Agenda item 5: Day 1 Afternoon session

Global stakeholders convene at OEWG session to tackle escalating cyber threats and reinforce international cybersecurity cooperation

The second meeting of the Seventh Substantive Session of the Open-Ended Working Group (OEWG) on Security of and in the Use of Information and Communication Technologies convened to discuss the organization of work and substantive issues related to the security of ICTs, as mandated by General Assembly Resolution 75-240 and as outlined in the Programme of Work. The session focused on existing and potential threats in the sphere of information security, with discussions set to continue in the afternoon.

The European Union highlighted the increasing cyber threat landscape, particularly the blurring lines between state-sponsored and criminal cyber activities. The EU stressed the significant threat posed by ransomware, especially to critical sectors like healthcare, and its implications for international peace and security. The EU’s commitment to tackling cybercrime, strengthening cross-border law enforcement cooperation, and building resilience against ransomware was affirmed.

Qatar emphasized the importance of cybersecurity and shared its success in hosting the Web Summit, which contributes to technological and educational development. Qatar also mentioned its guidelines for the safe use of AI, underscoring the interconnected and complex nature of cybersecurity risks.

Portugal, aligning with the EU, discussed the credible threat posed by hostile cyber activities to prosperity and democratic institutions. The country highlighted the importance of building resilience to prevent and recover from cyber attacks, noting the role of AI in leveling capabilities across threat actors.

Uruguay stressed the importance of international cooperation and technical assistance to address the challenges posed by AI in developing countries. The country is working to strengthen its CERT and utilize AI to improve incident detection and response.

Belgium, also aligning with the EU, condemned malicious cyber activities targeting the health sector and emphasized a victim-based approach to cybersecurity. The country discussed the intensifying cyberthreats and the need for concerted international efforts to safeguard cyberspace.

Australia spoke about the relevance of the OEWG in exploring and addressing threats that have serious implications for international peace and security. The country highlighted significant cyber incidents that disrupted critical infrastructure and essential services, emphasizing the need for practical actions and partnerships to mitigate evolving risks.

Latvia, aligning with the EU, supported in-depth discussions on existing and potential threats and the importance of international cooperation to defend against new cyber threats. The country advocated for a future permanent UN mechanism to continue discussions on the evolving threat landscape.

Cuba highlighted the increasing diversity and complexity of threats in cyberspace and the need for multilateral discussion to respond effectively. The country reiterated the importance of adopting binding norms to supplement international law in the area of cybersecurity.

The Russian Federation expressed concerns about increased risks of interstate conflicts caused by the use of ICTs for purposes contrary to the UN Charter. The country emphasized the need for a universal legal instrument to regulate state behavior in the digital environment.

Italy, aligning with the EU, discussed the importance of continuing to deepen the understanding of cyber threats and the need for international cooperation to combat ransomware and other cyber campaigns.

The United States emphasized the range of cyber threats, including critical infrastructure intrusions and ransomware attacks. The country highlighted the need for international cooperation to address these threats and the importance of engaging with non-state stakeholders for their expertise.

El Salvador, Greece, the Republic of Korea, the Philippines, Kazakhstan, Albania, Singapore, Pakistan, Japan, Ireland, Georgia, the United Kingdom, Mexico, and Canada also provided statements, sharing their national experiences and perspectives on the cyber threat landscape. They discussed various concerns, including the misuse of AI, ransomware, state-sponsored cyber activities, the protection of critical infrastructure, and the need for capacity building and international cooperation to address these challenges.

The session underscored the importance of a multi-stakeholder approach to advancing cybersecurity, with the private sector playing a crucial role as the owner of much of the critical infrastructure. The discussions highlighted the need for states to work together to build a consensus on addressing cyber threats and to find common ground in enhancing cybersecurity and stability in cyberspace.

Chair:
Thank you. The second meeting of the Seventh Substantive Session of the Open-Ended Working Group on Security of and in the Use of Information and Communication Technologies established pursuant to General Assembly Resolution 75-240 is now called to order. This morning we have completed Agenda Item 3, Organization of Work, and we can therefore proceed to Agenda Item 5, which is Discussion on Substantive Issues Contained in Paragraph 1 of General Assembly Resolution 75-240. We will start our discussions this afternoon in accordance with the Programme of Work by looking at the topic of existing and potential threats in the sphere of information security as it is outlined in the Programme of Work. There is no pre-established list of speakers, and I will invite delegations to press the button if they wish to be given the floor, and I will give them the floor in the order of inscription as they appear in the electronic console in front of me. If you are speaking on behalf of a group, to let me know in accordance with UN practice. We will let those who are speaking on behalf of a group to make their statements before national interventions. I would also like to advise you to be as succinct as possible in terms of addressing the guiding questions as well. I invite you to do so, and if you have a longer intervention that you wish to share with the group, you could choose to deliver an abbreviated version that highlights the key points of your statement and make your statement available to all members through the Secretariat, which will put them on the website. So you do have that option as well. I would also encourage delegations to avoid making similar points that might have been made already at our last session in December. The idea is to build on our discussions from December so that the conversation that we have begun last December will continue this afternoon. At the end of the week, we will then see how to organize our intersessional session in May so that we can continue to build on the discussion this week. This is how we have to painstakingly have a conversation, identify common elements, build convergence, and find consensus. That is the task that is before us. You have the floor, please, EU.

European Union:
Thank you, Chair. The candidate countries North Macedonia, Montenegro, Albania, Ukraine, the Republic of Moldova, Bosnia and Herzegovina and Georgia, as well as Andorra and San Marino aligned themselves with this statement. Chair, the EU remains concerned by the current cyber threat landscape. A key trend we are observing year on year is the blurring of the lines between state-sponsored and criminal or financially motivated actors. We remain particularly concerned that the threat of ransomware and hiring of ransomware as a service continues to target critical sectors such as healthcare, both in the number of incidents but also in its impact on health organizations. The impact of such ransomware incidents has been seen to rise to the level of international peace and security. According to the analysis conducted by the European Union Agency for Cyber Security of the cyber threat landscape of the health sector in the EU, 43% of ransomware incidents are coupled with the data breach or data theft, while disruptions are often common effect of the attack. We expect this trend to continue. The EU remains committed to tackle cyber criminals by strengthening cross-border law enforcement cooperation against ransomware and continue to support operators of essential services to increase their resilience. Similarly, we work with partners from both public and private sector to reshape the cyber environment so that we are better equipped to combat ransomware. It must be our joint commitment to build out our toolkit. for corrective resilience to ransomware. And we welcome other delegations sharing their insight and their experiences, helping to fill the gaps in that landscape. In addition to the rise of ransomware as one of the main challenges, the EU is concerned about the significant threat, particularly with regard to critical infrastructure and critical cyber systems, coming from state actors that seek to gain political or economic advantage from coercive action in cyberspace. Chair, year 2024 will bring more elections to more people than any year in history, with more than 40 countries and more than 4 billion people choosing their leaders and representatives through the right to vote. Therefore, the EU and member states are concerned about the number of malicious cyber activities targeting government institutions as well as democratic processes, as it undermines stability and security and erodes trust in the outcome of democratic elections. End of 2023, the European Union joined the United Kingdom and other international partners in expressing serious concerns about attempts to use cyber operations to interfere with democratic processes and institutions. We must continue to address malign cyber activity and enhance accountability of actors that conduct contrary to the international obligations and expectations. Chair, making networks and critical infrastructure secure requires competent domestic strategies, but it also requires a willingness among governments to use ICTs responsibly. In 2022 annual progress report, we noted that threats have continued to intensify. and have involved significantly in the current challenging geopolitical environment. In 2023, we recalled that the number of states are developing ICT capabilities for military purposes and that the use of ICTs in the future conflict between states is becoming more likely and expressed concern that ICTs have already been used in conflicts in different regions. We all witnessed cyberattacks carried out by Russia, launching its large-scale war of aggression against Ukraine. In this regard, we call on the Open-Ended Working Group to reaffirm that in the context of armed conflict, ICT activities that affect civilian objects, infrastructure, and services, including humanitarian organizations, the provision of healthcare is covered by the rules of international humanitarian law, which parties to any armed conflict must abide by. Moreover, when resorting to the use of ICTs in the context of an armed conflict, states should consider the increased risk of spillover effects, potentially affecting, among others, food and energy supply and resulting in a further escalation of the conflict. They must also consider the increased risk posed by the blurring of the principle of distinction with regard to the ICT activities conducted by civilians in the context of armed conflict. Finally, the multi-stakeholder approach has been described by most of us in this room as critical to advancing cybersecurity. Stakeholders, notably the private sector, own much of the critical infrastructure on which our societies are based, and they are therefore also our first line of defense against malicious cyber activities. Their perspectives on the threat landscape are therefore vital in informing the work of the open-ended working group. Chair, we thank you for convening all interesting stakeholders to an informal dialogue last week and hope that throughout this week stakeholders will be able to continue to share their views, including to share their experience of these cyber-threats to international peace and security and that their input is meaningfully reflected in an eventual report. Thank you.

Chair:
Thank you very much, European Union, for your statement. Give the floor now to Qatar to be followed by Portugal. Qatar, please.

Qatar:
Honourable Chair, at the outset we would like to renew our thanks to you for leading the open-ended working group on the security of and in the use of ICTs. We would like to renew our trust in your leadership and we emphasize that we will collaborate with you to achieve our aspired goals. We would like to take the opportunity of our presence here to enhance the role of cybersecurity. We would like to share with you the success we have had in holding the Web Summit in 2024 in Doha. It is the biggest event of its kind in the Middle East and Africa. We were happy to see more than 15,000 participants from over 118 states around the world, and this included a number of start-ups and specialists in the field of technology. This is part of our efforts in Qatar to build bridges of collaboration in the fields of technology, AI, education, and business development, in addition to fostering cooperation. the relevant body’s abilities in order to make Qatar the mecca of technology and innovation in the Middle East. And we will continue to host the Web Summit for the next four years, and we appreciate the participation of the states that were there and aim to have more participants. We have discussed some certain matters in the previous substantive session, including the importance of discussing the increased use of emerging threats and other AI technologies. Under my chair, the state of Qatar has launched the guidelines on the application and safe use of AI, and this is during the conference on the safe use of AI that was hosted in Doha on the 20th of February 2024. This came in order to keep up with international efforts aiming to enhance regulations on the governance of AI and to fill security gaps in that regard. These guidelines for the safe application and use of AI included security and privacy and moral considerations. And this is through working on parameters on the basis of people, technology, and mechanisms of work. This is in order to help local users and end users to use AI technology safely. These guidelines also included a special section dedicated to gen AI. In conclusion, we consider current or potential cyber security risks to be interconnected and complex. And this means that the relevant risks need to be studied carefully in order to reach a solution for their safe use. We also emphasize that cyber security is a joint responsibility that requires consolidated efforts in order to work on international standards and principles guiding their responsible use and in order to guide modern technologies in the field of ICT and their use. Thank you.

Chair:
Portugal, to be followed by Uruguay. Portugal, please.

Portugal:
Thank you, Mr Chairman. This being the first time I take the floor, I would like to commend the preparatory work for this session, which you have once again coordinated and submitted to our attention. This open-ended working group has been remarkably conducted by you since 2021, and the results we have achieved thus far attest to the very high ambition you have been able to show. In this regard, I would especially like to thank you for your very balanced discussion papers, which you have circulated on practical actions for the implementation of the voluntary norms of responsible state behaviour in cyberspace, and on the future permanent mechanism for regular institutional dialogue. Now on threats. Portugal would like to add a few comments of her own to the EU intervention, which we fully subscribe. Over the years, hostile cyber activity and operations has proved to be a real and credible threat to the prosperity which digital transformation has already brought forward, and no less to the integrity of our democratic institutions and to the level of thrust of our citizens in them. The sophistication and offensive capabilities of hostile cyber actors, which has included developing increased anonymisation methods, has meant that governments have had to invest in building their resilience and the resilience of their societies to both prevent and recover from these attacks. AI has emerged as a great leveller of capabilities across multiple threat actors. providing unsophisticated operators with a new degree of possibilities, as well as allowing rogue states to exploit this technology for the benefit of their offensive cyber programs. Specifically, the role played by cyber-criminal groups, either motivated by profit or ideology, has increased the complexity of the cyber-threat landscape. In the past, ransomware groups have disrupted hospitals and public and private services, causing a certain degree of institutional alarm in Portugal, as I reported to you in March last year. Today, the landscape is similar, although cyber-criminal groups have demonstrated the capacity of continuously evolving the tactics that allow them to achieve their primary goal of maximizing profits. Whilst elements and characteristics of these groups may differ, it is crucial that cyber-criminal groups are not allowed to operate without accountability and with impunity, for which international cooperation becomes of the utmost importance. Against the norms repeatedly endorsed by the General Assembly to promote responsible state behavior online, directly and indirectly, the state-cybercrime nexus poses a challenge to our mutual peace and stability in cyberspace. Still, recent international law enforcement actions against ransomware actors, in some of which Portugal has participated, have allowed us to identify a shift in this landscape which worries us. In the long run, the threat actors will probably be more conscious of possible law enforcement activity and will opt out from actions that will make them liable to identification and prosecution or sanctions. We reckon that a substantial transfer of these threat actors to other areas of lower-risk cybercrime, such as large-scale CEO fraud or BEC attacks, is highly likely and should be countered through higher levels of cooperation among all our criminal investigation authorities, in compliance with the future UN Convention to Combat Cybercrime, which we hope will eventually be agreed this semester. Thank you, Chair.

Chair:
Thank you very much, Portugal, for your statement. Uruguay, to be followed by Belgium. Uruguay, please.

Uruguay:
Thank you. Thank you very much, Mr. Chairman. This being the first time that my delegation takes the floor, we would like to express our best wishes to you on developing this new substantive session. We reaffirm our gratitude for preparing several working papers, such as the guiding questions, and we recognize the important work done by the Secretariat in assisting us during this process. In the framework of Resolutions 28 and 2613 of the Human Rights Council and Resolutions of the General Assembly 68-167 and 69-166, Uruguay believes that given the threats which arise from the malicious use of ICTs, states must react to promote, protect, and ensure, firstly, human rights in cyberspace, as well as the right to privacy in the digital era. For this reason, we welcome the working paper prepared by you, Mr. Chairman, on practical measures for the implementation of non-binding voluntary and responsible norms for states in the use of ICTs, and specifically, I refer to the proposal in Norm E. We also view favorably the proposal in Norm H, which motivates states to respond to requests for assistance by another state whose critical infrastructure has been the object of malicious acts through ICTs with respect for their sovereignty and in the framework of the good faith that must characterize relations among states. Mr. Chairman, on the question of existing and potential threats, my delegation wishes to highlight the progressive importance of artificial intelligence on topics having to do with ICTs. It is essential to increase international cooperation, technical assistance, and transfers of technology on the challenges posed by AI in developing countries, especially having to do with know-how and capacity building. In the framework of lines of action in our country with regard to cybersecurity, Uruguay is strengthening its CERT. It’s multiplying its monitoring capacity, and it is reducing times of detection and response to incidents. This means risk reduction and significant savings. We are also working to have automatic incident response and to use artificial intelligence to detect patterns and to incorporate data analytics for projections and anticipation of incidents. AI must enhance the capacities of a human being. It must improve the quality of life of individuals and add value to human activity. The solutions through this tool must serve the general interest, guarantee inclusion and equity. Uruguay supports AI being used in a transparent manner, using algorithms and utilized data, and knowing the proof and validations that have been made. We have made progress through concrete actions nationally, preparing a national strategy on AI and promoting ethical principles in this field. Thus we affirm that ethics in the use of AI is something that states must promote, as well as the development of systems which, throughout the life cycle of AI, respect human rights and the damage that may be caused to the environment. Thank you.

Chair:
Thank you, Uruguay. Belgium, to be followed by Australia. Belgium, please.

Belgium:
Mr. Chair, my country aligns with the statement delivered by the EU. We wish to stress the following element in our national capacity. On 29 January 2024, the European Union and its Member States expressed solidarity with Australia on the impact of malicious cyber activities against the health sector, notably against a major health service provider. Dozens of records containing personal information, including names, dates of birth, social security number and sensitive medical information were stolen, and some published on the dark web. Since the COVID-19 pandemic, the health care sector has been increasingly targeted by malicious cyber activities, leading to thefts and leaks of personal and sensitive data, as well as the disruption of health care services. We believe that our work should also take into account a victim-based approach. People and individuals are suffering from cyber attacks. People die in hospitals because of ransomware or cyber attacks. People are deprived of basic services because of cyber attacks on critical infrastructure. We should also put the victims of cyberattacks, human suffering, and its humanitarian impact at the center of our attention. Therefore, we recommend to envisage a victim-based approach in our work. In that regard, Belgium recommends the creation of a Committee on Victim Assistance as an action-oriented instrument. We stress it at each of our sessions, Mr. Chair, but this is the evolving reality we find ourselves in. This last year’s cyberthreats have further intensified and gained in complexity, with new threats emerging on a global scale and innovative methods being employed to exploit vulnerabilities, particularly in critical infrastructure. Ransomware has grown in both scale and sophistication, and the development of large-language models and generative AI systems have lowered the barrier of entry for cybercriminals and opened new doors for malicious activities such as fraud, misinformation, and deepfakes, enhanced cyberattack capabilities, and detection evasion. This increasingly complex global threat landscape underlines again the urgency for concerted international efforts to enhance cybersecurity and safeguard cyberspace, and stresses the fundamental character of the threat pillar of our group’s work. The continuing increase in incidents involving the malicious use of ICTs by state and non-state actors is cause for major concern, particularly in the current challenging geopolitical environment and in light of the Russian aggression against Ukraine for more than two years. We reaffirm our support to Ukraine. As cyber incidents are still taking place at rapid pace in different regions of the world for political reasons, or criminal reason, we are deeply convinced that the work of the Open Ended Working Group on Responsible State Behavior in ICT is absolutely meaningful. We appreciate, therefore, our support for a program of action dealing with implementing the framework for responsible behavior in cyberspace. We also find particularly important the threat to political and electoral processes. In 2024, 40% of the world population in more than 40 countries will vote. Together with the EU, Belgium strongly condemns malicious cyber activities targeting democratic institutions and electoral processes. We closely monitor any attempts of cyber attacks on our democratic processes, especially in the context of the upcoming European and national elections. As pressure is mounting on democracy globally, we continue assisting and working with partners against these ongoing cyber threats. Activities that seek to threaten our integrity and security, democratic values and principles, and the co-functioning of democracies are unacceptable, accountability is key. Those activities are contrary to the norms of responsible state behavior in cyberspace, as endorsed by all UN members. We continue to promote due diligence and responsible state behavior in cyberspace, and call upon all states to comply with these norms and principles. Finally, another topic of concern is tackling the proliferation and irresponsible use of commercial cyber intrusion capabilities. This growing market vastly expands the potential tools pool of state and non-state across actors with access to commercially available cyber intrusion capabilities, and increases the opportunity for malicious and irresponsible use, making it more difficult to mitigate and defend against the threats they pose. These threats, including to cyber stability, human rights, national security, and the security and digital security at large are expected to increase over the coming years. We thank UK and France for the successful launch of the Palmal process, Belgium joined the final declaration, this multi-stakeholder approach will increase accountability. I thank you for your attention.

Chair:
Thank you very much, Belgium, Australia to be followed by Latvia.

Australia:
Thank you, Chair. The relevance and value of our open-ended working group relies upon us candidly exploring and addressing the threats, both existing and emerging, that have serious implications to international peace and security in cyberspace. As these threats evolve, we must look to our agreed framework to guide practical actions, partnering with stakeholders and the private sector to mitigate evolving risks and build our resilience. In recent years, we’ve seen significant cyber incidents take down critical infrastructure and disrupt essential services and government operations in Australia and across the Pacific. In Australia, ransomware attacks disrupted telecommunications, transport and seaports. As mentioned by Belgium, a heinous attack on our healthcare sector exposed the personal information of millions of Australians. It’s taken us 18 months to hold the perpetrator to account. In the Pacific, an attack on a government payment system left staff unpaid. In another Pacific country, an attack caused a country’s biggest hospital to go back to using pen and paper. Whether we are big and small, developed or developing, we are facing the same threats, but cyber threats are context-specific. That is, a difference in capacity can impact vulnerability too, and the impact of malicious cyber activity. Since this group was established… We’ve witnessed artificial intelligence evolve from beta versions of machine learning systems available only to large corporations to easily accessible LLM applications on every phone and device. Australia was particularly struck by the focus on threats and the threats posed by emerging technology and artificial intelligence at last week’s cyber stability conference hosted by UNIDR and the breadth of work occurring across the UN and in other forums on the evolution of AI. The OEWG should not ignore this trend and should look to address it but only as it relates to our mandate that is how AI systems can exacerbate and increase the scale and severity of malicious cyber activity. From AI enabled ransomware botnets and spear phishing to the security of AI systems themselves, how models can be manipulated and poisoned and how our social financial and government use of AI systems increases the attack surface creating potential vulnerabilities and attractive targets for cyber attacks. As we integrate more technologies into our lives we become more susceptible to malicious cyber activities and it is always the most vulnerable that are at highest risk. We know that women and girls, people of diverse genders and sexualities and people with disabilities face disproportionate levels of cyber and tech facilitated harm. The malicious use of AI technologies can replicate and amplify offline discrimination against women online increasing its audience reachability and the vulnerability of the end user. But artificial intelligence is not the only tool making it easier and cheaper than ever before to perpetrate a cyber attack. The growing commercial market for cyber intrusion capabilities enables the development facilitation and purchase of sophisticated cyber capabilities by state and non-state actors in a way that vastly expands the risk of malicious and irresponsible use. We see a worsening and more complicated cyber threat environment. The pre-positioning of cyber capabilities on civilian critical infrastructure, such as industrial control systems where there is no justifiable reason for cyber intrusions, has the potential to cause disruptive and cascading effects throughout societies. Cyber operations targeting democratic institutions undermine trust and confidence in political and electoral processes and public organisations. And there is a clear link between the use of ransomware tools to perpetrate financial crime, including cryptocurrency theft, to directly fund programs to create weapons aimed at undermining our efforts towards global stability and disarmament. Critical markets for intrusive cyber capabilities, growing reliance on AI, and sophisticated tools for the targeting of critical infrastructure all create an environment that is ripe for exploitation and destabilisation. Yes, we must all build stronger cyber resilience, but we must also set clear limitations on such capabilities. When implemented and adhered to, our framework provides the necessary limitations and guardrails to help address these threats. Many of the tools and techniques that contribute to an unpredictable threat environment also have legitimate uses and can provide benefits and security under the right circumstances. But resilience must be complemented with restraint. The recognition that states have legitimate rights to develop and use certain cyber capabilities must go hand in hand with the recognition that states are obliged to ensure that these capabilities are used with restraint. That is, all cyber capabilities must be designed, developed and used in accordance with international law and the agreed norms of responsible behaviour. and restraint requires transparency. We must all consistently demonstrate that our use of cyber systems, tools, networks, and emerging technologies is in accordance with the framework of responsible state behavior in cyberspace. We must also make a collective commitment to implementation. This can be achieved through cyber cooperation and capacity building efforts, which are more targeted, impactful, and sustainable to prevent cyber incidents and improve the ability to recover quickly when they occur. These and other threats described by colleagues here today and in past sessions provide the context through which the work of this group becomes meaningful. The remainder of our discussions on recommendations and proposals for responsible use of cyberspace and technology must be concretely and specifically linked back to the threats we identify. And Australia hopes these threats will be comprehensively reflected in our next annual progress report. Thank you, Chair.

Chair:
Thank you, Australia. Latvia to be followed by Cuba.

Latvia:
Mr. Chair, we fully align with the EU statement. Following remarks are in our national capacity. We all can conclude that cyber attacks are becoming more sophisticated, destructive, and frequent than ever in modern interconnected world with digital societies. We are also going through major changes in security environment, witnessing EU Security Council’s permanent members rushes on provoked full-scale military aggression against Ukraine. Therefore, answering the first guiding question by the Chair, we fully support a need for more in-depth discussions on existing and potential threats as envisioned at the intersessional meeting in May. We highly appreciate Chair’s commitment to invite experts to these discussions as their knowledge is unique considering the role of private sector in responding to cyber threats. AI and quantum computing as emerging technologies and therefore their impact on cyberspace is of particular interest for us to be discussed among states and experts both from business and academia. Malign actors have significantly increased risk of psychological assault and have improved social engineering methods. For example, by becoming increasingly efficient when using AI to produce and send high quantity of messages. It can be predicted that the number and intensity of cyber scams will continue to increase putting individuals and organizations at a greater risk of financial loss, identity theft and data breaches. Another important category of risks is related to the use of AI generated content for disinformation purposes. These challenges are particularly relevant in the context of preserving integrity of democratic processes including elections. However, the development of AI technologies presents not only threats but also opportunities. The good news is that smart investment in AI can result in better protection capabilities and better tools to fight cyber threats and build resilience. Constant attention and coordination among all stakeholders will be required to stay ahead of the curve. and to ensure that cyber risks by AI are timely countered. In relation to the second question posed by the chair, we support further discussions on Kenya’s proposal on the threat repository that could raise our common understanding of current and future cyber threat landscape. Due to borderless nature of cyberspace, threats to cyberspace can be addressed more efficiently when states cooperate. States can better defend against new cyber threats, protect sensitive data, and maintain resilience in the face of changing cyber threats by proactively improving their cyber security posture. We see Kenya’s proposal as a potentially useful building block of coordinated global approach, resulting in more stable and secure cyberspace. Mr. Chair, in our perspective, to ensure continuity of our work, a future permanent UN mechanism built upon program of action initiative would be the appropriate platform for continued discussions on the evolving threat landscape in the changing international security environment. Thank you.

Chair:
Thank you, Latvia. Cuba, followed by Russian Federation. Cuba, please.

Cuba:
Thank you, Mr. Chairman. We join in the thanks expressed to you for your work in leading the open-ended working group. Mr. Chairman, unfortunately, threats in cyberspace, far from being fewer or increasing, they also become more diverse and complex technically and have a growing impact on states and peoples. To those threats already well known in this group, we can add those which depend on the inadequate use of AI, the growing market of zero-day vulnerabilities, and the systemic proliferation of vulnerabilities related to the use of open source software, among others. The threats today become an industry, and because of their dividends, they’re among the major gains. This has overcome the capacity of states to face up to them and to mitigate their effects. The multilateral discussion of them does not respond with the necessary effectiveness as demanded by mankind because of its urgency. Our delegation reiterates positions well known already expressed at previous sessions, but additionally, and in order to contribute to the spirit of expediency which is required, we will mention a few points based on the non-exhaustive questions you have circulated. While it is true that together with the development of technologies, there may be new threats which even use these new technologies in their development and scalability, we also must assume that risk management and mitigating the harmful consequences of cyber attacks are based on pillars which have already proven their effectiveness in practice, such as, Number one, the responsibility of states in having cyber security ecosystems which ensure systematic proaction and the organization of effective mechanisms of cyber resiliency. Number two, cooperation among states as the only alternative to reduce existing gaps. on the basis of respect for national sovereignty, without any conditions, and centered on the objective needs of the peoples. Such cooperation must be based on funds managed by the United Nations with total transparency and equity. Peoples need technologies, skilled labor force, methodologies to build their resilience with sovereignty, and not politicized doctrines which draw attention away from the essence of the real and potential and existing threats which exist. Number three, the development of formative technological communications and regulatory capabilities addressed to all sectors and actors involved in the economic and social life of nations. Mr. Chairman, the OEWG is the appropriate forum, but not the only one, in which to discuss threats and their impact. Only fora and events with a broad participation of all interested parties are laudable spaces for a technical debate of the subject, given its particularities and complexity. What should not be avoided in the analysis of the OEWG is how states will face these threats with an approach of national and international responsibility. This, in our view, inexorably leads to adopting binding norms to supplement applicable international law and to respond to legal gaps in the area of cybersecurity. Thank you.

Chair:
Thank you very much, Cuba. Russian Federation, to be followed by Italy. Russian Federation, please.

Russian Federation:
Mr. Chair, colleagues, we extend greetings to all participants of this meeting of OEWG on security in the use of ICT. The current state of international relations in the area of information and communications technologies contains increased risks of interstate conflicts caused by the use of such technologies for purposes contrary to the UN Charter. This is because a number of countries consider the information space not as an environment for economic and technological development, but rather as an arena for geopolitical confrontation. They use ICTs in military, political, and other domains to undermine or infringe upon sovereignty, violate territorial integrity of states, interfere in their internal affairs. The situation is further exacerbated by the possibility of disproportionate threat responses. To accomplish offensive actions, specific means are used to organize large-scale intelligence operation in the information space of other countries to disseminate through ICTs information that’s harmful to the socio-political, economic, spiritual, moral, and cultural life of states. Of particular concern is the rapid growth in the number of computer attacks on critical facilities. Among the major methods for such subversive activities are social engineering tools, mass mailings with malicious attachments, denial of service attacks, bribing users with a view to obtaining information about the specifics of information systems or gaining access to databases containing data on private individuals, embedding cryptoviruses through email attachments and exploiting software vulnerabilities, scanning official websites of state institutions to find vulnerabilities and to gain access to source codes of such websites. So-called false flag computer attacks pose a serious danger. They are conducted in order to be able to accuse another state. It is difficult to accurately identify the sources of such attacks. And there is no universal methodology for determining perpetrators. In this situation, political decisions regarding the use of ICTs may carry additional risks to international peace and security. The Russian Federation has already drawn the attention of OEWG states to other threats contained in the concept of the UN Convention on Ensuring International Information Security, submitted as an official document. to the 77th session of the UN General Assembly. To name some of these threats, I should cite monopolization of ICT markets by certain states and or with the assistance of private companies, unjustified accusations launched by some states against other states with regard to unlawful activities using ICTs, placement of computer attack tools in the information space of states that is freely accessible, the use of ICTs to undermine basic human rights and freedoms exercised in the information space. Most importantly, the right of a person to his or her privacy. In order to counter these threats, it’s important to direct the efforts of the world community to creating under the auspices of the United Nations an information security system in accordance with General Assembly Resolution 7736 and Resolution 78237. Such a system, in our view, should be based on the principles of prevention and peaceful settlement of disputes, sovereign equality of states, indivisible security. To ensure the efficient functioning of such an international information security system, it’s necessary to develop a universal legal instrument that would regulate the behavior of states in the digital environment. Mr. Chair, some participants in the Open-Ended Working Group have tried to politicize our discussions right from the start. We would like to call on all delegations to approach our work constructively if unjustified accusations. continue to be leveled against our country, we will respond. Thank you very much.

Chair:
Thank you, Russian Federation. Italy, to be followed by the United States. Italy, please.

Italy:
Since it’s the first time that I take the floor, I would like to thank you, Mr. Chair, for having convened this session, for your commitment for the papers we have circulated. We also want to express our gratitude to the Secretariat and the supporting team. Italy fully aligns with the statement delivered by the European Union. We wish to add the following elements at national level. As stated in the last APR, it is of the utmost importance to continue deepening the understanding of existing and potential threats, raise awareness, and further develop and implement cooperative measures. We are particularly concerned by the increasing malicious cyber campaigns in connection with the current geopolitical situation. Such campaigns deploy sophisticated and advanced technologies and are mainly carried out by cyber criminals, state nexus actors, and activists. Many of these campaigns target European and national organizations, governments, companies, and civil society, undermining our democratic values and security. Elections will take place in more than 40 countries this year. Italy joins partners, expressing concerns by attempts to use cyber operations to interfere with democratic processes and institutions. ransomware continues to be of the utmost importance and one of the top cyber threats, not only for Europe, but for all, costing billions of dollars in damages globally and raises increasing concerns. Italy remains committed to taking actions to combat this phenomenon, which requires international cooperation. We support and encourage existing initiatives, such as the Counter-Ramsomware Initiative, which is trying to tackle ransomware through a collective, coordinated and comprehensive approach. We would also like to recall the solidarity expressed to Australia on the impact of cyber attacks against its health sector. Since the COVID-19 pandemic, the healthcare sector has been increasingly targeted by malicious cyber activities, leading to thefts and leaks of personal and sensitive data, as well as the disruption of healthcare services. It is particularly hideous when the most vulnerable are targeted. Phishing and the spread of malware via email are also among the most frequently encountered vectors, and with the advent of AI-based tools, we expect increasingly credible phishing emails, especially considering the ability of these systems to generate text corrected in various languages. While offering many opportunities, AI applications present also risks. The rapid development and deployment of AI tools might be used to pursue malicious activities or provoke serious harm. We need to work together to continue advancing the safe, secure, trustworthy artificial intelligence and digital technologies, in line with human rights respect and democratic values. We believe that the dissemination and monitoring of G7 principles and codes of conduct may be instrumental to this common objective. We consider that all these threats to the security of ICT systems shall be further analysed within the OEWG context. Italy believes that a comprehensive approach with full participation and positive involvement of the private sector It’s crucial to make sure that ICT’s technologies are designed and deployed in a way that it does not constitute a threat to international stability and security. We welcome and we encourage stakeholders’ participation in such discussions. Their perspectives on the threat landscape is a useful contribution to the work of this group. Thank you, Mr. Chair.

Chair:
Thank you very much, Italy. United States, to be followed by El Salvador, U.S., please.

United States:
Thank you, Chair. The OEWG continues to make substantive progress in its discussions of cyber threats, and the topic is widely recognized as a foundation for the rest of our work. The United States remains concerned by a range of cyber threats, including ransomware and other malicious cyber activity targeting critical infrastructure, uncontrolled cyber activity undertaken by both criminals and states, and cyber-enabled targeting of humanitarian actors. The United States has long been concerned by cyber activity that targets critical infrastructure. Recently, we have observed increasing intrusions into multiple critical infrastructure sectors, including those that service life-sustaining systems. On February 7th of this year, the United States and several partners published a new joint cybersecurity advisory on the Volt Typhoon set of compromises. That advisory identified malicious cyber activity aimed at pre-positioning access to the operational networks of critical infrastructure systems in the United States and around the globe. This pre-positioning would allow malicious cyber actors to launch disruptive or destructive cyber attacks, including in the event of a major crisis or conflict. This disruption or destruction would endanger civilians, such as through the disruption of gas pipelines. the pollution of water facilities, disruptions to telecommunications systems, and interruption of transportation systems. These threats are designed to incite chaos and panic. All states should be concerned by this activity, both because the activity is exploiting global ICT networks to hide its source and also because these cyber attack capabilities can be used to target critical infrastructure around the world. Any attack targeting these critical infrastructure systems contravenes the framework and poses an increased risk of harm to civilians around the world. Separately, we continue to see ransomware attacks increase at a troubling pace. We are pleased to see that the 2023 APR highlighted the growing threat ransomware poses to all states. We should also recognize that the dramatic increase in ransomware threats is due, at least in part, to the fact that a few states allow these criminal actors to operate with impunity within their territories. Ransomware is the most prolific and disruptive cyber threat worldwide at this moment in time. Its hallmarks include extortion of funds, disruption of critical services, and theft of sensitive data. In the first half of 2023, attacks rose 43% from 2022. Ransom demand amounts are also rising. It is the definition of a transnational threat, with attackers operating in one country, victims around the world, and networks being used globally, including both ICT networks and financial networks used to launder funds. The recent law enforcement action by the United States and international partners to disrupt the LockBit ransomware network highlights the risk these criminal actors pose to global critical infrastructure. We have been particularly concerned by groups that regularly target hospitals and other life-sustaining systems. which risks real and significant harm to civilians. Regrettably, LockBit is just one of the many increasingly prolific ransomware groups that continues to find safe haven by operating in the territories of a few irresponsible states. In response to the growing threat of ransomware and cybercriminal activity, the United States has worked with partners to build a broad coalition of like-minded states through the Counter-Ransomware Initiative, or CRI. CRI has a few priority areas of work. First, to enhance international capabilities to disrupt ransomware attacks, including through capacity-building programs. Second, to improve law enforcement and policy collaboration, as well as encouraging increased information sharing, including threat indicators and requests for assistance. Third, to undermine the actors, including by tackling the illicit cryptocurrency wallets used by ransomware actors and publicly committing to discourage ransomware payments to criminals engaging in this behavior. The core principle of CRI is that its members must be committed to fight against ransomware. Furthermore, CRI members have committed to cooperating with members and non-members alike that suffer from significant ransomware attacks against government and life-sustaining critical infrastructure networks. If a state can commit to these principles, they should consider joining CRI. Moving on, regarding the issue of artificial intelligence, we believe it is important to continue the discussions on the cybersecurity implications of AI and other emerging technologies within the OAWG. When we were together in December, the United States emphasized the need for both optimism and concern when it comes to AI-enabled cyber tools. Recent private sector reporting detected and disrupted instances of states using or attempting to exploit generative AI to research and develop offensive cyber operations. We are all still learning about the cyber implications of AI. As we develop our understanding of these implications, we must also consider how the framework can help us manage the cyber risks posed by these emerging technologies. Finally, we recognize that non-state stakeholders, including vetoed entities, some of whom are leaders in their fields, have important expertise that could help the OEWG in its work. This is particularly true as we discuss new and emerging trends in the cyber threat landscape, where private sector research and understanding can often be more advanced than that of states. Member states can gain valuable insights from these stakeholders, and those interactions in the OEWG should be enhanced. Thank you, Chair.

El Salvador:
Thank you, Chairman. El Salvador thanks you for convening this session and highlights the importance of discussing real and potential threats in the area of information technology, given their constantly evolving nature. In your guiding questions, Chair, you have mentioned the matter of recent progress made in AI and other emerging technologies, and their possible implications for the security of ICTs. No doubt that approaching these matters from the perspective of security is essential. We also recognize that the disruptive effects of AI could go beyond the international sphere, and in that regard, El Salvador supports a technologically neutral approach with regard to AI and other dual-use technologies. We recognize that these technologies can be useful in improving processes, especially in the field of cybersecurity. But we underscore the need for close cooperation with service providers of ICTs in order to activate, report, and neutralize possible malicious uses by non-authorized actors. In particular, we are concerned over the rapid progress made in generative AI, in particular, the major linguistic models based on automatic learning. And we should consider that these are tools which are widely available, like ChatGPT and others, which can be used by malicious actors to improve and refine cyber attack techniques, including the search for vulnerabilities in our ICT systems, exploiting coding errors, the development of malware based on open source software, attacks of social engineering, and compiling information on data transfer protocols. While we do not have information about the development of large-scale disruptive attacks using major language models, we recognize that this practice increases. With regard to measures that could be implemented to protect our information systems, we emphasize the importance of cyber hygiene practices, such as the multi-factor authentication and the zero-trust principle in cybersecurity. This means that all interactions that use critical systems must be duly authenticated, authorized, and encrypted before granting access. This is in addition to other innovative practices in which we can create capacities, including transfer of advanced technologies. El Salvador will continue to promote these discussions in this forum in order to better understand the impact. of emerging technologies on information security at the international level. Thank you, sir.

Chair:
Thank you very much, El Salvador. Greece, to be followed by Republic of Korea. Greece, please.

Greece:
Mr. Chair, Greece fully aligns with the EU statement and would like to make the following national comments. First of all, we would like to thank you and your team for all your efforts in supporting this process. Through your tireless commitment, as well as the commitment of all the distinguished delegates in this room, we managed to overcome several challenging obstacles and to adopt two consecutive annual progress reports by consensus. These reports are not only products of compromise, but also of great substance. Mr. Chair, malicious behavior in cyberspace is constantly evolving and new trends are on the rise. For example, this past year, ransomware attack tools were overwhelmingly used by malicious actors targeting critical sectors globally, including the health sector. Cyberattacks have also evolved as a means in armed conflicts, becoming one of the most important threats to peace and security of our time, while cyber-malicious actors continue to operate mostly without consequences. Through our work here at the Open-Ended Working Group, we have produced concrete outcomes that will greatly benefit our efforts addressing these threats and challenges. In our 2022 and 2023 annual progress reports, we have achieved progress by establishing CBMs at the global level with the creation of a global intergovernmental points of contact directory. The POC can facilitate increased interaction and cooperation between States. thus promoting international peace and security, and increasing transparency and predictability. Greece has been supporting the implementation of CBMs at the regional level, and I’m happy to inform you that we are currently in the process of nominating POCs for the Global Directory. Furthermore, through our collective work so far, we have highlighted the importance of capacity building, which we consider a critical part of building resilience in cyberspace. In this regard, we welcome the Global Roundtable scheduled for May on capacity building. And we are certain that our future work will continue to produce concrete outcomes. Most importantly, we highlight the upcoming discussions on the program of action. We strongly believe that the establishment of a permanent and action-oriented mechanism will provide a strong basis for the continuation of the two most important aspects of our work, the implementation and further development of the framework of responsible state behavior in cyberspace. We look forward to jointly start reaching clarity on the modalities of this future mechanism. Mr. Chair, let me assure you that Greece remains highly committed to this process and to our common goal for an open, secure, peaceful, and accessible cyberspace governed by international law where human rights, fundamental freedoms, and the rule of law fully apply. I thank you.

Chair:
Thank you very much, Greece, for your contribution. Republic of Korea to be followed by the Philippines. Republic of Korea, please.

Republic of Korea:
Thank you, Chair. I would like to start by expressing my gratitude to the Chair for organizing the seventh substantive session of the Open-Ended Working Group. The safety and security of cyberspace have become more crucial as our world becomes more becomes more connected with cyberspace, which can serve as a base for illegal activities. In particular, recent developments in AI have dramatically improved our lives, but at the same time, the technology itself is prone to exploitation by malicious actors. International attention and cooperation are essential for safe and secure cyberspace. ROK will continue its contribution to international discussion and cooperation in cybersecurity. Let me first point out the emerging threats, such as cryptocurrency heist and ransomware, and their ramifications in our security landscape. Cryptocurrency heist plays a crucial role in acquiring funds for illegal activities, including illicit arms trade and developing WMD programs. These illegal tools are used as a means to undermine and circumvent the existing disarmament and non-proliferation regime and architecture, including the UN Security Council-mandated sanctions. Ransomware attacks have cascading effects when critical infrastructure and critical information infrastructures are attacked. Ransomware can disrupt essential social and public services, which can bring about social instability and undermine national security, and furthermore, can pose a threat to international peace and security. This is particular due to the indiscriminate nature of ransomware that do not differentiate friend or foe, but only seek to exploit the vulnerable spot or the weakest link of the chain. We welcome that ransomware was included for the first time in the second APR last year, but hope to see more references to ransomware and cryptocurrency heist in this year’s APR to reflect the evolving nature of the malicious cyber activities. I would also like to mention the potential threats and challenges that are enabled by generative AI. Although AI offers many opportunities and benefits, AI can enable the cyber attacks to be more sophisticated and may provide even more opportunities for malicious actors to spot the vulnerabilities, create malicious codes, and effectively make use of techniques like phishing in an unprecedented scale. In addition, my delegation notes with concern recent instances where cyberspace has been exploited to disrupt democracy and democratic institutions. For example, disinformation generated by emerging technologies such as AI can have disruptive influence on the democratic societies. Furthermore, as electoral process is transitioning to digitalization, it is being exposed to higher risk of cyber attacks. Therefore, we’d like to highlight the importance of enhancing security in the establishment, operation, and management of ICT-based processes. As the year 2024 is also known as the super election year, utilizing emerging technologies like blockchain can be useful for enhancing the security of those relevant processes and institutions. The cooperation among international community, including multi-stakeholders, is essential in responding to those threats. This is why Korean government is participating in the Counter-Ransomware Initiative, which aims to enhance global awareness and build collective resilience against ransomware. Furthermore, my government initiated a capacity-building program for ASEAN countries in order to raise awareness of cryptocurrency theft and assist them in responding more effectively. Having said that, my delegation would like to highlight the benefits of enhanced access to ICT capabilities. We believe that now is the time to discuss the impacts of proliferation and ready availability of sophisticated commercial or open source ICT capabilities to non-state and private actors. We would like to share a positive case on this. Recently ROK released a free decryptor tool to crack the Reseda ransomware for anyone to use. This tool saved victims from succumbing to the perpetrator’s threats. We hope to see more cases of constructive cooperation among public, private, and academic sectors in reducing cyber threats. Addressing the evolving, emerging, and imminent threats to the cybersecurity, ROK renewed its national cybersecurity strategy in last February and is continuing its effort in bilateral and multilateral cooperation to effectively prevent and respond to cybersecurity threats. As one of the elected members of the UN Security Council, the Republic of Korea aims to promote and deepen cybersecurity discussion within the United Nations system while working closely with the UN’s advisory body on AI. Keeping in mind the AI-driven opportunities as well as vulnerabilities, Korea will also convene a series of conferences on AI this year. Together with the UK, Korea will host the AI Summit in May this year in order to promote the discussions on the safe use of AI. Korea will also organize the second Summit on Responsible Artificial Intelligence in the military domain, RE-AIM, in partnership with the Netherlands. Thank you.

Chair:
Thank you very much, Republic of Korea, for your statement and also for sharing your own experience. Philippines to be followed by Kazakhstan. Philippines, please.

Philippines:
Thank you, Mr. Chair, for giving me the floor. As this is the first time I’ll speak for my delegation, our delegation extends our thanks to the Chair, his team, and the Secretariat for the steadfast leadership and dedication to this process. We are learning much as we look inward to our domestic and regional circumstances, and at the same time outward to other countries and regions. We also thank the Chair for guiding questions which have regularly facilitated our discussion to be focused and interactive. Mr. Chair, esteemed delegates, the Philippines acknowledges the importance of addressing evolving ICT threats in the context of international security. We appreciate the opportunity to contribute to the discussions on emerging challenges in cyberspace and potentially initiatives to enhance global cybersecurity. The Philippines observes a rising concern in the use of AI. For instance, AI-powered robocalls being exploited for fraudulent activities. The sophistication of such attacks poses a substantial threat to our citizens and requires in-depth examination. Additionally, cognitive warfare, including the use of deep fakes and misinformation, is an alarming trend that demands comprehensive exploration by the OEWG. Recognizing recent developments in artificial intelligence, the Philippines believes the OEWG should thoroughly investigate potential threats arising from the malicious use of AI in cyberspace. The rapid advancement of AI introduces risks in various domains, and understanding these implications is vital for shaping effective cybersecurity policies. The Philippines shares the concern raised by some delegations regarding the widespread availability of sophisticated ICT capabilities to non-state and private actors. To address this, the OEWG should delve into potential threats emanating from the misuse of such technologies, ensuring a comprehensive understanding of the risk posed to international cybersecurity. In response to the urgency highlighted in the second annual progress report, the Philippines suggests the following potential initiatives at the global level. To collaborate with member states, the private sector, and civil society to launch a global campaign raising awareness about evolving ICT threats and promoting responsible online behavior. The establishment of international needs-based programs to enhance the cyber resilience of states, especially focusing on developing nations through capacity-building initiatives, knowledge sharing, and skills development. The Philippines also supports the proposal of Kenya on a threats repository and is seriously working towards joining the counter ransomware initiative this year. We firmly believe that fostering global cooperation is essential to tackle the dynamic landscape of ICT threats effectively. We are committed to actively engaging in discussions and collaborating with other member states to strengthen the international community’s collective response to cybersecurity challenges. Thank you, Chair.

Chair:
Thank you very much, Philippines, for your contribution and also for sharing with us some of your suggestions and welcome also your announcement that you’re looking at joining the counter ransomware initiative. I think what’s really very good to hear so far in the discussions is everyone sharing what they are doing and also putting forward some ideas for global initiatives. And I think this in itself becomes a platform for everyone to be aware of what’s happening and what we can potentially do. So this is a very good start in my view. Having said that, I have a very long list of speakers, so we will go through them. And of course, I would welcome you to be as succinct as possible. Kazakhstan to be followed by Albania. Kazakhstan, please.

Kazakhstan:
Thank you, Chair, for giving the floor. Kazakhstan expresses its full support for the work of open-ended working group in facilitating consensus on the key international ICT agenda items. In the realm of digital world, the emergence of AI and machine learning technologies presenting challenges despite significant advantages of ICT security. The potential for the abuse of AI within the critical infrastructure by malicious actors is a concern. While security experts use AI to counter cyber threats, cyber criminals can employ this technology to devise new forms of attacks. It also can be used to create and spread misinformation and disinformation by generating vast amount of content quickly and convincingly making it difficult for users to identify a fact from fiction. On our site, Kazakhstan recently finalized its AI development concept for 2024-2029, set for approval this year. It underscores the potential of AI systems to analyze extensive data and making decisions based on identified patterns, aiming to enhance service quality and improve overall user experience with the guideline for AI safe using. Moving on, it is crucial to highlight the significance of data breaches. We should comprehend that protection of sensitive data is paramount. Cyber security measures as an encryption and authorized access are essential to protect against online threats. With the continuous development of technology, the landscape of cyber security is constantly changing, making data breaches, ransomware attacks, and hacking incidents more commonplace. As a result, we should prioritize cyber security initiatives, implement protective measures, and stay aware against emerging cyber threats to uphold the integrity and security of personal data. As of today, our government is taking additional measures to prevent data leaks. On that, the secondary law signed last year, which is directed towards the protection of personal data and ensuring cybersecurity in general. And finally, we consider it important to emphasize the significance of Internet of Things and cloud computing technology security in the area of 5G. The development of 5G networks introduces unique challenges in the realm of ICT security. The expanded attack surface of IoT devices and cloud computing increase the risk of cyber threats. Within this framework, the use of 5G also introduces new possibilities for DDoS attacks. Ensuring cybersecurity in networks and managing safety in the use of critical infrastructure with many devices demands cautious application of protective measures and raising awareness in creating cyber resilience. Thank you, Chair.

Chair:
Thank you very much. Kazakhstan. Albania, to be followed by Malaysia. Albania, please.

Albania:
Honorable Chair, dear colleagues and stakeholders, in the light of the evolving landscape of threats arising from the use of information and communications, cyber threats often transcend national borders and international cooperation is essential. In an increasingly interconnected and digitized world, the specter of cyber threats grows larger than ever before. Communication is considered a main pillar of modern society, influencing various aspects of how individuals, private entities, and governments operate. It has transformed communication. enabling instant and global connectivity through the Internet. Social media, messaging platforms, and email have been an integral part of personal and professional interactions. Governments worldwide are embracing digitalization to enhance service delivery, transparency, and citizen engagement. This includes digital communication, online transactions, and the delivery of public services through electronic means. The Albanian government delivers 95% of services online to citizens and businesses by improving time efficiency, cost savings, and reducing corruption. Digitalization, consequently, becomes threat actors’ favorite target. In the realm of facing diverse and evolving cyber threats, no single organization can keep up with a rapidly changing threat landscape on its own. Cyber attacks have become more sophisticated, where nation-state sponsor groups and organized cyber crime have demonstrated increasingly sophisticated tactics and techniques by even integrating artificial intelligence in their offensive operations. Critical infrastructure sectors, government cyberspace, including energy, healthcare, and transportation, are increasingly and constantly targeted. Cyber attacks targeting critical infrastructure pose significant risks to public safety and national security. One year and a half ago, And in continuation, until the very last Christmas, Albania built its own experience facing sophisticated nation-state-sponsored cyberattacks, in the beginning several governmental institutions, in the continuation independent ones, and then telecom banks and other private companies. These persistent threat actors targeted government cyberspace and other institutions with a destructive offensive operations and the final aim to wipe every digital system. Not only cyberattacks, but we also faced, and still facing, information operations where threat actors tried to manipulate public opinion, create confusion, and undermine trust in government institutions. Not only destructive operations, but cyber threats may promote specific ideologies or political agendas. Thanks to international cooperations, especially the U.S. State Department, we were helped since the very first day of the post-attack. And we managed to respond, recover in the safest way, and attribute the actors. In these regards, collaborative cyber-resilience efforts enable a collective defense approach where organizations work together to protect not only themselves, but also the broader ecosystem that they are part of. Rapid change of the threat landscape, where combined artificial intelligence and machine learning are used by defensive and offensive operations, requires maximizing all state efforts towards upcoming emerging threats. In order to protect the critical infrastructures as per security best practice, implementing zero trust combined with defense in-depth strategy improves cyber-resilience by continuous monitoring and validating entities. The central government in Albania is currently at the stage of this implementation. Developed countries must help small states to build capacity, build confidence measures, and share their experience. Use of multilateral, regional, bilateral, and multi-stakeholder platforms and agreements to exchange practices, artifacts, shared information on the threats and attacks on national approaches to attribution, sharing different types of attribution on cyber threats and incidents. Agreements may be bilateral, at the national or governmental level, but also serve to share experience, transfer the knowledge, and simulate cyber drills. At the international level, small states that are under development should be encouraged to participate in simulation drills with the aim of learning from developed countries. Leading states may develop and support international capacity-building programs that provide training, education, and resources. These programs can target various levels, from beginners to advanced professionals, and cover a broad range of cyber security topics. In this regard, national experts from small countries like Albania may build the required experience to handle upcoming cyber threats and incidents. I believe the UN could be of assistance in this matter. In this regard, capacity building should remain a fundamental and cross-cutting pillar of all related discussion. I thank you for the attention.

Chair:
Thank you very much, Albene, for your statement. Malaysia to be followed by the Islamic Republic of Iran. Malaysia please.

Malaysia:
Mr. Chair, Malaysia would like to express its sincere appreciation for your insights regarding the topic schedule for our discussions this week. We are also grateful to the Under-Secretary-General and High Representative for Disarmament Affairs for her opening remarks. Malaysia underscores the importance of Member States’ collective efforts to the OEWG in ensuring that recommendations and proposals concerning the responsible use of cyberspace are prioritised and implemented, and that identified threats are effectively addressed with risk-based approaches. During the last substantive session, Malaysia highlighted the threat posed by the confluence of emerging technologies such as AI, quantum computing, the Internet of Things and 5G, among others. The concern is that these technologies could create compounded risks when used in a complementary manner by malicious actors. Hence, in-depth scenario-building discussions on this matter with expert stakeholder representatives will be beneficial in identifying the risks and impacts associated with these technologies when used together. Mr. Chair, your revised guiding question aimed to identify potential threats that the OEWG should further study based on recent development in AI and other technologies that could have implication for ICT security. Malaysia concurs with Australia, Latvia, the UK, and the EU. US, El Salvador, Republic of Korea, and others on the threats brought about by AI, specifically generative AI. Malaysia also emphasized that cybersecurity serves as a fundamental prerequisite for the security of AI systems, ensuring privacy, fairness, reliability, and predictability. Malaysia would like to further highlight potential threats in one of the subfield of AI, namely Natural Language Processing, or NLP. Human history is about narrative. Narrative have shaped everything from our financial system to our societal norms and culture. These narrative have always crafted by human. With NLP, machines now can generate narrative, potentially altering perspectives on many issues. In this regard, advancement in NLP and generative AI could have a significant impact on international peace and security. If the capability of these technologies to generate confusing human-like content is exploited to create misinformation, phishings, and manipulations of public opinion on a global scale. Such activities can amplify tensions between state, undermine democratic processes, and destabilize international relations. Malaysia believes that OEWG should further study in this area. As is well known, in cybersecurity, there are three factors contributing to protection control, people, process, and technology. A study conducted by Poneman Institute on the cost of data breaches in 2023 indicates that phishings and stolen of compromise credential are the most common initial attack vectors. Both are due to the. human factor. With the advancement of NLP and generative AI, the ability of malicious actors to exploit this technology with human-like narrative should further discuss by the OEWG. Yes, humans are the weakest link, but they are also the best defense. In this regard, Malaysia supports the proposal for expert briefing during a dedicated session on emerging technologies to help us better understand the technologies and the required security protection considerations and controls. As to the guiding question on potential initiatives that can be undertaken at the global level to raise awareness and deepen understanding of existing and potential threats, and to further develop and implement cooperative measures to tackle these threats, Malaysia reiterates the importance of embedding security and privacy by design at an early stage of development of any system solutions or technology acquisitions. Critical success factors for the implementations of security and privacy by design can only be materialized if cyber security is recognized as a fabric of digital transformation, which needs to be embedded at the design level. Malaysia is of the view that while discussing proposal in the OEWG, it is crucial for the OEWG to also consider incorporating existing workable and verifiable platforms currently used by various stakeholders, including states, to understand existing and potential threats in the sphere of information security or cyber security. This is because the true test of trust is in verifiability. The element of verification will provide a level of confidence and assurance in this trust building. exercise. This approach is aligned with the consensus that we are not starting from the scratch. For example, while the OEWG is considering the proposal by Kenya on the repository of cyber threats, it is crucial to consider how the repository can fit with existing platforms, such as the MITRE Adversarial Tactics, Techniques and Common Knowledge or MITRE ATT&CK, a cybersecurity framework for identification and classification of cyber attack and assessment of risks that is widely implemented by cybersecurity practitioners across industry, including critical infrastructure and critical information infrastructure. This approach will further demonstrate that, as states in the OEWG, we are building on existing initiatives, recognizing and assessing how the OEWG can accord due weight to trusted and verifiable cybersecurity community platforms. This will allow for more inclusive and seamless integration and linkages between all the stakeholders. It is also important to note that, while we are currently discussing the threat of AI, the MITRE Adversarial Threat Landscape for Artificial Intelligence or MITRE Atlas have been developed to raise awareness on tactics, techniques and procedures relating to the unique and evolving vulnerabilities in AI-enabled systems. Thank you, Mr. Chair.

Chair:
Thank you very much, Malaysia. Islamic Republic of Iran to be followed by India. Iran, please.

Islamic Republic of Iran:
Mr. Chair, since this is the first time that my delegation takes the floor, I would like to express my appreciation to you, Mr. Chair, for your dedication and work throughout this OEWG process. We also thank the Secretariat for the excellent preparation of the 7th substantive session of the OEWG. I would also like to appreciate Under-Secretary General Izumi Nakamitsu for sharing her reflections. Mr. Chair, in response to your guiding question regarding the new developments or trends in existing and potential ICT threats within the OEWG, I would like to highlight that from the beginning of the OEWG process, some states, including my country, have identified specific threats emanating from the use of ICT, which have not yet been reflected in the OEWG final reports and also the first and second APR. The inclusive OEWG format has offered an opportunity for states to listen to what others consider the most significant threats and risks. While listening to others’ views is valuable, it alone may not be sufficient and could potentially undermine the confidence-building nature of the OEWG. We would like to emphasize the need to prioritize addressing previously identified threats before delving into new ones. The group must thoroughly study the threats already reflected in the first OEWG Chair Summary to establish a common understanding of their significance and implications. Countries can then proceed to study new threats with a well-informed perspective and a solid foundation in place. In this line, my delegation would like to take this opportunity to once again refer to the following threats which have been already identified. We hope that they could be reflected in the third annual progress report to be able to develop possible cooperative measures to prevent and counter such threats. Vipinization of the ICT environment. In line with the aspiration of the international community to the exclusively peaceful use of information and communication technologies for the common good of humankind, it is imperative to identify and recognize the vipinization of the ICT environment as a significant threat. Thus far, this matter has only been touched upon in the outcome documents of the OEWG, failing to fully acknowledge its significance as a major threat. Monopoly in internet governance, hegemony or dominance in whichever form has not brought peace and stability to the world, but instead it has violated the sovereignty of other nations, leading to conflicts and instability among states. This principle also extends to cyberspace, understanding the need for the international community to outline within the OEWG a multilateral, democratic, just, and transparent global internet governance system with equal participation and joint decision-making of all countries to ensure the stable and secure functioning of the internet. The Group of 77 and China, which is a forum of 134 countries, in its input to the global digital compact discussion, has also acknowledged the internet governance should be addressed in a global setup backed by the UN system. False flag operations and fabricated attributions. The anonymity in the ICT environment has given rise to the possibility of using computer attacks under a false flag to make fabricated attributions and hold another state responsible. In the absence of a universal methodology and principles for investigating computer incidents, the adoption of any political decision on the security of ICT may pose major threats to international peace and security. Use of ICT in disinformation campaigns and cognitive operations. These uses can undermine the political, economic, and social stability of states, are potentially escalatory, and can threaten international peace and security. I would like to recall that this concern was addressed in the zero draft of the second APR, but was subsequently removed in the final draft. Unilateral coercive measures against states in the ICT domain. Even a state politicized technology and ICT security issues, and imposed unfair and unjust barriers on the global ICT supply chain and trade. Such unlawful measures not only undermine the purposes and principles of the UN Charter, but also pose a significant risk of deepening digital divides, eroding trust, hindering cooperation on cyber security, and jeopardizing the stability and security of the international community at large. Lack of clarity regarding the responsibility of private sector and platform with extraterritorial impact. Lack of responsibility of these actors could increase the risk of misunderstanding and misperception between states in the ICT domain. The group of 77 and China has also addressed this issue in its input to the global digital compact discussions. Mr. Chair, finally, in paragraph 10 of the second APR, states recalled the scope of the OEWG’s works to consider ICT threats in the context of international security. It’s important to emphasize that all the aforementioned threats are viewed through this specific lens and need to be discussed and considered in the OEWG. I thank you, Mr. Chair.

Chair:
Thank you very much, Iran, for your statement. India to be followed by France. India, please.

India:
Mr. Chair, as the digital landscape continues to evolve, information security threats have become increasingly complex. and sophisticated, encompassing a wide range of challenges such as data breaches, ransomware attacks, and the proliferation of fake news. Effective preventive and countermeasures often require a coordinated approach amongst governments, private sector entities, and international organizations. Existing threats include data breaches, ransomware, social engineering, such as phishing, and other forms of manipulation, the misuse of AI, and supply chain vulnerabilities. Potential threats include quantum computing, which could potentially break encryption methods, Internet of Things, especially as more devices are connected, there’s an increasing attack surface, and moreover, IoT devices often have poor security configurations. Moreover, geopolitical tensions between nations can spill over into the cyber realm, as digital assets become more valuable, economic incentives for cyber crime also grow. To address one of the guiding questions in this segment, India would like to state that artificial intelligence poses a big threat to ICT security, with their ability to launch advanced attack campaigns that can be hard to detect and respond to. Considering the importance of these threats, member states need to work together on developing responsible AI, and promote the ethical use of AI. Capacity building initiatives may also focus on leveraging the use of AI to help member states with limited resources to effectively handle threats and attacks. Workshops on responsible AI may be organized at the UN level to help member states to improve their capabilities in leveraging AI to counter AI-based threats. Mr. Chair, India takes this opportunity to thank you for your able leadership and sincere efforts to take forward the mandate of this working group. The program of work and the guided questions for the Member States to share views on the agenda topics of the OEWG mandate have set clear direction for this substantive session. Thank you, Mr. Chair.

Chair:
Thank you very much, India, for your comments. France, to be followed by Montenegro. France, please.

France:
Thank you, Mr. Chair. This is the first time we’ve taken the floor in our formal session, and let me start by expressing France’s gratitude for your leadership, for all of your efforts in preparing for the seventh formal session of the Open-Ended Working Group. My delegation associates itself with the statement made by the European Union and would like to make a few comments in its national capacity. I will briefly mention five trends of threats observed by France in 2023 based on the conclusions of the third edition of the Cyber Threat Panorama published a few days ago by the Agency for the Protection of Information Systems, ANSI, which you will all find online. So I will just briefly mention some of these threats. In 2023, in terms of information cyber threats, they have increased in the geopolitical context that has unfortunately been characterized by growing tensions. In France, this was part of the process of preparation for the World Rugby Championship and the elections in the European Parliament. Other threats observed in France were targeted attacks, part of the industrial or strategic spying operation, introducing and propagating malicious software in a number of information systems. Second trend has to do with the diversity of various commercial offensive actions attacking the personal phones and computers of their targets and had a considerable impact on the reputation and continuity of the various structures targeted a growing and continuing threat for information systems. Thirdly, and obviously like most of my colleagues, we’ve seen an increase in extortion attacks using ransomware, a 30% increase compared to 22. It is mostly used targeting public sector, energy and health. In France, the administration does not have the right or the ability to pay the ransom for such piracy attacks. And they’re really stupid because they can’t get the money anyway. It’s characterized by a diversification of criminal systems. Today, they are able of threatening public sector organizations, health, local communities, or energy institutions. We also saw an increase in the number of attacks on information centers and destabilization through hybrid strategies. Cyber and information, the media and critical infrastructure entities are of course targeted through their networks and pre-positioning activities have been observed. Finally, as many of my colleagues in Australia, Estonia, El Salvador, Korea, Philippines. I’d like to share with you our concern in view of the growing risks associated with generative artificial intelligence. We also saw that these new AI technologies offered new opportunities for malicious actors. I could list them, but it could take me several hours. But they are themselves also vulnerable and become targets of attacks. Some of this innovative technology is not widely enough shared and therefore is particularly vulnerable. What are the ways of responding to these concerning threats? Cooperation, international cooperation in the area of dismantling criminal cyber organizations is a major and promising approach. In 23, France participated in dismantling the crackpot network, an operation carried out with the German, Dutch, and UK authorities. Last year, we also prepared the lock bit network for the dismantling operation. Detection, characterization, and tracking of the activities needs cooperation. Because of the diversity of the tools they use and their offensive tactics, all actors acting with malicious purposes in the cyber sphere should be a priority for states. I’ve heard several times this afternoon that this is a priority, and I agree with that. I’d like to emphasize that France, for its part, will participate in organizing, in the wake of the Republic of Korea and the UK, in 2025 or the end of 2024, we will organize a conference on artificial intelligence and the risks involved. Before concluding, I’d like to share the experience in fighting irresponsible technologies being floated on the market. This is something that we already mentioned in the sixth substantive session of the group. Let me recall that commercial capabilities are legitimate as such, when used for legitimate purposes, but their irresponsible proliferation and making them available on the open market threatens respect for human rights, national security, and international stability. The growth of such markets, under-regulated by countries, allows state and non-state actors, including criminal groups, to identify vulnerabilities and use commercially available services to attack these vulnerabilities, undermining the stability of cyberspace and fundamental human rights. Therefore, France and the United Kingdom have launched a joint initiative, the Pal-Mal process, to counter this phenomenon. The idea is to work out political options to address this multi-actor threat, putting potentially harmful cyber technologies on the market. This would involve capacity building, the first pillar, new tools and new services. France and UK carried out a joint conference in London on February 6th this year, and let me share with you, as a result, consensus largely emerged among participants regarding the threat posed by the market of cyber capabilities, recognition that there are legitimate uses for these capabilities, and thirdly, we could launch a process to identify situations where there are regulation lacunae, and these are filled through the Code of Conduct that was adopted in Paris, and will be adopted in Paris in 2025. Thank you very much.

Chair:
Thank you very much, France, for your statement and contribution. Montenegro, to be followed by South Africa. Montenegro, please.

Montenegro:
Mr. Chair, if you would allow me, in my capacity, to thank you and the Secretariat for the hard work and education that enabled this group to make important results in the last year, and I’m sure that we are going to have even more results this year. At the outset, I wish to stress that Montenegro fully aligns itself with the statement of the European Union, and wishes to make additional remarks in our national capacity. In today’s rapidly evolving world, characterized by a multitude of crises, but also new technology developments, our security environment has become highly unpredictable, and we all agree that. The challenges we are facing, including through cyber attacks, serve as a stark reminder of the critical importance of resilience of our societies, and protection of the critical infrastructure, government departments, and essential services in the face of diverse threats and crises. Cyber attacks, as many of you have stated, becoming more sophisticated and severe. Threat actors now possess the tools that once thought to be solely the domain of the nation-state attackers, allowing them to carry more frequent, skillful and targeted attacks. Government departments as well as the healthcare sectors are particularly attractive targets for both state-sponsored and financially motivated attacks due to their access to the sensitive information, as we saw in Australia that we also condemned through the aligning with the EU statement. As you know and also as mentioned by our Albanian colleague, a wave of cyber attacks caused unavailability of public services and data loss across the Western Balkans in 2022. Montenegro was the victim of such malicious cyber attacks, namely ransomware attack, when various simultaneous cyber attacks directly targeted our critical infrastructure and delivery of public services to people and businesses. What we learned from the experience was that we needed to include all the stakeholders in defending and recovering from the attack, including the private sector, academia and civil society organizations. And that is why we are glad to see all of them included also in the work of our working group. We were glad that we also had the help from the countries around the table and this assistance was of crucial importance for conducting forensic analysis about the attack, identifying vulnerabilities and looking ahead towards setting up more resilient infrastructure in this regard. We remain ready to share our experience as we have been doing so far. In conclusion, when we talk about existing and potential threats, we fully supported the threats of ransomware and hiring of ransomware as a services, among others stated by the EU, be included in our work as also recognized by the second APR, as we see the advancing impact on international peace and security through data theft and disruptions. We also support the continued discussions on cyber attacks targeting critical infrastructure, as well as the challenges of the AI, so as to better understand the threat landscape which is fundamental to our work. Thank you.

Chair:
Thank you very much, Montenegro, for your statement, and welcome back to New York, Ambassador. South Africa to be followed by New Zealand. South Africa, please.

South Africa:
Chairperson, our continued discussion on existing and potential threats to information and communications technologies in this working group is evidence that many states find this platform useful and are willing to engage in a multilateral setting. Our goal in the open-ended working group is to protect all critical infrastructure and critical information infrastructure, to ensure the continuity of government functions, such as supporting essential services to the public and the smooth functioning of the economy. We are all connected in cyberspace, and therefore cooperative means of addressing ICT threats will assist our collective understanding of the cyber terrain. Cyberspace has become increasingly complex in the national security arena, as malicious actors continue to try to exploit the vulnerabilities, infiltrate the systems, and disrupt the critical infrastructure of their targets. New threats are emerging with the advancement of technologies such as the Internet of Things and artificial intelligence. The potential for misuse and manipulation of AI to disrupt the functioning and availability of critical systems poses a formidable challenge to national security, which can lead to panic and put human life at risk. South Africa believes that the international community can tackle these challenges through knowledge and information sharing, as Cuba and Kenya have proposed. And it is on this basis that we keenly look forward to the dedicated intersessional meeting with the participation of relevant experts invited by the OEW Chair, and with due consideration given to equitable geographical representation. existing and potential threats to security in the use of ICTs. We thus propose the inclusion of IOT and AI threats and their possible impact on human life as an area of focus during the dedicated intersessional meeting.

Chair:
Thank you. Thank you very much South Africa for your statement and for your suggestions. New Zealand to be followed by Cote d’Ivoire. New Zealand please.

New Zealand:
Kia ora tatou. Thank you once again chair to you and your team for organising the session and for the careful thought and preparation that has gone into your discussion papers. At the previous session in December we highlighted our ongoing concern about malicious cyber activity carried out by state-sponsored actors. 23% of all significant cyber events impacting New Zealand over the year 2022 to 23. In our view attempts to interfere in democratic institutions and processes are not consistent with our understanding of responsible state behaviour in cyberspace. We also remain concerned at reports of malicious cyber activity impacting critical infrastructure, whether in peacetime or in the context of an armed conflict where international humanitarian law applies. Over the past year our National Cyber Security Centre recorded that the proportion of financially motivated activity exceeded state sponsored activity for the first time and that the criminal activity observed had a greater potential impact to New Zealand’s well-being. The attack against the health sector mentioned by Australia, Belgium and Italy likely affected thousands of New Zealanders in Australia and we stand with Australia against such malicious cyber activity. As our Foreign Minister has said, this sort of activity needs to stop and must be resisted with all the tools at our disposal. As the 2021 GGE report notes, malicious cyber activity can undermine trust, is potentially escalatory and can threaten international peace and security. It is not only the size or technical characteristics of the cyber incident itself that informs the severity of the threat, the size and nature of the impact matters. We therefore agree with others who have raised concern about the potential threat to stability and international peace and security arising from the threat of ransomware, a link we think should be even more clearly reflected in this year’s Annual Progress Report. As others have highlighted, our National Cyber Security Centre also jointly publishes technical advisories to provide the latest threat information and mitigation advice to help reduce the chances of compromise. Chair, we know that different countries and people experience risk differently. Small island developing states face particular vulnerabilities due to their size, remoteness, narrow resource bases and susceptibilities to climate and economic shocks. Cyber security forms an essential component of the security and stability that underpins sustainable development and economic growth. This is one of the reasons we focus our cyber capacity building efforts in the Pacific. And as we look ahead to International Women’s Day, we echo the words of Under-Secretary General Nakamitsu on the need for a gender perspective in tackling cyber threats and to build greater understanding of their differentiated impacts. Only then can states, together with industry, academia and civil society, prevent, deter and respond to threats in an informed and inclusive manner. Respect for human rights and fundamental freedoms, as well as sustainable development, remains central to these efforts. Thank you.

Chair:
Thank you very much, New Zealand. Côte d’Ivoire to be followed by Estonia. Côte d’Ivoire, please.

Cote d’Ivoire:
Thank you, Mr. Chair. Chair, my delegation would like to once again express our appreciation of your excellent work at the helm of this open-ended working group. You can always count on our support and our willingness to cooperate toward our common objectives. Chair, the gravity of malicious activities targeting critical infrastructures in our countries, as well as great big enterprises, is in the focus of the attention of this group in terms of the threat it poses to security and stability. However, there’s another tendency which is less publicized but no less concerning. It’s a threat that is also growing and has very grave consequences. I’m referring to cyberattacks targeting small and medium enterprises, taking advantage of their vulnerabilities linked to limited abilities to protect themselves. This phenomenon is growing. In Côte d’Ivoire, where we’re in the process of digitizing our enterprises, we’ve recorded more than 2 million attacks targeting 27,500 SMEs in the year 22. These are denial-of-service attacks, malicious activities targeting supply chains, malware or social engineering and phishing. This leads to leaks of confidential data, loss of capital. market share, and thus undermines our development. It’s an important phenomenon that needs to be addressed in terms of promoting the economic development of our countries. It slows down digital transformation and compromises our efforts in that regard. This requires a major security-related and economic response. SMEs have to be made a priority in terms of enhancing cybersecurity, deflecting attacks, improving their effectiveness in protecting themselves, and thus enhancing their productivity. Mr. Chair, Côte d’Ivoire is resolutely committed to ensuring public access to digital services. This is a major challenge, but also part of our national strategy and part of our cybersecurity effort as well. Fighting cybercriminality requires creating a confidence-inspiring digital environment that would attract investors and enhance trust in government and government services. A number of memoranda of understanding have been signed with our partner, the United States, to put in place various projects in the area of cybersecurity to strengthen the capabilities of Côte d’Ivoire and its digital resilience. There’s a program of digital transformation that would modernize all administrative processes, improve connectivity, and promote the growth of small and medium enterprises. The creation of a data center a secure storage facility for critical data used by the government for its critical infrastructure, ensuring the digital sovereignty of our country, a training center in cyber security has been created, funding has been allocated to creating a one-stop shop in the digital domain for our industry and our domestic trade, and operationalization of security agencies, which is also considered to be an urgent task. Chair, this type of cooperation is no question a model in terms of jointly working with other countries, other partners to target cybercrime. Thank you very much.

Chair:
Thank you very much, Koteva, for your statement. Estonia, to be followed by Singapore. Estonia, please.

Estonia:
Thank you very much, Mr. Chair, for giving me the floor. Estonia aligns with the European Union statement. Dear colleagues, the cyber-threat landscape has been fierce in recent years. As referred also this morning by Under-Secretary-General Ms. Nakamitsu, it is affected by an active geopolitical conflict, the fast development of technology, as well as an increasing dependence on digital products and services. This means that while cyberattacks have become more targeted and sophisticated, the chance of their success also keeps on growing. We are increasingly concerned about the sheer amounts as well as the damage caused by cyber-threats. According to the early cyber-security review of the Estonian Information System Authority, Estonia registered 25% more cyber-incidents with considerable impact than the year before. Such an increase is alarming and unfortunately not unique to us. but a shared worry globally. We reiterate that states should be reminded to refrain from malicious use of information and communication technologies and adhere to the framework of responsible state behavior. We see various types of threats. There are more traditional cybercrime with, for example, ransomware attacks which take hostage the data of critical infrastructure providers, industry, health sector, and others. In addition to conventional cybercrime, we see more and more ideologically motivated attackers who are protesting against states’ political decisions. Hacktivists use mainly DDoS attacks but also other means and have become so common that they rarely cross the news threshold. Also, state-sponsored threat actors have become more active. While the main focus is on gathering intelligence, we can also observe examples of advanced persistent threats with more destructive capabilities which have been hiding in states’ national critical networks. We also witness the persistent use of cyberattacks in conventional warfare as rational, illegal, unprovoked, and unjustified aggression in Ukraine continues to be accompanied by active offensive activities in cyberspace. Artificial intelligence and large language models are rapidly changing the world around us as we speak. But this is just the beginning. It is relevant to keep in mind the potential of the AI together with all the opportunities, but also not to forget about the risks. Malicious actors have discovered the possibilities of AI and are using it to develop new, more sophisticated threats and malware. In order to address these risks, we need collaboration with both the private and public sector. We need to boost our capacity building and collaborate to understand the risks of AI. One of the first steps in this regard can be developing national policies and strategies on AI. with a clear focus on both opportunities and risks related to it. Mr. Chair, you have asked about raising awareness and deepening the understanding of existing and potential threats. Indeed, most cyber incidents could be prevented by greater awareness and preventing human errors. We believe that global efforts towards greater awareness gather their strength and effectiveness from regional and domestic initiatives. Countries may face specific concerns, and options for addressing these may also differ, underlining that there may not be a one-size-fits-all solution for awareness raising. At the same time, there is much to be achieved from international cooperation. The more we can act together, for example by sharing threat information or uniting efforts to tackle cybercrime, the more effectively we can address these concerns. Ensuring cybersecurity is becoming more and more vital, but also more resource-demanding, both in terms of money and skilled workforce. This is a challenge that most countries are struggling with, no matter their size or wealth. We also underline the role and value of exercises and trainings, and interested stakeholders may combine their knowledge and experience in preparing these. Estonian experience in providing educational courses to our domestic stakeholders has shown that some of the weakest links are still rather basic, falling for phishing attempts or poor password management. Knowledge and attentiveness for these elements can be trained and developed if educational activities are carried out in a regular and systematic manner. Mr. Chair, Estonia has always welcomed an open discussion on the existing and potential threats and possible cooperative measures to prevent and counter such threats. We will continue to share publicly our knowledge and experience regarding the threat landscape. For example, the yearbooks of the Estonian international system Sorry, the yearbooks of the Estonian Information System Authority, Estonian Internal Security Service and the Estonian Foreign Intelligence Service are publicly available, and you don’t need to use AI tools to translate this. Our humans have done it for you. We see that an open and transparent approach to sharing vulnerabilities may serve as deterrence and help to build our resilience towards the extensive threat factors. Thank you, Mr. Chair.

Chair:
Thank you very much, Estonia, for your very important contribution. I give the floor now to Singapore to be followed by Pakistan. Singapore, please.

Singapore:
Thank you, Mr. Chair. My delegation would like to thank you and your team for the work done in preparing for these meetings. Mr. Chair, Singapore would like to reiterate the value of the OEWG as a key platform for states to come together to build a clear threat picture with the international cyber community and to thematically share information on threats which are of most concern to the global cybersecurity landscape. A clear threat picture can help states, including small and developing states, understand what the foremost threats are. This can then be used to inform and prioritize national capacity building to combat these threats effectively in support of the cyber normative framework. In this way, exchanges on current and potential threats, such as what we’re having right now, can help states focus their priorities on areas affecting international peace and security and become more resilient against an ever-evolving cyber threat landscape. Allow me to share our experience from the ASEAN region. Singapore is now working with other ASEAN member states to operationalize the ASEAN regional CERT, following its endorsement by ministers at the fourth ASEAN Digital Ministers’ Meeting, which we hosted in Singapore in February this year. The ASEAN CERT will also include information sharing between ASEAN member states’ national-level CERTs that will help build our regional threat picture, and at the same time implement CERT-related capacity-building programmes to build regional cyber-preparedness and resilience to address these threats. More broadly, at the UN-Singapore Cyber Fellowship, which we hold twice a year, we have also included a segment on discussing the global threat landscape to encourage the sharing of diverse perspectives on the current threats and trends in this domain. Mr Chair, since we last convened, several key threats continue to pose a danger to the security and stability of our global cyberspace. The methods used by threat actors to cause harm are also evolving in both scope and complexity at a rapid pace. In Singapore, we see that ransomware remains a serious threat, and ransomware groups are diversifying their tactics, such as switching to exfiltration-only data extortion for speed, and tailoring their threat messages to cajole or coerce their victims to pay up. As already noted by many other delegations, artificial intelligence is also expected to increase the speed, scale and sophistication of existing threats in cyberspace. For example, AI will be increasingly used to supercharge cyber-attacks. In the near term, AI can be used to generate polymorphic malware, but in the longer term, we can expect AI to be used in more sophisticated autonomous attacks. Generative AI and deepfakes also continue to be a concern as they affect the national security of all states through targeted, realistic communications. with potential victims using AI-generated content to mislead them. Singapore has also drafted a proposed framework to govern generative AI, titled Model AI Governance Framework for Generative AI, and is currently seeking international feedback on it, and this is expected to be finalised in mid-2024. Singapore looks forward to working with states to take this opportunity at the OEWG to add to the collective threat picture, build global capacities, and mitigate these threats together. Thank you, Mr. Chair.

Chair:
Thank you very much, Singapore. Pakistan to be followed by Japan. Pakistan, please.

Pakistan:
Thank you. Chair, at the outset, let me express our sincere appreciations to you for steering and leading this important group in an able and inclusive manner. Your personal dedication and commitment has resulted in facilitating meaningful and focused discussion with a view to achieve a collective goal of a safe, secure, and stable cyberspace. The deliberations within this OEWG since its inception have been instrumental in fostering a shared understanding of the multifaceted issues surrounding international information security. The diverse perspectives and insight brought forward by Member States have enriched our discussion and contributed to a comprehensive examination of the threat that pervades the global digital landscape. However, we must acknowledge the fact that at the same time, the global cyberspace has become more unstable. The attacks on vital systems and critical infrastructure, such as energy, health, water, transportation, pose a severe threat to international security. The cyber threat landscape has witnessed a surge in disruptive activities by both state and non-state actors, with threats becoming more sophisticated. Critical infrastructures, which form the backbone of nations, face an unprecedented level of vulnerability. The potential consequences of attacks on essential systems, such as energy, healthcare, transportation, reverberate across borders, amplifying urgency for collaborative solutions. Equally concerning is the insidious spread of targeted disinformation campaigns, which not only cause social upheavals and turmoils, but also pose a direct threat to global and regional stability. The intentional dissemination of false narratives and the manipulation of social media by both states and non-state actors contribute to a climate of uncertainty, eroding trust and amplifying tension between nations. Furthermore, the militarization of cyberspace, the development of offensive cyber capabilities, the malicious use of ICTs by non-state actors like terrorists and criminal groups, and unchecked military application of new and emerging technologies are all contributing to dangerous erosion of global peace and security. The possession of capabilities by non-state actors to disrupt and destroy critical infrastructure is making the cyber threat landscape more precarious. Thus, my delegation believes it essential to continue to have in-depth discussion on this trend, intensify our collective efforts and response to effectively address these evolving threats. Regarding the guiding question on possible implications of emerging technologies on ICTs, Pakistan acknowledges the significant benefits of new and emerging technologies, including AI, but we also recognize the potential risks associated with them. New and emerging technologies provide malicious actors with new vectors and vulnerabilities that can be exploited to launch cyber attacks. These attacks can result in the theft of sensitive information, disruption of essential services, and even the compromise of critical infrastructure. The exploitation of these technologies for malicious ICT activity is a growing concern that required urgent attention from the international community. In conclusion, Mr. Chair, let me affirm that Pakistan stands ready for enhancing inter-state cooperation to effectively counter the threat posed by ungoverned global cyberspace. I thank you.

Chair:
Thank you very much. Pakistan, Japan, to be followed by Ireland. Japan, please.

Japan:
Thank you, Mr. Chair. Mr. Chair, at the outset, on behalf of the Japanese delegation, I would like to express my sincere appreciation for all the efforts you and your team have made in the run-up to this session of the OEWG. We have witnessed the growing threat posed by cyberattacks against the foundation of our society. Cyberattacks have been maliciously used to disable or disrupt critical infrastructure, interfere in foreign elections, demand ransoms, and steal sensitive information. Sometimes those are conducted in the form of state-sponsored cyberattacks. Mr. Chair, let me first touch upon the threat posed by cryptocurrency theft. Japan fully supports the statement of the delegate of the Republic of Korea regarding this issue. According to industry reports, $1.7 billion of cryptocurrency was stolen last year in the global cyberspace. We are concerned that there is a case that such stolen cryptocurrency has been a major source of funding on lawful WMD and ballistic missile programs. This is a clear example that shows the security threats in the physical space and those in the cyberspace are interrelated. The threat of ransomware has also increased over the years. The transnational nature of ransomware has adversely affected our national security, the financial sector and businesses, critical infrastructure, and the protection of personal data. Given these increasing threats regarding cryptocurrency and ransomware year by year, Japan proposes that they be discussed in the OEWG and included in the upcoming annual progress report. In addition, the proliferation and irresponsible use of commercial cyber intrusion capabilities, including commercial spyware, is another challenge. This growing market vastly expands the potential pool of state and non-state actors with access to the capabilities and increases the opportunity for malicious and irresponsible use, making it more difficult to mitigate and defend against the threats they pose. Mr. Chair, one preventive measure we can take is to emphasize to states the importance of adhering to the framework of responsible state behavior in cyberspace. Giving the public information about existing risks is an important preventive measure as well. In its efforts to raise awareness of the public, the government of Japan has issued a number of alerts about the increased risk of cyber attacks. In addition, promoting critical infrastructure protection through public-private partnership is essential. Currently, Japan’s cybersecurity policy for critical infrastructure protection lists 14 sectors, including airports, electricity, health care, and administrative services as critical infrastructure to be protected. And the government of Japan is now considering adding ports. to the list. Cyber security cannot be ensured by a single country alone, nor can it be sufficiently ensured only by government efforts. States need to work together with other states and various stakeholders to raise threat awareness and to promote protection efforts against malicious cyber activities. Japan will continue to make its utmost efforts to fight against cyber threats, including ransomware attacks and cryptocurrency theft, with other states and various stakeholders in order to pursue a free, fair, and secure cyberspace. I thank you, Mr. Chair.

Chair:
Thank you very much. Japan, Ireland, to be followed by Georgia. Ireland, please.

Ireland:
Chair, I want to begin by thanking you and the Secretary for preparing the agenda for our meeting this week and for the guiding questions for each of the relevant sessions. We also welcome the rich exchange thus far in this session this afternoon. Chair, I’ll be quick because it’s coming towards the end of the evening. To begin, Ireland wants to align itself with a statement made by our EU colleagues. There are three additional points we’d like to make in our national capacity. First, a new and emerging technology, such as artificial intelligence and quantum computing. These technologies hold the potential to positively transform our societies and economies. It is therefore imperative that they are designed with security as a primary consideration. Additionally, the dual-use nature of these technologies make them an attractive target for malicious cyber activity by state and non-state actors. The upcoming intersession will be an important forum to discuss these issues further. We believe that that conversation could usefully focus on generative AI and its ability to be deployed in the development of more targeted social engineering attacks, the identification of vulnerabilities, and the development of malware. which have the cumulative impact of lowering the threshold of those able to execute complex and sophisticated attacks. Chair, we see a significant increase in both the number and severity of ransomware attacks. Ransomware is now an area of national security concern with the potential to impact international peace and security. Particularly concerning is the degree to which this trend is underpinned by a dynamic operational model characterised by increasing specialisation with experienced cybercriminals offering services like malware and ransomware to the highest bidder, again significantly lowering the barrier of entry for cyberattacks. In response to the scale of this threat, Ireland has established a national counter-ransomware taskforce last year. We have also joined other members of the counter-ransomware initiative in condemning the payment of ransomware demands. It is vital that we send a strong signal that the payment of a ransom does not guarantee the security of your data. It also fuels the ransomware industry, increasing the threat level globally. Finally, Chair, we remain concerned at the threat posed by state actors, their proxies and line groups, targeting critical infrastructure with the potential for cross-border cascading effects to the point of impacting international peace and security. As an island nation with an exclusive economic zone and continental shelf approximately seven times the size of our land area, we are acutely conscious of the significance of the data cables that pass through our maritime zones for the functioning of economies and societies across the globe and to international security and stability. Events in recent months from Northern Europe to the Red Sea illustrate the degree to which this is an increasingly global issue. Effectively countering the threat of data cables requires a multi-stakeholder approach. As my EU colleague mentioned earlier today, the private sector owns much of this critical infrastructure and their perspectives on the threat landscape are therefore vital in informing the work of the OEWG. In that context, Ireland is delighted to be supporting UNIDIR’s second multi-stakeholder dialogue on subsea telecommunications cables in cooperation with the International Cable Protection Committee. This will take place tomorrow, 1.15 p.m. in conference room 7 and online, and importantly, lunch will be provided. Finally, Chair, I just wanted to note our support for further consideration of Kenya’s proposal for a threat repository. Thank you very much.

Chair:
Thank you very much, Ireland. I’ve always believed that lunch is a confidence-building measure, so that is very much welcome as well. Georgia to be followed by the UK. Georgia please.

Georgia:
Thank you, Mr. Chair. Georgia aligns with the statement delivered by the EU delegation, let me add the following remarks in the national capacity. In a modern security environment with unpredictable and rapid geopolitical developments, the authoritarian actors threaten the rules-based international order by using a combination of conventional and unconventional methods of warfare. Georgia is the first example of the use of cyber attacks during conventional military engagement. In the course of the Russian military aggression in 2008, the country witnessed numerous attacks in cyberspace. The cyber security threats constantly evolve as technology advances. Today we observe the trend of increased threat of globalized ransomware and AI-powered attacks using artificial intelligence and machine learning to bypass traditional security measures. We identify also the threat of social engineering disinformation and deepfakes. The need of the accountability of these threats is evident when state actors with advanced cyber capabilities engage in warfare or targeting critical infrastructure and civilian assets during conventional military operation. In this context, addressing these evolving threats requires concerted international efforts within the framework of international humanitarian law and its principles. The 11 established norms supplemented by existing principles of international law hold significant importance as they constitute a comprehensive guide for shaping state behavior in cyberspace. The OEWG should continue its efforts to address malicious cyber activities, and in order to enhance accountability, work on implementing and developing the norms prohibiting states from conducting cyberattacks against critical infrastructures such as healthcare facilities, energy power plants, transportation systems, or financial institutions. I thank you.

Chair:
Thank you, Georgia. United Kingdom to be followed by Mexico. UK, please.

United Kingdom:
Thank you, Chair. Chair, you asked states to consider the potential role of the OEWG in considering the threats presented by the proliferation and the ready availability of sophisticated commercial and open-source ICT capabilities to non-state and private actors. As we stated in December, the United Kingdom is concerned that the growing number of commercial providers of cyber intrusion capabilities has the potential to increase instability in cyberspace. This market includes so-called hacking-as-a-service companies that provide advanced cyber intrusion tools, including spyware, to access victims’ devices globally. It also includes so-called hackers-for-hire, who carry out bespoke cyber intrusion for paying clients, commodity cyber tools, often designed to improve cybersecurity through penetration testing, but with the potential to be misused, and finally, the vulnerability and exploit marketplaces. These market components, in their totality, are having a transformational impact on the cyber threat landscape. As the market grows, it is expanding the range of actors with access to advanced, commercially available cyber intrusion capabilities. and is increasing the potential for irresponsible use. The UK has observed, for example, the misuse of commodity penetration testing tools, tools designed originally to support cyber security, to support ransomware attacks and to threaten our critical national infrastructure. Without international cooperation, we expect this phenomenon to increase the volume and severity of cyber attacks we face. This will make it more difficult for our cyber defences to protect public institutions, organisations and individuals. There is a need for states to agree on higher, consistent standards of oversight, accountability and use, to discourage irresponsible activity across the market, while at the same time recognising the legitimate uses of these capabilities for national security and law enforcement. This is why, last month, the United Kingdom and France partnered with 25 other states and 26 industry and civil society representatives to launch the Pal-Mal process. The Pal-Mal process is an international, multi-stakeholder initiative through which we will establish guiding principles and highlight policy options to address this complex issue. The Pal-Mal process is inclusive, with representation from states, civil society and the private sector itself, and we welcome further state and non-state participants willing to commit joint action, guided by the principles of accountability, precision, oversight and transparency, to mitigate the threat from irresponsible activity across this market. We welcome the invitation in your guiding questions to discuss this issue here today. We recognise equally that this is only one aspect of the evolving cyber threat landscape. Cyber threat remains one of the greatest cyber threats to the United Kingdom’s critical national infrastructure, and we should remain vigilant of its potential impact on international peace and security. Whilst criminality online is the most significant threat faced by the United Kingdom, in terms of volume. The most advanced threats to UK critical national infrastructure still come from nation-states. In December, we made a statement on unacceptable attempts to use cyber operations to interfere in our democratic institutions and processes. Beyond ransomware and the threat from malicious activity conducted by states, 2023 also saw state-aligned actors become a new and emerging cyber threat to critical infrastructure. The cyber activity of these groups often focuses on distributed denial-of-service attacks, website defacements, or the spread of misinformation. But some have a stated desire to achieve more disruptive and destructive impacts. Thank you, Chair.

Chair:
Thank you very much, United Kingdom, for your statement. And thank you also for sharing information about your Palma process. Mexico to be followed by Canada. Mexico, please.

Mexico:
Thank you, Mr. Chairman. The dynamic quality and constant development of ICTs offer significant opportunities, but they also pose challenges to cybersecurity. Mexico supports a technologically neutral perspective. It promotes the use and development of new technologies and emerging technologies to promote progress. However, we are aware of current and emergent threats in the area of information security, including data protection entailed in these technological advances. We reaffirm that the concerns we have identified and discussed previously continue to exist. Matters such as the use of malware, ransomware, data theft, and in particular the protection of personal information, as well as the use of ICTs to interfere in national processes, including elections. attacks on critical infrastructure, and the use or theft of cryptoassets to finance weapons proliferation, the irresponsible use of intrusive cyber capacities, to mention just a few, are part of this gamut of threats. Mexico wants to strengthen this working group as a forum for discussion of these threats and to work on the practical implementation of norms and principles of responsible behavior in cyberspace to prevent, mitigate, and respond to such threats. We recognize and we echo the concerns expressed by several countries about recent developments in artificial intelligence and other emerging technologies. Thus, we suggest that we explore synergies with the high-level advisory body on artificial intelligence of the United Nations to incorporate expert voices in this working group and to bring about a closer relationship with other United Nations fora and mechanisms on these items. We think that this could be explored during the intersessional meetings in May to go deeper into our collective understanding of the challenges posed by emerging technological developments such as generative AI, quantum computing, and cloud services. The distinguished delegate of Malaysia has expressed this eloquently, and my delegation values proposals on a repository of cyber incidents as a form of understanding common threats and their interconnection with other processes underway in our organization. We believe that intersessional meetings offer us an opportunity to deliberate on this proposal and other similar ones in order to reach a broader understanding. of these initiatives and to bring them into our current conversations, as well as the design of the regular permanent dialogue mechanism. The proposals we are submitting today underscore that cybersecurity should not be an isolated item. It should be part of an integrated dialogue. Our dialogues can and should be based on the tasks and concerns of other – addressed in other forums in our organization, which have to do with cyberspace and which can enrich and complement our debates. I conclude by underscoring the importance of complementing this exchange with the vision and contributions of multi-stakeholders, including organizations of civil society, academia, and the private sector. Thank you.

Chair:
Thank you very much, Mexico, for your statement. Canada, you have the floor, please.

Canada:
Thank you, Mr. Chair. Before speaking to threats, I would like to take this opportunity to thank you and the Secretariat for all of your hard work preparing for this upcoming week. I’d also like to welcome 41 women and cyber fellows from a total of 36 states, spanning the Americas, Europe, Africa, Asia, and Oceania, that are attending this week’s OEWG meeting. The presence of these women delegates is an important contribution to gender equity and a vital component of our debate. We also take good note of the presence of the multi-stakeholder community at this session. As you have noted, engagement with stakeholders is essential to ensure that states fully understand threats and are able to benefit from the contribution of non-state actors to capacity building. In this light, we strongly regret that 18 stakeholders who could have provided significant and substantive contributions on threats have been vetoed. We regret that an increasing number of states are using vetoes to silence voices with which they do not agree and encourage all OEWG members to do the same. to avoid using such vetoes. Mr. Chair, Canada hopes that this OEWG session will allow us to further engage constructively on our collective objective to shape a stable cyberspace where responsible behaviour is observed. An underlying component of a stable cyberspace is ensuring that states understand the threats they face. A second critical component, which one would hope all in this room would understand, is that states themselves should not act as threats to others and should take appropriate measures to mitigate threats arising from their territories. Nevertheless, state-sponsored cyber activity against Canada is a constant threat. State-sponsored threat actors are exploiting commonly used software platforms to target thousands, sometimes hundreds of thousands of victims across the globe. In terms of their objectives, this is very likely includes stealing intellectual property and acquiring personal information. State-sponsored threat actors are also targeting critical infrastructure to collect information through espionage, preposition in case of future hostilities, and as a form of power projection and intimidation. We are also seeing increased malicious activities and the use of ICTs to interfere with elections, a particular concern in 2024, which will see a large number of elections taking place globally. Malicious use of cyber capabilities can influence political outcomes and threaten a state’s democratic process by targeting voters, politicians, political parties, and election infrastructure. The cyber threat activity targeting elections has increased worldwide. The proportion of elections targeted by cyber threat activity relative to the total number of national elections globally has increased from 10% in 2015 to 26% in 2022. Mr. Chair, as you noted, AI is an increasing threat focus for all states. AI has the potential to increase cyber threats, but also to help states counter these threats. AI is also an extensive topic that could easily overwhelm this body. Canada therefore believes… that the OEWG must focus on AI developments as they apply directly to cybersecurity. This necessitates consideration of novel security vulnerabilities alongside standard cybersecurity threats throughout the life cycle of AI systems. Additionally, AI, and more specifically, machine learning enabled technologies, can make fake content easier to manufacture and harder to detect, which compounds the number and severity of threats we face today and we may face tomorrow. AI itself can also be vulnerable to cyber activity. In November 2023, Canada joined more than 20 international partners to provide guidelines for secure AI system development. Two months later, this publication was followed by an additional piece focusing on the secure use of AI. These initiatives are examples of how we can work together to deepen understandings on existing and potential threats. Let me now turn to ransomware, the most disruptive threat currently facing Canada. Cyber criminals deploying ransomware have evolved in a growing and sophisticated ecosystem that will continue to adapt to maximize profits. It is important to note that some states are very likely acting as cyber criminal safe havens, from which cyber criminals based within their borders can operate against targets. States sometimes work with non-state cyber groups as a force multiplier to enhance their capabilities and avoid direct attribution. These groups are notably engaged in targeting of high value organizations in critical infrastructure sectors. And they do so with near impunity from their host state, contrary to the spirit of norm C and D. Canada actively participates in the counter ransomware initiative, as well as other multilateral counter ransomware efforts. The Canadian Center for Cybersecurity also works to minimize the threat by providing guidance and technical services to critical infrastructure and key supply chains to improve their cyber resiliency. While working to streamline cyber incidents. reporting and discourage ransom payments. Much of this information is online and can be accessed by other interested states to support and increase their cyber resilience. Finally, let me turn to Canada’s concerns regarding the risk that states and criminal groups that do not have sophisticated cyber capabilities are able to purchase these tools and services from commercial providers. Canada was pleased to join the Pal-Mal process, a global initiative to counter proliferation and irresponsible use of commercial cyber intrusion capabilities. We are gravely concerned that certain states almost certainly leverage commercial software to monitor dissidents, activists, journalists, and diaspora groups. Mr. Chair, as a responsible state actor in cyberspace, Canada looks forward to working with all other states that share our commitment to a stable rules-based cyberspace to tackle these threats. Thank you.

Chair:
Thank you very much, Canada, for your statement. We are close to six o’clock, and I have a list of speakers with 17 remaining member states and one or two stakeholders. So it’s my intention to continue the list tomorrow. We will start tomorrow at 10 a.m., starting with Czechia, followed by the Czech Republic, followed by Brazil, Denmark, and Israel. We’ll meet you all tomorrow and continue with the speakers list. Secondly, let me take this opportunity to remind and also reiterate the invitation to the reception this evening. This is a week of many side events and free lunches, no doubt all intended to exchange information, relationships, and have a drink as well. So on that spirit of giving you all a safe space to meet each other and have a conversation and have a drink in the process. Let me invite you to the reception this evening to be hosted by me at the Singapore Mission at 6.30. The stakeholders are also welcome. Members of the Secretariat are also welcome. So I hope to say hello to each one of you at the reception and see you all at 6.30 this evening and at 10 a.m. tomorrow morning. The meeting is adjourned. Thank you very much. Thank you.