteria to identify the critical information structure in the country and subsequently identified 189 CII owners across thirteen sectors. To ensure the protection of these CIIs, a directive, which establishes the baseline cyber security requirements for all designated CII owners, was launched simultaneously with the launch of the cyber security authority. Additionally, capacity building engagements for CII owners in the cyber security Act 2020 and compliance with the CII directive is currently ongoing. Discussions around the OEWG should, therefore, encourage states to consider designating CII and ensuring that they are adequately protected. This is especially because failure to protect them can have detrimental effects on nations and the world as a whole. I thank you for your attention. 

Ambassador Gafoor  

Thank you very much, Ghana. I now give the floor to Australia, to be followed by Pakistan. Australia, please. 


Thank you so much, Chair. Australia welcomes our discussions here today to exchange views on existing and emerging threats to international peace and security in cyberspace. And I want to thank you, Chair for your summary and your questions, noting that the summary might help as a helpful aide memoire and while not directly referenced in that summary I note that Australia reads it in the context of our mandate, that is that we are discussing threats here that meet the threshold of impacting international peace and security. Chair, colleagues, while we didn’t know the damage that could be caused by ones and zeros when the UN was established in 1946, we certainly know it today. This global community must be prepared to shine a light on malicious cyber activity and hold the actors responsible to account. Australia calls on all countries to honor and uphold their commitments to existing international law and the norms of responsible state behavior, which apply in cyberspace. Last month, Australia, the United States and the United Kingdom publicly attributed cyber attacks against the Ukrainian banking sector to the Russian Main Intelligence Directorate or GIU. Cyber attacks against Ukraine have increased tenfold since Russia’s invasion. In the lead-up to the invasion, Russia launched cyber attacks on Ukraine’s banks denying Ukrainians the ability to use ATMs or transact via their mobile phone applications. The network takedowns have also inhibited the humanitarian response to assist refugees fleeing war-torn Ukraine. Let me be clear, this behavior is unacceptable. As mentioned by several states here today, the spillover effects of malicious cyber activity can be grave and pose a significant and escalatory threat. This behavior is irresponsible, it creates risks for all states, it poses a grave threat and disruption to international peace and security in cyberspace. This sophisticated malicious cyber operation on the ICRC discovered earlier this year is yet another example of unacceptable activity in cyberspace. And I do thank the representative from the ICRC for her detailed intervention earlier today. In the interest of time I will simply state that it is of grave and serious concern that a humanitarian organization, an organization we have all agreed is neutral and that ought not to be targeted, has now been targeted as a victim to such an unconscionable attack. It is not an act that the international community can take lightly. And I note the proposal just made from Switzerland that this group makes it clear that humanitarian data should not be misused. And I think that this deserves further attention from our group. And it also makes it immediately vital the focus on deepening implementation on the application of the critical infrastructure norms, including healthcare services. Regarding threats, further study of the continuously evolving threat to the healthcare sector faces will help us better understand this threat in the cyber realm. Studying these threats can provide the data and the context necessary to effectively refine, respond and increase the overall resilience of the healthcare sector and medical services, particularly in the context of a global pandemic. And I want to commend the efforts of several partners including the Czech Republic, Microsoft, and the CyberPeace Institute in taking for this work. We’ve also heard today interventions from several delegations noting that the benefits of digital technologies are not evenly distributed and the importance of fostering an international community focused on narrowing the digital divides towards sustainable economic growth, development, and stability for all. The threats we face are evolving and they are increasing, but we do have a framework which we have all agreed to as a collective starting point to address these threats when it is implemented and adhered to. The starting point to deliver on an approach to counter such threats is to work on implementing our previous agreements as it relates to all the pillars of our framework. And our framework consists not only of norms but also of existing international law, Confidence Building Measures, all supported by coordinated and effective capacity building. To do so requires a broad and comprehensive understanding of the threat landscape that we face, for which discussions such as this advice from experts prove invaluable. I very much appreciate the statement from Malaysia in this regard and the important points that were made by the Republic of Korea on the importance of cross-sector and cross-border information sharing, including on threats, and therefore also commend the inputs provided to our discussion thus far by civil society, academia, industry and the technical community. Information from all sources is essential to keeping our discussions and our understandings current and relevant. And I also note the comments made by France on this issue are very helpful. I hope that we’ll be able to hear from those experts throughout our discussions about what they see across this threat landscape. And I asked the multistakeholder community to share their experiences of these cyber threats, which threaten critical infrastructure, the healthcare sector and international peace and security. And finally, colleagues I take this opportunity to invite you all to a side event tomorrow lunchtime, hosted by Australia, Mexico and UNIDIR to launch an online survey of national implementation of our framework on responsible state behavior. It’s a tangible measure to implement the recommendations of the 2020 UNGGE report. Further details are on the OEWG website and I can confirm, Chair, that lunch will be provided.

Ambassador Gafoor

Thank you very much, Australia, happy to hear that lunch has not been compromised. I now give the floor to Pakistan, to be followed by Turkey. Pakistan, please. 


Thank you so much, Mr Chair. At the outset, my delegation extends its sincere appreciation to you for guiding this group’s work in an inclusive, transparent and able manner. My delegation aligns itself with the statement made by Indonesia on behalf of NAM. ICT technologies and applications have enhanced access to information and knowledge, utilization for health promotion, and protection, efficient production, and a multitude other uses. These technologies were particularly critical during the COVID pandemic. On the other end, these technologies have expanded the domains of conflict. Cyberwarfare has emerged as a new domain of warfare. From information warfare to actual cyber attacks by states and non-state actors. We must be particularly concerned about the significant increase in recent years in the frequency of cyber attacks on critical infrastructure. These incidents of malicious use of ICT are diminishing trust and confidence among the states, they lower the threshold of war and undermine international peace and security. Ensuring the peaceful use of ICTs and preventing cyberspace from becoming a realm of conflict, are the most critical challenges faced by this group. Mr Chairman, threats associated with manipulation and theft of digital identity, private data, as well as targeted propaganda campaigns and ways that could undermine national economies and imperil national security besides jeopardizing personal security of individuals and an increasingly interconnected world, wherein a level of capacity for ICT security among states can immensely and amplify vulnerability. Therefore, the widening digital divide among countries and regions poses a serious threat in the global ICT environment. The use of digital technology can enable new pathways for intentionally false or misleading information to be created and amplified by state and non-state actors for political, ideological, or commercial motives at an alarmingly growing scale. The spread of disinformation on online platforms, including on social media, can be designed to spread racism, and xenophobia, and incite all forms of violence, intolerance, discrimination, and hostility. The spread and proliferation of disinformation necessitate the need to disseminate factual, timely, clear, accessible, and evidence-based information and require all relevant stakeholders to address the challenge of disinformation. In light of these comments in guiding questions put forward by the Chair, my delegation would like to make the following points. First, there is a need to work for the United Nations system, including the Department of Communication at relevant agencies to counter the proliferation of disinformation. Moreover, countering disinformation and hostile reports requires sustained efforts in international cooperation, multidimensional and multistakeholder responses that are consistent with international law, including humanitarian rights or internal law. Second, we believe that this group should develop cooperative measures to address existing and emerging threats in the sphere of ICTs by creating a global system for ensuring security and the use of ICT under the United Nations auspices. Third, there is a need to work on developing the capacities of states especially in the area of technological, infrastructural and informational needs so that they can accomplish their obligation in cyberspace. Mr Chairman, regarding enhancing the protection of critical infrastructure including Critical Information Infastructure, we believe that states must have in-depth knowledge of existing CI and CII. In this regard, states must have conducted national surveys to determine the type of critical infrastructure or Critical Information Infrastructure, and the underlying platforms, both software and hardware. Such surveys will also be helpful in determining the capacity building needs of states. Further, it is also important to be aware of the potential vulnerabilities of those platforms. However, the protection of critical infrastructure and Critical Information Infrastructure can be ensured with the global level synergy under the UN system. Finally, Mr Chairman, on sharing best practices with regard to CI and CII at bilateral, regional, global level, my delegation believes that for the real-time sharing of information and communication on existing and potential threats, Computer Emergency Response Team and Computer Security Incident Response Teams are useful. For promoting cooperation among states at the global level and regional level institutions could be established for sharing the best practices with regard to critical infrastructure protection, under the auspices of the United Nation. Thank you, Mr Chairman. 

Ambassador Gafoor  

Thank you very much, Pakistan. Turkey to be followed by Japan. Turkey, please. 


At the outset, allow me to express my delegation’s appreciation for your efforts to steer our work in this Open-ended Working Group, on the security of and the use of information and communication technologies. Turkey attaches great importance to this Open-ended Working Group as a unique platform, having a universal membership and valuable potential for trust and confidence building in cyberspace. Indeed, we fully shared the assessment that this group itself constitutes a confidence building measure, provided that its potential is duly utilized. Concerning the issue of existing and potential cyber threats, I would like to highlight the following points. In today’s world, peace, security, human rights and economic developments are increasingly impacted by the use of ICTs. Parallel to the advances in technology, cyber risks and threats are rapidly growing in volume, complexity and severity. This has particularly been the case since the outbreak of the pandemic, which revealed the correlation between increasing dependency on ICTs and vulnerabilities to cyber risks. In our view, tackling threats or risks in cyberspace is essential in order to achieve an open, free, stable and secure cyberspace at the international level. We have been observing a dramatic increase in cyberattacks targeting critical infrastructures, such as electronic communication, energy, finance, transportation, water management and other essential public service sectors. These attacks have reached a level to threaten international security and stability as well as socio-economic development. Turkey is highly concerned with the malicious ICT activities which go against the norms of responsible state behavior in cyberspace. The final report of the previous OEWG had indicated that the use of ICT in future conflicts between states is becoming more likely. Recent developments just warranted that concern. We have witnessed the malicious use of cyber tools as part of aggression against Ukraine. We firmly reject such violations of international law and the UN Charter. The key element in achieving security and stability in cyberspace is respect for international law, including the UN Charter, as well as international humanitarian law and international human rights law. Turkey strongly supports the effective implementation of the UN framework for responsible state behavior, developed through the work of successive Group of Governmental Experts and reaffirmed by the previous OEWG. For its parts, Turkey has been working through successive national cyber security strategies, and action plans to develop measures to tackle cyber threats. Our national CSIRTS is constantly communicating information regarding the malicious cyber activity or possible vulnerabilities to institutional and sectoral CSIRTS and the public. Protection of critical infrastructure and increasing resilience has been identified as a strategic objective in our national cybersecurity strategy. However, we recognize that the level of sophistication of cybersecurity, digitalization, cyber resilience and infrastructure varies significantly among member states. Therefore, every state has its peculiar experience in cybercrime. In our efforts to enhance cyber resiliency and ensure security for all, a good step forward would be working to reduce technical and policy gaps among Member States by identifying appropriate methods. We must be able to make informed decisions regarding capacity-building efforts that cover a wide range of areas at the technical and policy levels. For this purpose, we can utilize the criteria used by the International Telecommunication Unions’ Global Cybersecurity Index, GCI. This index is considered an important tool to determine different levels of resilience among countries in the cyber domain. It can give us a clearer picture regarding potential areas of improvement, especially among developing countries in terms of cybersecurity. In addition, the National Survey of Implementation proposal, which Turkey supports, would also be an important tool for having an informed assessment of the global cyber threats landscape and the required work to increase cyber resilience. Furthermore, increasing the exchange of information among Member States and establishing platforms that would serve as communication channels in emergency situations while also enabling sharing of information and resources would be crucial in our efforts to tackle cyber threats. To this end, we support establishing points of contact networks and global directory of points of contact. Similarly, sharing experiences and best practices, developing guidelines for regulatory frameworks, conducting international exercises to increase cybersecurity preparedness, and response capacities, as well as awareness-raising activities are also important concrete measures that we can apply to addressing cyber threats. In conclusion, we stand ready for cooperation to identify and minimize threats and risks in cyberspace, and welcome the concrete ideas and proposals presented by previous delegations towards this objective. Thank you. 

Ambassador Gafoor  

Thank you very much for the statement. I now give the floor to Japan, to be followed by Mexico. Japan, please.


Chair, thank you very much for giving me the opportunity to speak. At the outset, I would like to commend you for your patient leadership. I also thank the Chair for providing us with a summary of discussions from last December and the guiding questions for this session. This will help us to make our discussion productive. Japan would like to be as constructive as possible. As many delegations have already noted, our discussion cannot be separated from events in the real world. Russia’s aggression against Ukraine is a clear violation of international law, inter alia, the United Nations Charter. Japan condemns Russia in the strongest terms and stands with Ukraine and the people of Ukraine. Russia must stop its aggression immediately and leave Ukraine, consistent with the provisional measures rendered by the International Court of Justice. Japan calls on Russia to heed the call by the international community and immediately implement the General Assembly resolution that was passed with the support of 141 countries. The reports of malicious use of ICTs in conjunction with military activities are deeply troubling. A state must not violate the sovereignty of another state by cyber operations. A flagrant violation of norms, we have agreed makes a mockery of this process. A preventive measure we can take is to emphasize to all states the importance of adhering to the framework of responsible state behavior in cyberspace. Taking into account recent geopolitical developments, the Government of Japan has issued a warning to the public that there are increased risk of cyberattacks. Giving the public information about existing risks is an important preventive measure as well. Existing international law, including United Nations Charter in its entirety, is applicable to cyber operations. Under certain circumstances, a cyber operation may constitute the threat or use of force prohibited by Article 24 of the United Nations Charter. If it rises to the level of an armed attack the right of self-defense can be exercised in response. I would like to turn to another threat: ransomware. Recently, a supplier of Toyota was hit with a ransomware that forced it to disconnect its system from Toyota which caused all 14 Toyota factories to shut down its production for more than a day. We must be mindful of the importance of protecting the whole supply chain. Basic preventive measures such as keeping all the software updated, changing passwords regularly and educating the staff not to open unknown links, are the first steps to protecting ourselves from malicious cyber activities. We need to educate our public on these measures. We can also enhance the protection of critical infrastructure by such means as enhancing the protection of the system from intrusion, making sure there are no vulnerabilities in the software and operating technology and sharing threat information. Japan will enact a law that will allow the government to check the procurement of major equipment by critical infrastructure operators to ensure that there are no security vulnerabilities. Response measures the government can take include, but are not limited to, public attribution and diplomatic response against the state actor and criminal prosecution for ordinary criminals. States can work together by having bilateral dialogue to share best practices to protect against malicious cyber activities. This can also be done through regional frameworks such as the Asian Regional Forum and globally utilizing this OEWG. We can use the portal site of UNIDIR as well as the annual reports of the OEWG to share information among Member States. We would also like to point out that existing CERTs and CSIRTs possess the necessary networks to share threat information in real-time. Thank you very much. 

Ambassador Gafoor  

Thank you for the statement. I give the floor to Mexico, to be followed by the Philippines. Mexico please.


Thank you very much, Chair. We are very grateful that we’re having the second substantive session in the Working Group because it underscores the interest that there is multilaterally, to address challenges and opportunities offered by ICTs in cyberspace and in the context of international security. The promotion of the peaceful uses of ICTs in a free, open, accessible, safe and stable cyberspace continues to be the cornerstone of our mandate and our work should contribute to the prevention of conflict, the peaceful settlement of disputes and any problems related to the use of cyberspace. For Mexico, reaffirming that international law applies in cyberspace and in all normative processes that are promoted by the United Nations in the area of human rights, should cease to just be a narrative and should become a narrative that is safeguarded by the international community. The broad study of the application of international law in cyberspace should continue to be a central aspect of our multilateral work. Chairman, in the light of the threats that we face today it is urgent that we stress that international law in cyberspace and in the use of ICTs is mandatory. And in that regard we express our solidarity with all of the victims and those affected by the situation of armed conflict throughout the world. Agreements are a priority for Mexico, particularly prior agreements. Particularly when it comes to responsible state behavior in cyberspace and trustbuilding measures that have been adopted already by the General Assembly, particularly through the final report of the GGE on cybersecurity and the final report of the first working group. This will be the ideal opportunity in this session to begin analytical work that will clearly distinguish between norms and Confidence Building Measures and capacity building, and clear concepts linked to putting to good use these developments. This, at this meeting, together with what Australia said, and with a broad number of countries, we would like to see follow-up of implementation and the survey on implementation, to assess the degree of implementation and see whether there are any hold-ups with regard to the implementation of recommendations. We think that this group needs to identify the needs for areas of cooperation and particularly, the context between the national contact points that will help to promote cyber diplomacy. This multilateral coordination could lead to an international repository of cyber attacks that happen nationally and internationally. That’s a priority for Mexico that will build transparency in the exchange of information and lessons learned in the way in which we deal with these kinds of incidents and attacks. The role of regional organizations can also be relevant in implementing the commitments reached at the UN and these regional organizations share their experiences also with this working group. And later we’ll add comments with regard to Confidence Building Measures. Mexico will continue to promote a technologically neutral point of view that can help us to promote the use of ICTs by women and girls and address the particular challenges that they may face in doing so. And finally, Mexico supports the involvement of expert voices in our work from civil society, industry, academia and service providers, and others such as NGOs. And that’s why we reiterate our interest in working under your leadership on identifying the modalities that will lead to pluralistic and substantive participation, which will heighten transparency and the degree of representation in our proceedings. Thank you. 

Ambassador Gafoor  

Thank you for the statement. I now give the floor to the Philippines, to be followed by Colombia. Philippines, please. 


Mr Chair, the Philippines thanks the Chair and its abled team for leading this meeting, enabling member states to engage and proceed their substantive discussions. The Philippines lends its support to the statement of the NAM, delivered by Indonesia in its capacity as coordinator of the Non-Aligned Movement on disarmament. Like Singapore, the Philippines attaches the importance to ensuring the security of critical ICT infrastructures, including information assets of the government, individuals and businesses. One of the key programs of the Philippine National Cybersecurity plan of 2022, is the protection of critical information infrastructures or CII. To answer your guiding question on how states can enhance the protection of critical infrastructure, particularly of CII, the Philippines offers the following two major activities to move towards establishing a resilient CII based on our National Cybersecurity Plan, to which we can replicate. The first major activity is compliance and assessment. The compliance and assessment activities shall be composed of three levels. The first level is an inventory or protection assessment project. The second level is to assess the CIIs readiness or a security assessment project, and the third level will be voluntary activity or compliance or cyber risks to CII, or a program where states may be assessed by a third party institution. The second major activity in participating is international drill exercises. After establishing the baseline of results for assessment and compliance, states may participate in an international drill exercise in order to sustain the development of our cybersecurity towards the desired majority level of our systems. This drill exercise could be at a technical level or among CERT representatives. Mr Chair, we acknowledged Egypt’s proposal to have a preliminary agreement on the list of existing and potential threats. Update this regularly and also make it available to delegations in order to guide the efforts of states in tackling cyber threats. We find merit in this suggestion. We support India, Costa Rica and Mexico for iteration of the importance of the points of contact, not only to exchange best practices but also during uncertain situations to help in addressing threats. Mr Chair, the Philippines reaffirms as stated in paragraph 22 of the previous OEWG outcome document that developing cooperative measures to address threats and acting together and inclusively, whenever feasible, would produce more effective and far-reaching results. The Philippines looks forward to more concrete and action-oriented recommendations on this important issue in the coming substantive sessions. Thank you, Mr Chair. 

Ambassador Gafoor  

Thank you for the statement. I give now the floor to Colombia, to be followed by Indonesia. Colombia, please.


Chairman, we thank you for your efforts and your leadership in preparing this second substantive session. My delegation is grateful for your introductory statements, your narrative summaries on previous discussions and the list of guiding questions, which have been very useful and have contributed to action-oriented discussion. And we’re also very grateful to Madame Izumi Nakamitsu for her briefing. We report our support to you and your management and we are prepared to continue to work constructively with you in the process of this working group. And we would join in the calls for our deliberations in this informal format by to be included in the annual progress report. Chairman, at the December session my delegation referred to what we felt to be the current and potential threats in the digital world. We won’t repeat them now, but following your guidance we will be providing some questions or answers to your guiding questions. With regard to preventive measures and response measures to face potential threats we feel the following to be important: awareness-raising with regard to existing risks and protection measures; the establishment of national plans for comprehensive protection, which will include in addition to security, cyber resilience; the training of the investigation and judicial authorities on the malicious use of ICTs;  the establishment of public-private alliances, both to build resilience to threats as well as to share and manage securely, a critical information; we also feel it’s important to develop concrete and effective mechanisms for assistance and cooperation in order to develop and improve human, institutional and technical capacity in the area of cyber security and resilience. In this regard, we feel it’s important to strengthen initiatives that will make it possible to finance and centralize resources that will facilitate analysis, detection, containment, and eradication of threats such as the malicious code of ransomware and projects such as are initiatives, which we should be promoting in order to counter these threats. Chairman, in order to improve the protection of critical infrastructure, including information infrastructure, we feel that the following is necessary. The implementation of a precise methodology to identify, prioritize catalogue and protect all essential services at the national level. An increase in technological capacity in order to identify quickly, what the threats are. An increase in the capacity of competent authorities to carry out the immediate link to investigations that will make it possible to identify who is responsible for malicious acts, and coordination with service providers and web hosts, and public-private alliances for the protection of critical infrastructures and for research in response to cyber attacks. Chairman, I’d now like to refer to your question with regard to how states can work together in order to share new information on existing and potential threats in real-time. While it’s particularly important that we strengthen the networks of information exchange between states through platforms such as MISP, so that the capacities of the various countries can be complimentary and potentially they will be able to generate true synergy to facilitate early detection of existing and potential threats as soon as possible making it possible to manage them at an early stage. In this regard, we should support the development of networks, groups and workshops that will have experts to analyze the threats, and even more important will generate recommendations for the users of these spaces so that they can manage these threats in the best way possible and mitigate their possible effects. Equally, it’s important that we progress towards creating a global cybersecurity culture and protection for essential information infrastructure. This is something on which the General Assembly pronounce itself principally in resolution 58/199 of 2003, and which was recording resolution 7327 of 2018. For this, international assistance and cooperation are fundamental. With regard to the call to establish working groups, my delegation reiterates what we stated at the organizational session of this OEWG. We think it’s very difficult in practice to work in subgroups, not only because of the reduced size of some delegations such as my own, which will make it difficult to participate in parallel meetings, but also because of the interrelationship between the various themes that we have dealt with – we need to deal with them all together. Finally, Chairman, we cannot forget that as we’re meeting here in Ukraine thousands of people continue to flee, including children. The refugees are exceeding three million. It’s a terrible humanitarian situation and we need to see an immediate cessation of the attacks by Russia against the civilian population and in the critical infrastructure of Ukraine, including hospitals and food warehouses. We most emphatically condemn Russia’s attack for violating the sovereignty and territorial integrity of Ukraine and for violating international law. We express our solidarity with the people of Ukraine. Thank you. 

Ambassador Gafoor  

Thank you for the statement. I give the floor now to Indonesia to be followed by Ecuador. Indonesia, please.


Thank you, Chair. Allow me to deliver our statement in our national capacity. We wish to extend our appreciation towards your leadership, Chair, especially in providing guiding questions for our discussion today, with a view to ensuring focus on the discussion of issues at hand. Mr Chair, the misuse of ICTs for non-peaceful purposes exposes us to various threats to the global stability, also the safety and well-being of individuals. Since our first session last December, we have discussed multiple, existing and potential threats, which were expressed by various delegations particularly regarding threats to critical infrastructures. Chair, in order to further advancing efforts of both preventing and responding to the existing and potential threats my delegation is of the view that it is important to focus on these points. First, the existing and potential threats can be experienced by all states without exception including those with advanced technology as well as those with limited ICT capability. Second, we cannot have security at the expense of the insecurity of others. Taking into account the borderless nature of cyberspace threats directed at a single state could spread and evolve into a regional and global one. Threats can be emanated from both states and non-state actors. Therefore, there are urgent needs for collaboration and mutual engagement with all stakeholders, including private sectors, and technical communities with a view to prevent and respond to threats. On your question about the protection of critical infrastructure, we are of the view that it requires comprehensive efforts in all aspect, technically, institutionally and policy-wise. My delegation wishes to assert a number of efforts, which may be taken into consideration Chair.  First, transcending legal frameworks for protection of critical infrastructure, as well as providing transparency and certainty regarding safety measures, including national agencies responsible for protection of critical infrastructure. Second, strengthening coordination between relevant agencies, as well as collaborative works with other stakeholders. We are of the view that cooperation between state and other stakeholders can contribute positively towards the efforts. Finally, Chair, we encourage the OEWG to develop comprehensive compendiums or guidelines pertaining to efforts and experiences of states regarding the protection of critical infrastructure, including implementation of the six and seven norms of responsible state behavior in cyberspace. This compendium of best practices might incorporate the aspect of point of contact, prevention, protection, as well as response, which can be of reference for states with a view to increase its readiness to respond to threats in the sphere of ICT. I thank you, Chair. 

Ambassador Gafoor  

Thank you for the statement. I now give the floor to Ecuador, to be followed by Nicaragua. Ecuador, please.


Thank you, Chairman. Since this is the first time that I’m taking the floor at this second substantive session, allow me to express to you and your team, the appreciation of my delegation for the delicate and sensitive way that you’re conducting negotiations. Ecuador has supported every one of your proposals for our working methods, last June and in December, and in February, and now in March. And we are not opposed either to your proposal yesterday for the three points for continuing our discussions today formally, but we also think it’s possible to make progress in these discussions as we are doing now. And we think there needs to be flexibility with all delegations in order to get us back on track as soon as possible for the formal meetings. Without the effective participation of the various stakeholders, including civil society, academia and companies, this Open-ended Working Group will be operating in a vacuum, and for my delegation, it’s central that we move towards working methods that are inclusive. In December of 2020, the intersessional meeting that was chaired by Singapore was very useful for identifying risks and common threats and that fed into the work of the first Open-ended Working Group. As we progress in our discussions now in this second group, we’ll require greater involvement of these other actors. The threats that we face are largely transnational, and the only way to counter them effectively is through international dialogue and cooperation and the building of capacity and by trust-building, confidence building. With regard to the first question, as to what measures states can apply in order to counter real and potential threats. Well, Ecuador agrees with the elements that were raised this morning by the delegation of Costa Rica, but we would add that all of those could benefit from a multilateral, ongoing platform of implementation, that’s the French-Egyptian proposal for their Program of Action. With regard to the second question, as to how states can strengthen the protection of critical infrastructure, including critical ICT infrastructure, it’s fundamental that we have a universal comprehensive understanding based on the identification of these concepts by states. Ecuador believes that the recommendations of the groups of experts and the first OEWG should be fully taken into account when it comes to implementation. This working group should also include amongst its recommendations, synergies through bilateral cooperation sub-regional and regional cooperation, as well as global cooperation, not only in order to share best practices with regard to critical infrastructure that has to be protected but to move towards minimum capacity standards on the basis that the weakest link in the protection chain is vulnerability for the rest of the chain. And I would point out that Ecuador recently, under a year ago, approved our first cybersecurity law. That’s not an end in itself for us, but it’s the point of departure. We believe that the Program of Action that I refer to previously would promote cyber resilience. We also agree with delegations that propose the establishment of contact points, although on that point, there is some controversy as to who would manage these lists. Well, once again, we believe that over and above the extraordinary substantive value of this OEWG, the international community needs a multilateral permanent platform to support the efforts of states in implementation. In conclusion, Ecuador reiterates its rejection of the militarization of cyberspace and arming of cyberspace. And we would recall that the majority of developing countries want to develop the exclusively peaceful use of outer space. The security of no state is above the security of any other state. And finally, I agree with what Indonesia said this morning, endorsed that delivered on behalf of NAM, but I’d like to express the agreement of my delegation with Indonesia’s national statement as well, that was delivered this afternoon. Thank you. 

Ambassador Gafoor  

Thank you very much for the statement. I give the floor now to Nicaragua, to be followed by Venezuela. Nicaragua, please.


Thank you very much, Chairman. We would like to endorse the statement delivered by Indonesia on behalf of the Non-Aligned Movement. Although it’s true that current and potential ICT threats / ICTs do affect all states it’s inevitable that small countries and developing countries are those that are least prepared to address these challenges given the lack of technology and capacity that they have and therefore they suffer much more from damage to their critical infrastructure thus undermining our right to development. We would urge progress to be made in understandings with regard to real and potential threats. We reject the attempts of the unjust use of ICTs, particularly in military and political spheres that violates the purposes and principles of the UN Charter, such as the violation of the sovereignty, territorial integrity and interference in the internal affairs of states. We need to address the use of ICTs for terrorist purposes, for destabilizing extremist and criminal purposes, that generate hate and discrimination and call for violence. Other important challenges are the campaigns of fake news and ill-intentioned campaigns, and arbitrary restrictions and mandatory restrictions on the freedom of the press in certain countries and the rights of users. The international community must continue to debate the aspects of regulation of social media that are increasingly becoming a tool for criminals. We support the creation of a global system to guarantee the security in the use of ICTs under UN auspices. We are opposed to the use of ICTs as an excuse for the threat or the use of force against sovereign governments. Our responsibility in this group should be to take into account the implications of the malicious use of ICTs and their negative consequences for the maintenance of international peace and security. It is just unacceptable that there be any threat to militarize cyberspace. We should remember that states are actors, we are the primary bodies responsible for addressing threats. Therefore, any national or international norms must prevail and be respected by other stakeholders in this process. We support a platform for cooperation and exchange, preferably under the auspices of the United Nations, with regard to international experiences in the area of protection of critical infrastructure and other issues associated with threats in this area, respecting sovereignty and the security of states. Thank you. 

Ambassador Gafoor  

Thank you very much. For the statement. It’s almost 5:30, I have about five or six speakers left. And I’d like to close the speakers list under this sub-item of agenda item five and hopefully we can finish the sub-item this afternoon. And I go to the next speaker now, Venezuela, please.


Thank you, Chairman. Venezuela would like to support the statement delivered by the distinguished delegates of Indonesia on behalf of the Non-Aligned Movement. Chairman, the malicious use of ICTs by state and non-state actors is a new source of threats that can generate conflicts of various kinds on a large scale, nationally and internationally, and can undermine international peace and security and affect sustainable development. In the preparation of standards by the working group all approaches to real and potential threats should be compatible with the purposes and principles of the UN Charter and international law. In particular with the principles of equal sovereignty, respect for the sovereignty of states and the peaceful settlement of international disputes, abstention with regard to international threats of force or the use of force against the territorial integrity or political independence of any state and non-intervention in the internal affairs of other states. Disputes arising from the use of ICTs should be resolved through peaceful means and within the framework of international law. States have the primary responsibility to maintain a peaceful and secure environment for ICTs in accordance with their national legislation and their policies, plans and programs, with the aim of safeguarding the interests of their sovereignty, safety, sustainable development, and of course, the safety of their citizens. Having been victim of a regime change attempt that was unjustified and unprecedented, the critical infrastructure of Venezuela has been subject to cyber attacks and spying that has affected, just to mention a few, the national banking sector, the electrical system and the oil industry. Today, we see the worrisome application of unilateral coercive measures that erode trust in international administration as being a peaceful administration of cyberspace. In that regard, we reject the militarization of cyberspace and the use of ICTs in order to intervene in the internal affairs of states and in order to try to politically destabilize them, economically and socially destabilize them or to try to cut off government institutions in any state. Chairman, the quicker developments in ICTs as well as the very many actors that are involved in the use of ICTs makes it clear that the range of threats are very broad. Information piracy in all its forms, cyber spying, the role of information, cyber attacks on critical infrastructure, the changing of computer data, the dissemination of fake news on a grand scale, and efforts that try to prevent people becoming informed and prevent them adhering to national and international rules are just some of the threats that affect sovereignty, economic development and well being. Given such varied and changing phenomena and in order to contribute to the work of the group we feel it would be appropriate under the UN auspices to create a regular compendium of existing threats that could be accompanied by best practices in order to address said threats. To conclude, Chairman, in dealing with threats in cyberspace we should consider two things to be of crucial importance. Firstly, the fact that in the face of these phenomena, all states are vulnerable. And secondly, the existence of asymmetries and digital divides between states, as well as the growing oligarchical nature of the ICT industry or increases the symmetries, and endangers the pluralistic and democratic nature of the communication process and interferes in our ability to guarantee a broad spectrum of social rights. For those reasons, international cooperation that is free of conditionalities and focused on the sharing of strategic and technological information to improve the protection of information infrastructure can serve the international objectives of minimizing and neutralizing the threats arising from the malicious use of ICTs. Thank you very much. 

Ambassador Gafoor  

Thank you for the statement. I now give the floor to Ireland, to be followed by Togo. Ireland, please.


Thank you, Mr Chairman. Ireland aligns itself with the statement made earlier by the European Union. Given time constraints we can provide more detailed responses to your guiding questions on Ireland’s cybersecurity strategy in a written submission to the secretariat. Mr Chairman, cyberattacks and malicious cyber activity put lives at risk. We’ve heard this throughout the afternoon from other delegations and during the very concerning reports earlier by the ICRC. We also know this from experience in Ireland. Our public health care systems were subject to a very damaging ransomware attack last year that impacted on critical medical services. An attack of this kind during a global pandemic is appalling but unfortunately Ireland’s experience is not isolated internationally. Malicious cyber activity and threats, including crippling ransomware attacks, cybercrime, intellectual property theft and the spread of disinformation have surged in recent years. Gendered violence experienced by women and girls is now frequently accompanied and magnified by online violence and cyber threats. Critical infrastructure is increasingly being targeted, democratic institutions and processes, our economies and citizens are being impacted. This damages trust at every level and Ireland is gravely concerned of the threats posed by such activities to international peace and security. This malicious cyber activity must stop. Mr Chairman, Russia’s aggression against Ukraine, which violates international law and the UN Charter and which has had appalling humanitarian consequences, includes cyber activity and malicious cyber activity and breaches the norms of responsible state behavior that have been agreed by all states here at the UN. These cyber attacks also risk, as we’ve heard today, dangerous spillover into other states in an interconnected cyberspace. Respect for international law, including human rights and international humanitarian law, in addition to the norms of responsible state behavior, are vital to international security and stability in cyberspace. Mr Chairman, we support the proposal made earlier by my EU colleague for consideration of a dedicated OEWG meeting, with a focus on specific norms of responsible state behavior in light of specific cyber challenges and threats faced by the international community. We believe that this meeting, to include the substantive expert advice of non state stakeholders, would make a valuable and useful contribution to supporting better and greater understanding of the cyber threat landscape and, most importantly, the need to advance the implementation of the UN framework for responsible state behavior. Of course, capacity building is key to this and we look forward to discussing this later in the week. Thank you, Mr Chairman. 

Ambassador Gafoor  

Thank you very much, for the statement. I now give the floor to Togo, to be followed by Argentina.

Mr. Chair, ladies and gentlemen, the delegation of Togo would like to commend your leadership and conducting the work of the Open-ended Working Group, as well as the efforts that you are making to bring positions closer together on the various issues under consideration. We would like to express our support for you and we hope that during this session the consensus will prevail in accordance with paragraph one of resolution 75/240. Togo aligns itself with a statement of the Non-Aligned Movement and would like to make the following comments in its national capacity. The various crises facing our world at the moment allow us to gain an ever greater awareness of the importance for the international community of defining a consensus-based legal framework on the safe, secure, peaceful and sustainable use of information and communication technologies. With this in mind, my country’s government, the government of Togo, in collaboration with the Economic Commission of the United Nations for Africa, organised a cybersecurity summit in Lomé on the 23rd and 24th of March 2022. Following the work, the Lomé Declaration on cybersecurity and the fight against cybercrime was adopted. The Lomé Declaration provides various suggested responses to the challenges concerning threats in the area of cybersecurity. It calls for the implementation of a whole set of international relevant legal instruments but also, of course, the ownership of best practices at the international level, including those that could be recommended by the United Nations and the International Telecommunications Union. Specifically, this declaration proposes the creation of an operationalization of authorities, agencies and teams devoted to cybersecurity, as well as strengthening the capacities that they have at their disposal. It also proposes taking into account diverse expertise in decision making, in the existing governance structures in the area of cybersecurity. Similarly, the Lomé Declaration calls for the establishment of dedicated teams on the one hand for gathering and coordinating information about cybersecurity incidents such as the security information and event management, as well as the security operations centers and on the other hand the responses that need to be provided in the case of these incidents, such as the Computer Security Incident Response Teams or the Computer Emergency Response Teams. What’s more, it calls for the creation at the African level of a continental cooperation and mutual assistance body in the case of cybersecurity and cybercrime. Chair, at the national level, I would like to recall that Togo, in 2018 and 2019, adopted laws on cybersecurity and combating cybercrime as well as on the protection of personal data. What’s more, on the 13th of February 2019, the government adopted the decree on the attributions, organization and functioning of the National Cybersecurity Agency. Also, on the 9th of December 2020, it adopted the decree on the organization and functioning of the Personal Data Protection Authority. What’s more, in 2021, the National Assembly authorized the ratification of the African Union Cybersecurity and Personal Data Protection Convention. On the 4th of June 2021, the president of the Republic, His Excellency Mr Faure Essozimna Gnassingbé, inaugurated the Strategic Infrastructure Center for Critical Data, the Lomé data center, and on the third of February 2021, the government launched the work of the first IT attack response and early warning center. Chair, to conclude, I would like to recall what was said by the President of the Republic of Togo, during his address at the Lomé Summit on Cybersecurity, and I quote, only digital cooperation among states in a cyberspace in which universal principles of peace and security, equity, human rights and sustainable development prevail. This seems more and more the essential condition for both benefiting as best possible from the current digital revolution and at the same time, mobilizing all available energies to curb cybercrime once and for all in all its forms and manifestations. Thank you. 

Ambassador Gafoor  

Thank you very much for the statement, I now give the floor to Argentina.


Thank you, Chairman. Since it’s the first time I’m taking the floor, I’d like to thank you for the work that you have been doing, that has brought us to this second substantive session and these informal consultations as well that we held during the intersessional period. And there was also your letter in March, where you suggested items that we could deal with and some guiding questions with regard to what we’d be dealing with during the session, they are certainly very useful for us. Looking at threats, there are very many different things. We have to realize that they don’t arise from the ICTs themselves, but the use that is made of the ICTs. We need to continue to increase our understanding about the gravity of these threats and the damage that they can produce for people and organizations, particularly with regard to personal data being attacked, that can be internationally things can be devastating for international peace. We need to better understand the various impacts that cyber threats have in various sectors of the population and provide responses that are appropriate to these various differences. We also feel it’s important to take into account across the board, throughout the agenda, the existence of the digital divide between countries and within some countries, that constitute a source of instability. Here, cooperation is very important. With regard to preventive measures and response measures that states can take to address current and potential threats there are two essential element, first of all, training of human resources and on the other hand, awareness raising and education at all organizational levels amongst the population. The channels of institutional, public and private communication need to be established and consolidated in order to prevent unfortunate situations and be able to remediate them if they do occur. Then we have critical infrastructure. Public-private cooperation is essential in that regard, particularly since that infrastructure can sometimes be private property or co-managed with the private sector. And here we need to take into account current symmetries between states with regard to their technological wherewithal and there we would highlight the importance of creating incident response networks, where we can share experiences, carry out joint trainings and share best practices in particular cases or mechanisms for cooperation to address individual incidents. And we agree with El Salvador in stating the work of the OAS in addressing these kinds of cases. Chairman, in conclusion, it’s important that we highlight a few things. First of all, the issue of attribution of the malicious use of ICTs. This is one of the spiniest issues and most delicate issues that we have on the agenda. There are various dimensions that we have to address to deal with this. The facility with which people can mask an ICT intervention is a huge aspect of this. We need to have an in-depth debate on this issue in order to increase trust and predictability of cyberspace. And also, we’ve been debating the issue of threats from a normative point of view and capacities and confidence building. While the causes of the problem are probably linked to the design of the communication infrastructure. Discussing the causes of the problem could lead to new debates with regard to how to address them. A technical approach is essential in order to analyze this problem and resolve it. We agree with Ecuador and other delegations with regard to the national contact point networks and the establishment of a stable, multilateral platform, and we also take on board what France has said with regard to the establishment of a Program of Action. Thank you very much, Chairman. 

Ambassador Gafoor  

Thank you very much for the statement. The last speaker on this item is the International Chamber of Commerce. ICC, please. 

International Chamber of Commerce  

Good afternoon and thank you, Chair, for the opportunity to share a few comments on behalf of the International Chamber of Commerce, the institutional representative of 45 million companies in over 100 countries. First of all, let me express our appreciation to you and your team, Chair, for the skillful, inclusive and good-humoured leadership of this process. I would like to share three points today. First, on the cost of cyberthreats, the second on the implementation of the existing cybersecurity framework to counter these threats and third on the role of the private sector. Cyberspace is now an intrinsic part of the development of every country, creating enormous opportunities and enabling everything from distance learning to innovation, economic and societal growth. Given the destructive consequences of cyber attacks on a global scale, it is of no surprise that policy agenda, as the world over, are dominated by conversations around safety and security in cyberspace. These conversations urge a cohesive global approach to curbing cyber threats and enhancing global security and instability. The private sector considers it imperative for the international community to come together and ensure such conversations also inspire concrete action to hold the growing trend of cyber threats on businesses, communities and governments. In December 2021, the ICC released our first cybersecurity issue brief outlining the costs and risks associated with cyber threats. We have submitted this paper as input to the deliberations of this group at its previous meeting, and I thank the Secretariat team for publishing it on the website and making it available to all delegates. Let me highlight just a few of the elements of this paper. Firstly, the cost of global cybercrime alone was estimated in 2020 at 5.5 trillion Euros, up from 2.7 trillion in 2015. Should this trend remain unaddressed, we can reasonably expect another doubling of this cost to 11 trillion by 2030. Alarmingly, cyber criminals are not only nefarious actors citizens are in the business community most defend against, there are also a growing number of states investing in working on destabilizing activities in cyberspace, targeting critical infrastructures and other vital societal functions. Secondly, looking beyond disruptions of critical infrastructures are monetary losses as a consequence of cybercrime. Non- monetary costs are also on the rise. This includes disruptions of the normal activities of business and everyday life as a consequence of attacks, psychological reactions of individuals, both potential and actual victims that can lead to withdraw from or reluctance to engage with digital technologies, and wider technological innovation. And third, the change in organizational behaviors as a response to growing cyber threats, while many organizations are investing in improving their cyber preparedness, also many choose to shut down or scale down their online presence or not fully embrace digital technologies out of concern that they cannot adequately protect themselves from cyber attacks. In the light of these both monetary and non-monetary costs, bold and decisive action to curtail malicious cyber activities is no longer an option, it’s a necessity. Governments must control and help reverse the tide of deteriorating cybersecurity and cyber safety conditions and fully implement the existing and agreed cybersecurity framework. Chair, this morning, the International Chamber of Commerce hosted a business-government roundtable that discussed the implementation of the existing cybersecurity acquis. We will be sharing a summary of this discussion for the working groups attention but let me just highlight one idea among the many that were mentioned this morning: the need of common implementation framework of the existing acquis. On the model of the Sustainable Development Goals, these could be thought of as the cyber development goals or the CDGs that would define the necessary technical, legal and policy framework and capacities needed for implementation and inspire collective action. CDGs could include goals, such as but not limited to, developing and keeping up to date national cybersecurity strategies, establishment of Computer Security Incident Response Teams or Computer Emergency Response Teams, foster enabling environments to combat cybercrime and for cyber capacity building, raising awareness and building capacity of end users, establishing common attribution standards, developing and publishing cyber deterrence doctrines and many others. CDGs would be primarily a capacity building instrument at the national state level and will depend on the states’ commitment to systematically track and report implementation. This would bring clarity to what remains to be done to implement the existing cybersecurity framework in all states and allow the development of targeted capacity building programs to address any challenges to implementation or gaps in capacity. Last but certainly not least, Chair, I would like to highlight the importance to ensure that all stakeholders can meaningfully participate in cyber policy development. The private sector invests heavily in developing and deploying security technologies. The private sector is also expanding preventive actions, such as the security of the software supply chain and critical infrastructure protection. In 2020 alone, spending on cybersecurity was estimated to surpass $150 billion, which is more than 12% increase over the previous year. In addition, business spends significant time and resources supporting and collaborating on initiatives to promote norms for responsible uses of technology and formation. This is a significant role that the private sector plays in the development and maintenance of technology and should be met with inclusion of the private sector in all discussions of norms and their implementation. States alone cannot effectively implement the cybersecurity acquis without the rest of society. While making the ultimate decisions is the prerogative of member states, businesses and all other non-governmental stakeholders must be a meaningful part of formal and informal processes at the Open-ended Working Group and all other relevant processes and discussions on the topic. We remain disappointed that this group has not yet reached an agreement on the participation of stakeholders and urge all delegations to support the efforts of the Chair and his team to allow the breadth and experience of non-governmental stakeholders to be meaningfully brought into this conversation, and ensure that we can work together towards concrete and actionable solutions. The International Chamber of Commerce and its global network remains committed to providing continued support and meaningful business contribution to the working group. Thank you for this opportunity to address the meeting. Thank you, Chair. 

Ambassador Gafoor  

Thank you very much, International Chamber of Commerce for bringing the voice of the private sector into our room and into our discussion. And thank you also for your idea of Cyber Development Goal as an instrument for capacity building. I also look forward to receiving the report of your roundtable that you said was held earlier today. Thank you very much overall. Delegates, I don’t have any other requests for the floor and it’s almost time for us to wrap up for the day. I certainly do not want to give a summary but this has been a very, very good day with very good discussions, with many, many detailed and thoughtful statements, which just comes to make the point that we indeed need a platform like this, to have this kind of conversation in a multilateral context and to share ideas. I was very pleased with the constructive tone and very positive spirit that all the statements brought into the discussions. I was also very happy that different delegations were echoing the statements made by others, supporting or referencing statements made by other delegations, which comes to show that there is a fair degree of convergence already in terms of some of the ideas and proposals, which leads me to believe that at least on this sub-topic, we have material to capture for an annual progress report. I’d like to assure you that, from the podium, we have been taking careful notes myself as well as the Secretariat and my team. But in addition to that, after each session we do go through, my team and I, go through the video playback of the whole session to make sure that we have not missed out any statements, which is what we did for the December session and we will do that again. I am mentioning that because notwithstanding the informal mode of our meeting today, I want to assure all delegations that your statements will be carefully taken note of. It has been carefully listened to and we will certainly reflect on all the statements that we’ve heard today. Tomorrow, I’d like to continue with agenda item five. It goes without saying that we are behind schedule. But tomorrow morning, I’d like to begin with the sub-item on rules, norms and principles of responsible behavior of states and the ways for the implementation and, if necessary, to introduce changes to them or elaborate additional rules of behavior. After that, we will go to the sub-item of Agenda Item five, relating to how international law applies to the use of ICT by states. Now, today, I recognize that because it’s the first statement in the group for many delegations, it became to some extent, a general statement or an introductory statement. Tomorrow, I’d like to encourage delegations to be a bit more succinct, a bit more focused so that any aspects that are descriptive of, say, national policies, is something that perhaps you can circulate or upload on e-delegates but use the time in the meeting to share very specific ideas and proposals in your statement. If that is done by all delegations then we can hopefully go through the two sub items, and if we have extra time, we can even start a discussion on Confidence Building Measures, but that may be perhaps too optimistic at this stage. But certainly, I think we all need to catch up on time. Even though the program of work is not adopted, it’s still a guide as to where we need to be and I hope that we can continue our work tomorrow in the same positive and constructive spirit. And I’d like to at this point resume the formal meeting of the substantive session and adjourn the meeting, and I wish you all a pleasant evening. See you tomorrow at 10 am. The meeting is adjourned.

Leave a Reply

Your email address will not be published. Required fields are marked *