Agenda item 5: Day 2 Morning session

OEWG convenes to tackle rising cyber threats and stresses need for international cooperation

The Open-Ended Working Group (OEWG) on the Security of, and in the Use of, Information and Communication Technologies (ICTs) convened to discuss the multifaceted cyber threats impacting international peace and security. Delegates from various nations expressed deep concern over the surge in cyberattacks targeting critical public services, with a particular emphasis on the alarming increase in ransomware attacks and their potential to erode public trust in digital services and state institutions. Czechia reported a significant rise in cyber incidents, predominantly linked to Russian hacker groups, and called attention to the trend of ransomware as a service and the role of cryptocurrency in financing such illegal activities.

The session also delved into the challenges posed by emerging technologies like artificial intelligence (AI) and quantum computing, which could lead to more advanced and effective cyberattacks. Delegates stressed the need for focused discussions on these threats and emphasized the relevance of international humanitarian law in regulating ICT activities during armed conflicts.

A multi-stakeholder approach was advocated, highlighting the importance of including private sector, academia, and civil society in the cybersecurity discourse. The role of international cooperation and capacity building was recognized as crucial for enhancing global cybersecurity resilience, with several countries supporting initiatives such as the International Counter-Ransomware Initiative and the proposal for a UN threat repository.

The OEWG was acknowledged as an informal repository of information on cyber threats, serving as a platform for raising collective awareness and fostering discussions on how to address these threats collectively. The Chair of the session emphasized the importance of the OEWG’s work in the face of global geopolitical tensions and the low level of trust among nations. The Chair appealed to all delegations to focus on substantive matters and to work towards consensus, noting that the spirit of consensus should not be taken for granted and requires each delegation’s active participation and flexibility.

Geopolitical tensions were evident during the session, with several delegations exercising their right of reply to address broader issues beyond the immediate scope of the OEWG’s mandate. The Chair intervened to redirect the conversation back to the substantive matters at hand, underscoring the OEWG’s limited capacity to resolve geopolitical conflicts.

In conclusion, the session highlighted the urgency of addressing the evolving cyber threat landscape through international cooperation, inclusive dialogue, and collective action. The Chair adjusted the schedule for upcoming sessions to ensure that stakeholder contributions are heard while urging delegations to present succinct and focused interventions moving forward. The discussions underscored the critical role of the OEWG in navigating the complex intersection of cybersecurity and international relations amidst ongoing global challenges.

Chair:
Good morning, Distinguished Delegates. The third meeting of the Seventh Substantive Session of the Open-Ended Working Group on Security of, and in the Use of, ICT, established pursuant to General Assembly Resolution 75 slash 240, is now called to order. Distinguished Delegates, we will continue our discussion on the topic of existing and potential threats in the sphere of information security. And I’d like to continue with the speakers’ list. We have about 18 speakers who had inscribed yesterday. We will take them one at a time, and those of you who had pressed the button yesterday, you do not need to do it again today, unless there are additional requests for the floor. So we’ll start with Czechia, to be followed by Brazil. Czechia, you have the floor, please.

Czechia:
Thank you, Mr. Chair. Czechia aligns itself with the EU Statement and wishes to emphasize a couple of points in its national capacity. Speaking about new development and existing and potential threats, let me firstly note that the Czech National Cyber and Information Security Agency registered a record number of cyber incidents in my country in the past year. Compared to the previous year, there was an almost two-fold increase. The most common types of cyber attacks in Czechia are ransomware and DDoS attacks. The most frequent targets of cyber attacks are the online services of banks, government websites, universities, and hospitals. In our specific case, most cyber attacks are linked to Russian hacker groups. I agree with several previous speakers, including the EU Statement that ransomware has long been among the most serious cyber threats. We observe that specifically ransomware as a service is a rapidly developing trend. We noted also a crucial role of cryptocurrency used in acquiring funds for illegal activities connected with ransomware attacks, as mentioned yesterday by the Republic of Korea. This threat is unique for its use of multiple exceptions and begins to prevail. As far as random attacks are concerned, we also want to point out that they have significant potential to undermine public trust in the digital services and states that have been implemented in recent years. The challenges related to the fight against ransomware cyber threats are not only technical, but include criminal, financial, organizational, and international aspects. Czechia therefore supports the discussion about ransomware on an international level, including open-ended working groups and welcomes initiatives such as the International Counter-Ransomware Initiative. Based on our experience from the International Counter-Ransomware Initiative, we for example recently established a national-level interdepartmental working group that would address the challenges related to the fight against ransomware threats. In addition to threats such as ransomware, rapid progress in the field of artificial intelligence and chatbots based on large language models is increasingly being projected in the cyberspace. With this kind of development, it is likely that attackers will have better options when preparing cyber attacks. Czechia therefore joins what several other speakers already mentioned and would support more focused discussion on threats posed by the development of new and emerging technologies, including artificial intelligence and quantum computing. Czechia also notes that many countries are developing ICT capabilities for military purposes, which increases the risk that ICT systems will be used in future conflicts between states. Unfortunately, we already have cases where this is happening. In this context, Czechia stresses the importance of the call of the EU declaration on this Open-Ended Working Group to recognize that in the context of armed conflict, the serious risk that ICT activities pose to civilian objects, infrastructure and services, including humanitarian organizations and provisions of health care, is governed by the rules of international humanitarian law, which parties to any armed conflict must abide by. Finally, yet importantly, Czechia wishes to note that our debate regarding cyber threats cannot be effective if the practitioners from the private sector, academia and civil society are excluded from it. In the past, Czechia, for example, focused with the Open-Ended Working Group on the cyber threats against medical facilities. During this Open-Ended Working Group, the Executive Director for Cybersecurity of one of the world’s largest pharmaceutical companies wanted to share with us their latest trends regarding attacks on medical facilities. I’m convinced that her contribution could be very beneficial for a number of countries and the overall discussion was in the Open-Ended Working Group. Unfortunately, the specific stakeholder couldn’t share its knowledge with us because there are states that have repeatedly and pointlessly blocked the accreditation of non-governmental stakeholders on Open-Ended Working Group. Thank you, Mr. Chair.

Chair:
Thank you, Czechia, for your statement. Brazil, to be followed by Denmark.

Brazil:
Thank you very much, Mr. Chair. Mr. Chair, at the outset, I would like to express my delegation’s appreciation for your work since the beginning of the mandate of this Open-Ended Working Group and your efforts in ensuring that our discussions continue to incrementally advance. Rest assured of my delegation’s continued unwavering support to the OEWD and to you. The pervasive use of ICTs, now ubiquitous in all dimensions of our lives and societies, has exponentially increased our vulnerability to malicious cyber operations, which present one of the most complex challenges to international peace and security of our times. It is essential that this Open Networking Group continue to advance in the discussion of all threats in this domain, and particularly those which have emerged more recently. Rapidly evolving technologies bring new threats to critical infrastructure, such as the risk of sabotage to optic fiber cables or of damage to satellites used in cyber communications. We reiterate our appreciation for the second APR’s inclusion of ransomware in the threat section, given the grave implications for many ransomware attacks to the security and stability of states. We also emphasize the need for the OEWG to engage in deeper discussions on this issue, with a view to eventually making concrete recommendations to address this threat. While we welcome the discussion of this important issue in cybercrime fora and are members of initiatives such as the Counter-Ransomware Initiative, this group, as a UN forum with a mandate from the GA to discuss threats in which congregates the entire membership, is a body with the legitimacy to establish universal guidelines on this issue. Similarly, we reiterate the need for the OEWG to address the impacts of artificial intelligence and quantum computing to international peace and security. While AI has already and will surely continue to bring many beneficial, peaceful applications to humankind, we can predict with certainty that its applications will be extended to the military field, with relevant impact to peace and security. Those military applications, especially the use of force, must strictly abide by international humanitarian law as enshrined in the Geneva Conventions and other relevant international legal obligations and commitments. In this domain, Brazil advocates that we are guided by the concept of meaningful human control adopted in 2019 by the high-contracting parties of the Convention on Certain Conventional Weapons on its debates on lethal autonomous systems, but which also apply to discussions on the military uses of AI. Guiding Principle B of the GGE on Emerging Technologies in the Area of Lethal Autonomous Weapon Systems indicates that human responsibility for decisions on the use of weapon systems must be retained. since accountability cannot be transferred to machines. The centrality of the human element in any autonomous system is essential for the establishment of ethics standards and for full compliance with international humanitarian law. There is no replacement for human judgment and accountability. Military implications of AI must also be based on transparency and accountability throughout their life cycle from development to deployment and use. We are equally concerned by the uses of generative AI in misinformation and disinformation campaigns, particularly, but not limited to, the use of so-called deep fakes, the advanced digital manipulation of images, video, audio, or text generally used to create fake content that appears authentic, distorting reality to deceive or influence public perception. In the context of an armed conflict, this could cause grave harm to civilians and would constitute a violation of international humanitarian law. The use of AI for misinformation, disinformation purposes is also of particular concern in electoral processes, where it poses a significant threat to state’s political stability. With this in mind, our Supreme Electoral Court has enacted several norms ahead of this year’s municipal elections, which prohibits the use of deep fakes and greatly limit the use of AI in general in electoral campaigns. Mr. Chair, quantum computers, which are currently being developed, are like AI, a technology of dual use. Exponentially more powerful computing will accelerate science and innovation, therefore bringing many socioeconomic dividends to societies. However, quantum computers could also be used in the development of armaments and other military equipment and in offensive operations. In the context of ICT security, quantum computers will have the potential to break currently used cryptographic algorithms, leading to strategic advantages for those who control this technology. This would render the interception of confidential sensitive information an even more dangerous threat. By some predictions, classic cryptography systems could be obsolete in as little as 10-15 years. The international community is clearly concerned by these technologies, as evidenced by the many initiatives at the national and international levels that many countries have recently taken on these subjects. As with ransomware, while we have taken part in some of these processes, due to the intrinsically multidisciplinary nature of AI, our international discussions of it should remain open and inclusive. This group, with its universal UN membership composition, is the best forum suited to a structured, long-term discussion on the security aspects of artificial intelligence and quantum computing, including those related to their military applications. Mr. Chair, we share the concerns shared by many on the threat posed by the malicious use of commercially available cyber intrusion tools. It is important that regulations are put in place to combat the misuse of these technologies, which constitutes a threat to international peace and security and a violation of human rights, particularly of the right to privacy. We must bear in mind, however, that these tools, when duly regulated by the appropriate legal guardrails, have important legitimate uses, such as by law enforcement in criminal investigations with judicial authorization. In this context, we oppose using the term proliferation, traditionally associated with weapons of mass destruction, whose very existence are illegal to refer to their irresponsible dissemination and misuse. And initiatives aimed at regulating the commerce and use of these technologies must not pose undue constraints to their access by legitimate authorities, particularly in developing countries, many of which do not possess those capabilities. In the cyber realm, which has been transnational since its inception, international cooperation is even more important to countering threats. This includes capacity building, which has been rightfully recognized by the second APR as a cross-cutting element to all issues under the OEWG’s mandate. We also positively view some proposals made by other delegations within this OEWG, such as the creation of a threat repository and the adoption of a common terminology, and are open to deepening those discussions. I thank you, Mr. Chair.

Chair:
Thank you, Brazil, for your statement. Denmark, to be followed by Israel. Denmark, please.

Denmark:
Thank you. Denmark fully aligns with the EU statement and would like to make the following statement in our national capacity. The past years, we’ve witnessed a surge in cyberattacks, setting new benchmarks in terms of variety, volume, and consequences. Critical events like the ongoing war of aggression against Ukraine significantly influence the cyber threat landscape. In Denmark, we have seen a high level of activity among pro-Russian activist hacker group. Russia’s cyber capabilities are continuously weaponized in Ukraine in attempts to undermine trust in authorities and destroy critical infrastructure. This behavior is contrary to the framework for responsible state behavior in cyberspace. 2024 is going to be the biggest election year in history. Therefore, I would like to take the opportunity to highlight the concerning amount of cyberattacks targeting democratic elections. Last year, the UK attributed several cyberattacks on British politics and democratic processes to Russia. This behavior is unacceptable. And Denmark, together with the EU, strongly condemn malicious cyber activity targeting democratic elections and encourage all actors to live up to their international obligations. Emerging technologies are rapidly changing the cyber threat landscape these years. Artificial intelligence has not only resulted in an increase in volume of cyberattacks, but also made cyberattacks, including ransomware attacks, more effective. As pointed out numerous times today and yesterday, the increase in ransomware attacks is deeply worrying. To successfully combat ransomware attacks, it is crucial that we work together with different stakeholders. Private companies own a large proportion of critical infrastructure and therefore play an important role in safeguarding society. from malicious cyber activity. We must strive for effective coordination between governments and all relevant stakeholders, including civil society, academia, and the private sector, as combating cyber attacks must be a joint commitment. Thank you, Chair.

Chair:
Thank you very much, Denmark. Israel followed by Argentina. Israel, please.

Israel:
Good morning, Chair. Thank you, Chair, for giving us the floor, as it’s the first time a delegation takes the floor during the seventh substantive session of the Open-Ended Working Group. We wish to thank you and your team, as well as the UNODA, for the tireless efforts and dedication leading us through this process and for preparing this session. Mr. Chair, since the October 7th heinous terror attacks against Israeli citizens, around 15 cyber attack groups attributed to malign states and other terrorist and non-state actors have also intensified their attempts to launch cyber attacks against targets in the Israeli public, private, and government sectors. The attackers’ intention, as any other terror organization, is to spread terror by harming civilians and attempting to cause real damage. They have been using cyberspace to damage, among other things, our critical and civilian infrastructures, targeting our energy installations, water systems, and even hospitals. Their actions should be condemned uniformly. Also in this forum, as part of the efforts to confront these attempts to spread terror, Israel is continuing to thwart many attempts to penetrate cameras and billboards in the public domain, stopping them from gathering information and trying to influence and to damage our essential services, as well as thwarting numerous attempts to deny service or deface government and academic commercial websites and harm private sector entities and services. This malevolent actions and attempts violate the basic norms of responsible state behavior in cyberspace. Nations that are advocating and call for the implementation and adherence to these norms should all stand together today with Israel in condemning these harmful malicious cyber attacks. Even in more peaceful times, Israel continues to be a target of malicious efforts to penetrate and damage its digital infrastructure. It is the continuity of basic and essential services to the public that are at stake here. Mr. Chair, an additional threat is the one posed by malicious actors using Cybersphere to conduct influence operations through spreading misinformation and fake news and engaging in sophisticated phishing campaigns aiming to spread their malware. This is particularly serious as it directly threatens national security. Like the campaigns perpetrated by some of these attack groups and cyber terrorists using cyberspace cynically and mercilessly to hurt the families of the victims in the most degraded and despicable form while trying to spread fear and by stealing the hostages’ digital assets as they continue to hold 134 kidnapped Israelis and torture them and their worried families. We should all work together to improve our capabilities to fight these and similar threats. Mr. Chair, in an attempt to address your guiding questions, the introduction and use of AI and recently with the development of Frontier AI, a new challenge emerges also to cyber security. We wish to highlight that technology is neutral. There is no bad technology or good technology. Technology is in and of itself neither legitimate nor illegitimate. Nevertheless, the ongoing developments of AI and introduction of generative artificial intelligence have increased the attack surfaces. significantly. AI models and data sets used by these models present new opportunities to adversaries. Publicly available generative AI enhances attackers’ capabilities. We all need to address the challenges how to better secure AI models throughout their lifespan. This includes the need to secure AI development and data sets and safeguard the use of AI models. It should be mentioned that AI also holds great positive potential for cyber security and we should all work together to harness AI technologies for better cyber security and building a collective resilience. The emergence of new and very advanced technologies carries also many new opportunities and benefits and the international community will need to find the ways to balance the need of securing an open and free development of emerging technologies while mitigating the potential new threats they pose. In this regard, we wish to commend the U.S. for leading the efforts to draft a U.N. resolution on safe, secure, and trustworthy AI systems for sustainable development. Mr. Chair, per your second guiding question, another emerging threat we should take into consideration is the cooperation between rogue states and non-state actors like organized criminal actors or terrorist organizations acting as proxies. The proliferation and availability of advanced cyber tools in the hands of non-state actors and unauthorized private actors constitute a serious threat. The malicious use of these sophisticated intrusive cyber capabilities by non-state actors and unauthorized private entities carries serious implications to national security and to the stability of cyberspace as a whole. In many cases, these malicious actors are also receiving safe havens which enables them to pursue their harmful activities with impunity. In this context, offering hacking as a service and the illicit financing of cyber attacks using cryptocurrency is a growing threat. This is an area where countries could collaborate to break this kill chain and block funding for malicious cyber activities. We believe that if we could develop an efficient mechanism to freeze and seize cryptocurrencies on a global scale, we could drastically prevent many of these cyber attacks. To conclude, Mr. Chair, Israel is looking to cooperate with other states on the prevention and mitigation of existing and emerging risks and threats in the cyberspace, aiming at building together a stronger global resilience. Thank you, Chair.

Chair:
Thank you very much, Israel, for your statement. Argentina, to be followed by Bangladesh.

Argentina:
Thank you, Chairman. Since this is the first time that my delegation takes the floor, I would like to welcome you, your team, and to pay them tribute and show you the support of my delegation in your work. I’d also like to thank the Women in Cyber program for making it possible to have a greater participation of women in the discussions. Chairman, in the view of Argentina, the main threats that we must address are not unrelated to what is taking place in all corners of the world. Mainly because of the global nature of cyberspace and the transnational nature of cyber incidents. For Argentina, it’s of great concern the more frequent use of malware, ransomware, and phishing and their effects on critical infrastructure. The ecosystem of vulnerabilities in this critical infrastructure has worsened and this does represent a shared concern among states, the private sector, and civil society. In this regard, we highlight the importance of cooperation with the many stakeholders who are involved. to continue to analyze the existing and potential threats in cyberspace and to promote actions at the global level, such as exchange of experiences and the panel of experts. My delegation supports the initiative to establish a registry of states on a voluntary basis, as was proposed by the distinguished delegation of Kenya. We believe that this would be a means for confidence building and contribute significantly to better understanding of the threats we are facing and to developing effective strategies to reduce those threats. In the establishment of such a registry, we support strengthening the multi-stakeholder model and the promotion of the participation of the private sector and civil society. The stakeholders are at the center of the cyberspace, either as experts, owners or operators of infrastructure elements. Their participation gives us a fuller view of the problems that we are encountering collectively. It also ensures that we come up with more holistic solutions to the challenges represented by the new challenges in cyberspace. Also, Argentina gives great importance to analyzing the threats to the stability of cyberspace, which arise from new technologies, such as artificial intelligence and quantum computing. The development of emergent technologies in the area, for example, of autonomous weapon systems is a threat to international law, international humanitarian law, and for international human rights law. Therefore, it is vital to analyze how we can ensure a control of this type of technology through its entire life cycle. Similarly, we are particularly interested by the opportunities these emerging technologies allow us. for our societies. We understand that emergent technologies are neutral and that the problem is in terms of the control over the use of those technologies. In this regard we recognize the need to find a proper balance between the regulatory frameworks which are being established around the transfer of these technologies and the right of all states, principally developing states, to have access to emerging technologies for their well-being and their socio-economic growth, and also to contribute to the resilience of cyberspace for the benefit of all. Mr. Chairman, given the emerging threats, we must have greater cooperation between states in this area. In general, it’s the private sector which has the greatest capacity and resources to explore the operation of malware, and this allows them to update on the threats which exist. In this regard, establishing international cooperation with the private sector in this area does represent a tangible benefit for the entire international community. Thank you very much.

Chair:
Thank you very much, Argentina. Bangladesh, to be followed by Netherlands. Bangladesh, please.

Bangladesh:
Thank you, Mr. Chair. It’s a pleasure to see you in the work of this group. My delegation extends its genuine gratitude to you and your skilled team for steering this group with excellence. Rest assured, you have our unwavering support in all your endeavours. Mr. Chair, during the sixth substantive session in last December, my delegation underscored several threats, including deepfakes, quantum computing, AI-powered hacking, and supply chain attacks as new developments in existing and potential ICT threats. we reaffirm that these threats continue to be highly relevant in the context of advancement of AI and other emerging technologies. Chair, your guiding questions consistently push the boundaries of my knowledge and ingenuity. It leaves literally no room to recycle my statements. While undeniably taxing on my intellect, let me acknowledge that your questions are always a delightful mental workout. As we try to answer your questions, my delegation views the increasing weaponization of misinformation and disinformation driven by cutting-edge technologies, including artificial intelligence, using technologies like deep fakes as a pressing threat. This threat jeopardizes social harmony, democratic processes, and very existence of humanity itself. The cardinal principle of free will, the cornerstone of human superiority, faces unprecedented challenges as sophisticated misinformation and disinformation blur the lines of truth. This danger is particularly pronounced as billions of people worldwide approach crucial voting movements this year, as also mentioned by many other delegations, making them vulnerable to its manipulative power. Urgent attention and collaborative efforts are required to safeguard democratic values and preserve social unity. Chair, as AI becomes an integral part of people’s decision making processes, it is crucial to ensure that AI systems are explainable. This helps prevent them being perceived as black boxes and guarantees that human remains in control of AI-aided decision making. Second, AI is supercharging cyber attacks. Malicious actors can now leverage AI to craft hyper-personalized phishing campaigns. By analyzing a vast amount of data, AI can create highly believable emails that target individuals with unnerving accuracy, bypassing traditional spam filters. This deadliness is compounded by the automation of intuition attempts. AI-powered tools can orchestrate a relentless barrage of complex attacks, overwhelming security defenses with a constant stream of probing and exploitation efforts. This combination of hyper-personalization and automation makes AI a powerful weapon in the hand of cybercriminals. Third, the widespread availability of potent ICT tools, both commercially and open source, fosters a ripe environment for cybercrime. Through denial of service attacks, attackers can disrupt online services with minimal technical expertise. The anonymity afforded by open source tools, applications, attribution, emboldening perpetrators, and impending accountability. The dark web further exacerbates the situation, functioning as a marketplace for sophisticated hacking tools that lower entry barriers to cybercrime. Furthermore, vulnerabilities in widely used open source libraries create supply chain weakness, posing a risk to entire software ecosystem. Finally, the intertwining of AI and cyber security presents a paradox. While AI can significantly bolster defense mechanisms, it also equips adversaries with powerful tools to launch sophisticated attacks. As we witness the emergence of novel AI-driven threats, it becomes imperative for organizations, governments, and individuals to stay abreast of this emerging space and invest in technically appropriate security strategies. In an AI-dominated landscape, the future of ICT security requires more than just technological solutions. It demands a thorough understanding of evolving cyber adversaries’ tactics. The open-ended working group has been playing and can continue to play a crucial role in addressing this dynamic landscape which we all desperately aspire to navigate effectively. I thank you.

Chair:
Thank you very much, Bangladesh, for your thoughtful statement, and thank you for not recycling your statement. And it’s also quite clear that your statement was not prepared by generative AI, because I can see that you have thought very carefully and seriously about this matter, and that is very much appreciated. I give the floor now to Netherlands, to be followed by Belarus. Netherlands, please.

Netherlands:
Thank you very much, Chair, and as it is the very first time I take the floor in this open-ended working group, I want to thank you and congratulate you with your work in guiding us through this process. The Kingdom of the Netherlands aligns itself with the statement delivered by the European Union, and I will make some additional remarks in my national capacity. The Netherlands continues to be concerned by an ever-evolving pattern of malicious cyber activities, activities that have growing implications on individuals, societies, and peace and security between states. In our previous sessions, we held rich exchanges on the threat landscape, and were able to capture many of them in our APRs. The Netherlands considers our shared understandings of the threat landscape to be an essential basis for the rest of our work. Chair, before addressing your guiding questions, I would like to highlight the Netherlands’ continued concern over operations aimed at stealing intellectual property and other sensitive data. from commercial and government entities. On the 9th of February, the Netherlands National Cyber Security Centre published a technical advisory reporting an intrusion into this network of the Netherlands Ministry of Defence in 2023 that was attributed to a state actor. The advisory provides technical information regarding malware on FortiGate appliances, referred to as CodeHanger. It is our hope that this advisory will enable international partners and organisations to detect, prevent and mitigate this threat. Chair, allow me to highlight four areas in which the Netherlands considers this group could expand in its next APR. Firstly, we welcome the inclusion of ransomware in the last APR and hope to make further progress this year, as ransomware incidents with significant disruptions to economies, societies and individuals have been observed in various regions worldwide. For example, we have seen ransomware attacks on essential healthcare systems, as was mentioned also by, amongst others, Belgium, Australia, New Zealand and Italy, disrupting people’s access to medical information and may indeed put lives at risk. These kinds of ransomware incidents have such a disruptive impact that they may rise to a level of threat to national and international security. Secondly, the Netherlands is deeply concerned over malicious cyber activities targeting international organisations, such as the ICC. International organisations play a crucial role in addressing global challenges. from conflict resolution to providing justice, humanitarian aid, and peacekeeping. Cyberattacks targeting these organizations do not only disrupt their ability to do their work in an independent manner, but also pose a threat to effective multilateralism and a rules-based international order. It is of vital importance that international organizations are able to fulfill their respective mandates in a safe, secure, and independent manner. Thirdly, the Netherlands welcomes the language in the 2023 APR on the need for a gender perspective in addressing ICT threats. It is important to gain a better understanding on how ICT threats have a different impact on different groups and individuals on access to information, privacy, and security. In this regard, it would be beneficial if we could better link the Women in Peace and Security Agenda. Fourthly, the Netherlands would like to express concerns over the indiscriminate or reckless use of ICTs that cause harmful cascading effects on the critical infrastructure and essential services. While a wide range of technical properties have been known to cause such effects in past incidents, the use of automation and artificial intelligence in cyber operations increases their likelihood. And that leads to my final point, Chair. In your guiding questions, you ask us to reflect on the implications of AI for the international ICT security, a topic that was raised by many delegations during recent sessions. The Netherlands sees three potential areas for the Open-Ended Working Group to address the role of AI. First, the risk of AI-enabled threats. cyber operations that are more autonomous and scalable, and may therefore increase the risk of misperceptions and potential escalation between states. Second, the cyber security risk of AI systems, in particular, when it comes to key public services, industrial control system, and infrastructure. The potential risk of generative AI in writing malware is, of course, a big risk, noting, of course, that at the same time, as was mentioned also before, AI could also strengthen the effectiveness of cyber defense systems. Listening to the threats that other delegations have addressed, the Netherlands shares the concerns raised by, amongst others, Belgium, Australia, France, UK, and Canada, over the proliferation and the irresponsible use of commercial available intrusion capabilities, and, in particular, the misuse of such capabilities and services in a way that is incompatible with international human rights law. And I would like also to echo the points made by the Republic of Korea, Australia, and Japan on the threat related to crypto theft, including in relation to the risk of proliferation of weapons of mass destruction. Chair, as the cyber domain is ever evolving, and new threats to international peace and security arise, it’s important that all states attain the capacity to monitor and mitigate these threats. To that end, the Netherlands notes with interest Kenya’s proposal for a threat repository, and looks forward to discussing it further in the OEWG. Thank you very much.

Chair:
Thank you very much, Netherlands, for your statement. Belarus, to be followed by Nigeria. Belarus, please.

Belarus:
Mr. Chair. First of all, let me thank you and your team for your unflagging efforts to provide good conditions for the negotiation process within the Open-Ended Working Group on Security of and in ICTs. Please rest assured we will continue to support your efforts on behalf of Belarus, and we’re convinced that under your leadership the group will move forward during this session. Information technologies are daily developing, and around the world the number of crimes in the ICT domain is growing as well. They undermine democratic institutions, human values, law and order, sustainable development. We are concerned with the direct threats to critically important infrastructure facilities, specifically in health and education. The use by some actors of a broad array of ICT tools in their information warfare leads to unprovable accusations, denial of attribution, mass falsehoods and fakes. Strategic ignoring of disinformation and irresponsible handling of databases, insufficient security provided for ICT products, causes more such criminal activity. We’re convinced that special attention should be given to IA, especially the ethical element of artificial intelligence, and the risks posed for ICT. Many states will find it difficult to counter the threats in the ICT area on their own. solely relying on their own resources. We support the OEWG mandate affirmed by the UN General Assembly resolution and hope to see a substantive dialogue that will lead to new rules, norms, and obligations in terms of responsible conduct in the virtual domain, minimizing or preventing conflicts involving ICT. On behalf of Belarus, we are committed to a constructive, depoliticized, targeted dialogue within the group and wish everyone a successful session. Thank you very much.

Chair:
Thank you very much, Belarus, for your statement. I give the floor now to Nigeria to be followed by Switzerland. Nigeria, please.

Nigeria:
Thank you, Mr. Chair. Thank you, Chair. My delegation appreciates the concerted effort of your able leadership and that of your team in the last six sections of the OEWG. Your sterling performance in harmonizing divergent views of member states is laudable. The seventh section presents another opportunity for additional consensus to reach the group’s ultimate goal of safeguarding the peaceful use of cyberspace. The emergence and dynamics of modern technology has drastically altered our way of life. It has improved our personal lives, relationship and communication with others, as well as bolstering global economic indices. Its evolving nature further creates opportunities and challenges that require consistent discussion on reinforcing its benefits as well as mitigating its challenges, especially the malicious use of ICT. While Nigeria joins other delegations who have spoken on cyber threats, we call for urgent mitigation on the existing and potential threats in cyber security, particularly the dexterity of artificial intelligence, deepfake, human robots, ransomware, online child abuse, cryptocurrency, cyber terrorism, election interference, online identity theft, misinformation, disinformation to mention but a few in modern technology. Mr. Chair, in recent times, we have witnessed the use of deepfake in impersonating people with tendency of disseminate misinformation in the society. The surge in hacking and stealing personal data of clients from different organizations is worrisome, resulting in legal funds transferred, disruption of services, and blackmailing of victims. ICT has created a pipeline for money laundering, and it has increased tax evasion, depriving government sources of revenue to provide amenities for its populace. The list of existing and potential cyber threats is non-exhaustive, therefore, continuous dialogue and engagement with ICT companies is paramount to safeguarding area of mutual interest against nefarious cyber activities. Legislative acts with punitive measures enacted at national level could deter the proliferation of cyber threats. On the global scale, my delegation reaffirmed that guiding rules and strategic measures to curtail the excessiveness of malicious actors in cyber security could be harmonized by state and implemented as deterrence to violators of the prohibitive acts. This can be achieved through engagement with ICT companies while emphasizing the litigation of malicious activities in cyber space. Nigeria reiterates that the principle of responsible state behavior and a non-exhaustive list of norms in guiding cyber security should be upheld to consolidate transparency among states. In conclusion, Mr. Chair, the UN Charter advocates for global peace and security, human rights, and sustainable development. This time should be indoctrinated in the parameter of ICT and always upheld when conducting the activities of cyber security, be it by government, conglomerates, or innovators. Collective effort to defend humanity against all forms of cyber threat is paramount to our peaceful coexistence. Thank you, Mr. Chair.

Chair:
Thank you very much, Nigeria, for your statement. Switzerland to be followed by Ghana. Switzerland, please.

Switzerland:
Thank you, Mr. Chair, as this is the first time that we take the floor, I’d like to start by thanking you for your commitment, and your guidance, and your team for all the hard work in preparing these sessions. But I have to admit, I was a little bit puzzled when you gave us the homework already at the beginning of this session, and not at the end, as usual in school, at least in Switzerland. So my sympathy goes to all the students in Singapore schools. I feel with them, but okay, let’s go back to homework. Switzerland observes two defining developments in cyberspace. First, the increasing intensity. of ransomware attacks and state-sponsored cyberattacks against critical infrastructures, and second, the increased digitalization of conflict and the use of cyber operations during armed conflict. This is a reality, particularly true in Russia’s war against Ukraine. We still see the opportunistic attacks of many non-state actors on vital or critical ICT services and critical infrastructures as one of the main threats. The last months have shown some incidents with severe impacts, namely attacks by criminal ransomware groups targeting critical infrastructure and suppliers, among them many hospitals or humanitarian actors, and publishing sensitive information, which in some cases might amount to a national security issue. Belgium and Australia referred to such malicious operations in their statements. As the Republic of Korea and others, we also would like to mention the threat of cyber currency theft. And like others, Switzerland is also concerned that some states act as safe havens for criminal ransomware groups and sometimes appear to make use of them for their own purposes, this in stark contrast to the framework on responsible state behavior in cyberspace. To tackle such risk, Switzerland is participating in the Counter-Ransomware Initiative, among others. We also continue to observe the worrisome development of non-state actors being involved in offensive actions against ICTs within the frameworks of conflict or armed conflicts between member states. The direct or indirect tolerating, respectively incentivizing, of such actors rises the threat of direct or indirect attacks on third parties, as well as uncontrolled spillover effects. Switzerland also observed a handful of actions aimed at virtual and physical infrastructures providing the core of the Internet, like subsea cables. Such actions actions can trigger domino effects which might lead to the temporary impairment of vital services. Mr. Chair, Switzerland wants to highlight that AI is not per se a threat itself, but rather a potent and powerful tool which can be brought to many uses. The proper use of AI can increase the security and resilience of ICT solutions, as well as support mitigation and monitoring measures. However, AI vice versa may support the crafting of capabilities used in attacks against member states, may this be in the form of malware or the spread of seemingly real information, also called deepfakes. Some even say we will face cyber attacks on steroids. Hence, Switzerland is of the view that the developments in AI should be discussed in a technology-neutral manner which focuses on the actual use and implementation of this technology to adverse effects. But we also need to discuss about how to deal with attacks on AI itself, meaning not the use of AI for malicious purposes, but exploitation of vulnerabilities in the AI models themselves. It seems particularly important to us that governments and the private sector work together here, just as they do in traditional IT security. Like Kazakhstan and other delegations, Switzerland thinks we should also discuss the challenges related to the Internet of Things, and it was mentioned in the second annual progress report, which we welcome. The availability of intrusion ICT capabilities is a reality, and partially driven by member state dependence on such capabilities within the legal frameworks of law enforcement and ensuring national security. However, Switzerland is of the view that such capabilities only should be used within a strict legal mandate adhering to existing international law and human rights. Therefore, the focus should not only lay on AI. eliminating such offers, eventually pushing them in an even less controlled underground environment, but uncurbing the misuse of such solutions. Switzerland therefore supports the Palmal process, launched by France and the UK, which aims at creating a framework in order to establish solutions, guardrails, and legal options to increase the control over the use of such capabilities. We welcome the discussion of this topic also in the open-ended working group. Mr. Chair, Switzerland would like to highlight that cooperative measures must take place on all levels involved with the use of ICTs. We would also like to stress that there are already several regional and global platforms and forums existing in this regard, may it be on a technical level, diplomatic initiatives, or capacity building. We should make better use of these existing opportunities to strengthen cooperation. By doing so, we can also better assess what initiatives would be necessary at the global level. Switzerland is concerned about malicious cyber activities targeting democratic institutions and electoral processes, and we share the concerns expressed by many other delegations like the EU, Belgium, Italy, and other states in this regard. And finally, like the Netherlands, Switzerland would like to highlight the risks of malicious use of ICTs for international organizations. At the UNIDIR Cyber Stability Conference last week, the representatives of the UN International Computing Centre referred to the challenges faced by international organizations. We as states must help to ensure that they can fulfil their role unhindered by such activities. Thank you.

Chair:
Thank you very much, Switzerland, for your statement and for having done your homework. Ghana to be followed by Chile. Ghana, please.

Ghana:
Mr. Chair. My delegation wishes to express sincere appreciation for your outstanding leadership and guidance of this open-ended working group. Your dedication to steering our collective efforts towards meaningful progress is commendable, and we are grateful for the opportunity to contribute under your esteemed leadership. Mr. Chair, during the sixth substantive session of the United Nations Open-ended Working Group on ICTs, my delegation emphasized the importance of addressing developments in new technology, particularly artificial intelligence. In alignment with your outline concerns, Ghana proposes that the OEWG delve deeper into potential threats associated with AI, notably deep fake manipulation, where AI can fabricate convincing visual and audio content for malicious purposes, which can lead to misinformation and disinformation, opinion manipulation, or cyber crimes like identity theft. This could contribute significantly to undermining democratic processes like that of the elections. Additionally, there’s a deep concern about autonomous and anonymous threats, wherein AI-driven cyber threats operate without human intervention, utilizing technologies like blockchain for anonymity posing challenges for law enforcement. Furthermore, there’s a need to also address privacy risk, as AI often relies on extensive data raising privacy concerns and potential violations. Mr. Chair, my delegation also underscored in the sixth substantive session of the OEWG, the necessity for agreed upon international guidelines for ICT design and deployment, which should promote security by design, focusing on issues such as privacy, security, and accountability. These guidelines would establish a unified framework and will contribute significantly to enhancing cybersecurity initiatives globally, and ensuring the prioritization of security and ethical considerations, which will consequently foster a resilient ICT ecosystem. By incorporating security by design and ethical considerations, these guidelines will serve as a comprehensive framework to mitigate risks associated with digital technologies. My delegation would also like to commend the Chair’s initiative to engage experts in discussions on emerging technologies like quantum computing and AI, aiming to deepen our understanding of their impact. In conclusion, we reaffirm our support for Kenya’s proposal to establish a UN threat repository, fostering global awareness and understanding of existing and emerging cyber threats. We also advocate for exploring further initiatives at the global level, including the deployment of a comprehensive international guideline for ICTs promoting security, privacy and accountability in their design and deployment. Thank you, Mr. Chair.

Chair:
Thank you very much, Ghana. Chile to be followed by Germany. Chile, please.

Chile:
Thank you very much, Chairman. I’d like to thank you and welcome all those present and wish us success or work in this session. And I’d also like this opportunity to pay tribute to the efforts made by your team and by the Secretariat to prepare our agenda. And since we have the floor, there are many delegations taking part in this meeting. And this is the fruit of the questions that you have raised. We’ve done our homework, as you see. My delegation is aware that what we have seen here, there are two sides of the same coin. On the one hand, we are all aware that these new threats are emerging, they are present. On the other hand, states are subject of the effects and the impact of this, and therefore we need to be ready for this, therefore we need to make efforts which must be more and more successful. and we must speed up their implementation. Chile considers that the illegal activities in cyberspace are a clear threat to international peace and security. They could affect in different ways the states depending on the level of their digitalization in their security and the resilience of their ICT and communications technology. Now we must pay particular attention to these threats because they can affect in a differentiated way different groups and entities and we must bear in mind particularly women, children, adolescents. Therefore it’s important to work together amongst states to exchange experience in order to reduce these digital threats and face successfully the existing and potential threats as we move forward with the digitalization of the cyberspace. We’d like to thank you for your questions Mr. Chairman with regard to ICT and the development of the threats that the open-ended working group could discuss and in particular as was mentioned by a number of delegations, in the context of intelligence we can say the following. The AI has seen a development of software and reduced the cost of finding solutions and thanks to the current tools there is a need for a high level of knowledge so that we can develop these systems. This is a technology which is becoming easier to access over time. Nevertheless all this could represent a threat for the security and we believe that hacking is not just an issue to be dealt with by experts. We see an increase in the number of attacks or attempts of attacks using emerging technology which are available for all types of purposes. Now it’s essential to use AI under ethical standards in the view of my delegation and we should have to avoid the malicious use of such technology. Another important threat is the lack of ways of dealing with malware and how we can consider the information provided by artificial intelligence. So the use of AI currently has generated problems and errors in developing different services. Therefore it’s important that when we use artificial intelligence there are expert human controls that can validate that there are no errors in the system and which could threaten the use of that information. Now added to all this we are aware that the development of artificial intelligence could threaten democracy during electoral processes within the governmental bodies and the use for the revealing of false or confidential information. Therefore we need to have transparency, security and trust in all stages of the use of AI for our citizens. AI can be undermined by people threatening the Jews who try to implement malware using this technology which can lead to unexpected outcomes. There can be a change of data for malicious purposes. Now attacker can initiate in a more subtle way the attack on the networks and these attacks can be particularly directed at the health and transport sectors and other delegations have mentioned examples of these attacks. The malicious attacks can also be used to generate false information and the use of AI can automate phishing, use of malware and for identity theft. We need to work also in the area of voice recognition technology. Now given all this my country in October last year We promoted a regional initiative with regard to the governance of AI in the regional level, and 20 countries from our region signed the Santiago Declaration on the Ethical Use of AI in Latin America and the Caribbean. It seeks to promote, at the regional level, a combined approach to AI, so that we have an integrated approach and we have social and legal norms that recognize the cross-cutting impact of AI, including the proportional use, security, equity and non-discrimination in the use of AI, and also gender equality, sustainability in terms of social, economic and cultural sustainability. And also the oversight, security of information, transparency and making people accountable for the use of this technology. And also proper governance involving the many stakeholders. With regard to the implementation of cooperation measures to confront these threats and potential threats in the future, which we can undertake at the global level, I’d like to mention the following. States could generate necessary cooperative frameworks to share information and have technical meetings at the multilateral and bilateral level, and particularly at the regional level, and work in a coordinated way with the private sector and interested parties. And this would allow us, it’s therefore important to have national focal points, and to increase our capacities at the level of AI for an exchange of information. There’s also necessary to deal with regulatory frameworks, and also it’s vital that states should have permanent programs for training, particularly for governmental bodies and to establish coordination bodies, not just at the level of the government, but also to have alliances with civil society, public sector and the academic world. Now, with regard to what AEI represents, we believe that other interested parties, such as academic world, civil society and the technical community and others, could help states to identify concrete and possible threats. Our group could call for a study on this issue. Thank you very much.

Chair:
Thank you very much, Uli, for your statement. Germany, to be followed by Mauritius. Germany, please.

Germany:
Thank you, Chair. Germany is fully aligned with the statement of the European Union and wishes to deliver the following remarks in a national capacity. As we commence the first session of this working group in 2024, we find ourselves entangled in a complex web of challenges. Propelled by the swift pace of technological innovation, the expanding role of artificial intelligence in cyber attacks, the advent of cutting-edge technologies such as quantum computing and the transformation of cybercrime into a lucrative business model present multifaceted threats. These challenges are compounded by the rise of hacktivism, the strategic targeting of international organizations by both cybercriminals and state-controlled hackers, and the critical shortage of skilled IT security professionals. Today, we are witnessing increased vulnerability and instability of international networks, emanating by a significant degree from the cyber dimension of international conflicts. State and non-state actors exploit digital vulnerabilities to advance their agendas, disrupting digital peace and undermining trust among nations. We continue experiencing direct spillovers in German networks caused by Russia’s illegal war of aggression against Ukraine. Furthermore, it has become increasingly apparent that international organizations, including multilateral organizations belonging to the UN system, are being targeted more frequently, necessitating heightened vigilance. The respect for and protection of international organizations and the multilateral system must be of paramount importance to the community of states. We observe malicious actors positioning themselves to attack critical infrastructure and jeopardize democratic processes, including influencing elections. This is particularly alarming in light of the upcoming European elections and the three elections in German federal states coming up in 2024. The increasing proliferation of malicious cyber tools represents a significant trend that exacerbates these threats. Advanced technologies, including artificial intelligence, spyware, and commercially available intrusion tools, are now accessible to a wider array of actors than ever before. This proliferation enables even low-skilled individuals to launch sophisticated cyber attacks, amplifying the scale and impact of cyber threats across the globe. In this context, Germany fully supports the Franco-British Initiative aimed at addressing the proliferation of commercially available cyber intrusion tools. This collaborative effort signifies a crucial step towards international cooperation in the fight against the misuse of spyware and other cyber intrusion products that threaten the privacy and security of individuals, state authorities, and organizations worldwide. The professionalization of cybercrime continues to advance and will reach a new level of profitability in 2024. One of our prime concerns is the proliferation of ransomware. Therefore, Germany is an active contributor to the International Counter-Ransomware Initiative. Together with our colleagues from Nigeria, Germany is co-leading the Counter-Ransomware Initiative’s efforts on capacity building to ensure that our countries develop a high level of resilience against this malicious type of cybercrime. We look forward to continuing that cooperation in order to combat the business model of ransomware attacks. As we navigate this complex and dynamic environment, it is imperative that we foster international cooperation and develop robust cybersecurity frameworks to protect our shared digital future, including here at the UN. Before I conclude, dear Chair, let me invite you all to our lunchtime side event at the German House on Thursday, where we will be presenting the European Repository of Cyber Incidents. Independent experts from Heidelberg University, the German Institute for International and Security Affairs, Innsbruck University, and the Cyber Policy Institute in Tallinn have set up an open-access repository of cyber incidents, offering insights into more than 2,700 major current cyber incidents. Please join us to explore with our expert researchers how this repository can contribute to our joint understanding of the cyber threats that states and societies are facing. Sweet bites and coffee will be served. Thank you, Chair.

Chair:
Thank you very much, Germany, for your statement. And also, the office-at-site events are becoming even more and more tempting as the days go by. So, thank you for letting us know about your event. Let’s go on to the next speaker, Mauritius, to be followed by China. Mauritius, please.

Mauritius:
Good morning. Good morning, Mr. Chair, Excellencies and colleagues. The Republic of Mauritius would like to extend its gratitude to you and your dedicated team for your efforts in formulating a set of guiding questions that indicates how delegations could provide meaningful contributions to each agenda item of this meeting. The cyber threat landscape is an ever-evolving space marked by the constant emergence of new threats and the continuous improvement of existing ones. From malicious hackers seeking financial gain to state-sponsored actors engaged in espionage and sabotage, the landscape of cyber warfare is as diverse as it is insidious. The criminals continue to exploit vulnerabilities in our critical infrastructure, targeting businesses, governments, and individuals alike with cyber scams, ransomware attacks, and data breaches that compromise sensitive information and erode trust. Moreover, emerging technologies such as AI, quantum computing, and 5G bring new security concerns. While 5G promises unprecedented speed and connectivity, it also introduces new vulnerabilities that could be exploited by malicious actors. The sheer volume of data transmitted through 5G networks, coupled with proliferation of IoT devices, creates a vast attack surface ripe for exploitation. From potential interception of sensitive communications to the manipulation of network infrastructure, the security implications of 5G demand heightened vigilance and robust safeguards to protect against emerging threats, including its framework that is used to deploy the technology. Mr. Chair, as we are discussing about new cyber trends, it is important to highlight that the misinformation, disinformation and malinformation MDM, whose effects is costing the global economy billions of dollars each year, has become a serious security concern. Often known as fake news, MDM are damaging to public trust in institutions and during elections may even pose a threat to democracy itself. New technologies such as machine learning, natural language processing and amplification networks are being used to discredit factual information. Disinformation campaigns are using AI to spread false and misleading information such as deep fakes. Social media platforms have also become the new battlefield for such campaigns. In this context, it is important for states to have mechanisms in place to identify MDM activities and implement appropriate mitigation strategies. As mentioned by other member states, Mauritius too is of the opinion that the OEWG should also focus on addressing these emerging cyber threats. Mr. Chair, the future of cybersecurity lies in a proactive approach, where states should not only respond to threats but anticipate them. This includes integrating security into the design phase of products, continuously monitoring and analysing threats and fostering a culture of cybersecurity awareness. It is crucial to note that while technology plays a significant role in cybersecurity, humans are often the weakest link. Therefore, continuous education and training are critical. to ensure that everyone is equipped with the knowledge and skills to detect and prevent cyber threats. In the light of these threats, it is clear that our defences must evolve in step with the threats we face. Let me now elaborate on one of the major initiatives that Mauritius has taken to tackle existing and emerging cyber threats. Mauritius has set up a cyber threat information sharing platform through a membership program to facilitate exchange of information and intelligence on risk to critical infrastructure. Sharing of cyber threat information can help in terms of early detection of threats, enhanced situational awareness, improved incident response and collaborative defence. Through this initiative, Mauritius believes in the establishment of a community of trust between government, critical infrastructure owners and operators, as well as other stakeholders. This platform also acts as a cyber threat repository where members can share cyber threat details, incidents and vulnerability information in a secure manner to collaborate and better understand the taxonomy of cyber threats. By leveraging on this information sharing program, members can receive guidance on cyber-related threats to prevent, mitigate or recover from them. Mauritius remains committed to work closely with the regional and international community to share cyber threat information and responding to possible breaches. In this perspective, Mauritius would also like to collaborate with other Member States by extending this platform to the region and at the international level.

Chair:
Thank you very much, Mauritius, for your statement. China to be followed by the Syrian Arab Republic. China please.

China:
Thank you, Chair. At the outset, we thank the Chair for the excellent leadership and for promoting the adoption by the OEWG of the APR for two consecutive years. As always, China will support the work of the OEWG and the Chair, play a constructive role, and actively work for greater consensus in the group in the new year. At present, the trends of camp politics, militarization, and fragmentation in cyberspace are increasingly prominent. The existing international order in cyberspace is on the verge of collapse. A certain country is reproducing in cyberspace ideological confrontation in the physical world, pulling up a digital iron curtain, setting up a small yard and high fence, overstretching national security, engaging extensively in technology blockade and digital hegemony, practicing monopoly in the name of competition, and splitting the global cyber and digital industry and supply chains. Global cyberspace is facing division and block confrontation. In addition, a certain country has openly declared that it will take critical infrastructure as targets of wartime strikes and introduced military alliances into cyberspace, raising cyberspace friction and risk of conflict among countries and threatening international peace and security. Since 2022, China’s cybersecurity agencies have issued a series of reports. China has observed that a certain country’s government has, through organizations such as APTC39, launched large-scale, long-duration, and systematic cyber attacks against multiple countries in the world, including China, severely undermining the security of China’s critical infrastructure such as civil telecommunications and energy. exploit these malicious cyber activities to launch disruptive or destructive cyber attacks whenever they want. The malicious cyber activities of the said country contravene the UN Framework for Responsible State Behavior in Cyberspace. On the first guiding question, China is of the view that, in the field of AI and other emerging technologies, their development and peaceful use are the most prominent issues at present, especially when a certain country abuses national security as a pretext to formulate discriminatory standards and export control measures to suppress foreign businesses. At the same time, as mentioned by Kazakhstan, Malaysia, India, and Mexico, data security is a common and fundamental issue for emerging technologies, including AI, and an important area for discussion in the OEWG’s mandate. But we note with concern that, recently, a certain country has issued an executive order to prevent access to its sensitive data to countries of concern and used national security to launch investigations into automobiles from specific countries. Such behaviors are essentially abuses of national security to suppress the development of competitive high-tech companies of other countries. China has put forward the Global Initiative on Data Security, whose core is to develop and implement globally interoperable common rules and standards on supply chain security. The relevant content has been included in the UN Framework for Responsible State Behavior in Cyberspace and important consensus among all parties. The discriminatory measures taken by a certain country contravene its own commitment under the framework. Besides, on the global challenge of ransomware, China believes that it should be tackled in three aspects, its source, means of dissemination, and monetization channels. A certain country has gone to great lengths to develop and leak cyber weapons without regulation over anonymous networks and encrypted communication software that disseminate the source code of ransomware, and without effective control over the legal monetization of cryptocurrencies. Rather, it is busy piecing together small cliques to suppress ransomware. This makes us wonder whether its real purpose is to promote international cooperation against risks and challenges, or to serve geopolitical agenda and suppress and exclude specific countries. On the second question, China believes that the imperative is for all countries to fully observe and implement the framework for responsible state behavior in cyberspace, which is an important outcome of the 26 years of UN cybersecurity process and a solemn political commitment among member states, not a so-called voluntary and selective proposal or guiding principle. A certain country, in an attempt to suppress the normal development of other countries, has not hesitated in undermining the existing international system and rules, dividing the world and even coercing other countries to pay for its geopolitical aims. The working group should rectify such wrong practices, implement the framework in a comprehensive, full and accurate manner, jointly formulate unified and globally interoperable rules on supply chain security, and effectively uphold the existing international rules in cyberspace. Thank you, Chair.

Chair:
Thank you very much, China, for your statement. Give the floor now to the Syrian Arab Republic, to be followed by Vietnam. Syrian Arab Republic, please.

Syrian Arab Republic:
Thank you, Chair. At the outset, my delegation would like to thank you and your team and the Secretariat for the efforts that have been made in organizing this session. We’d also like to express our appreciation of the organizing skills which allows us to make progress in our work within the group. We believe that this open-ended working group is a unique platform. It allows us to ensure that all states participate in the discussions on an equal footing and discuss issues relating to ICT. Chairman, with regard to the issue under discussion, my delegation would like to emphasize the importance of taking into consideration the following threats. First of all, the use of ICT to limit or violate the sovereignty of states on the economic resources and the use of information resources on the territory of another state without the authorization of that state’s authorities. The violation of the sovereignty of states and also it’s a violation of its security and its economy. The misuse of ICT and media platforms including social media such as an instrument for interfering in the internal affairs of another state by disinformation and promoting hate speech and inciting violence and sabotage and the destabilization of states for political purposes. Next, the problems that could arise from this misinformation and when it is particularly difficult to ensure that we know what the source of these attacks are and in the absence of any regulamentation methods which allow us to identify the source of these cyber attacks in order to deal with these threats. And there’s also the embargo in the use of ICT and related services. This weakens the resilience of states. It harms the capacity to respond to these threats and to recover from these threats. A legally binding international instrument to govern the behavior of states in a binding way in the context of ICT is important. We stress the importance of adopting a global approach to deal with the digital threats in the context of ICT and particularly those that violate national sovereignty. and interference in domestic affairs and the misuse of economic systems by providing misinformation, disinformation and attempts to ensure political and social instability. In order to face the threats that we are facing in terms of ICT security, it’s vital to give priority to global commitment for a use of ICT for peaceful ends and we must fill the big digital gap and reduce the obstacles that are imposed on developing countries and particularly the unilateral sanctions and so that they can ensure the resilience of the basic infrastructure. It’s also important to negotiate an internationally legally binding instrument that can be adopted within the context of the United Nations as well as the work to come up with common approach to this issue in ICT. Thank you very much.

Chair:
Thank you Syrian Arab Republic for your statement. I give the floor now to Vietnam to be followed by Croatia. Vietnam please.

Vietnam:
Thank you Chair. Again in our first intervention this week we would like to reaffirm our strong support for the work of this working group under the leadership of His Excellency Ambassador Gaffer. We would also like to reiterate that the digital realm also known as the cyberspace or the ICT environment has become a crucial element for the progress of nations. Vietnam is actively seeking to capitalize on the promises offered by the 4th Industrial Revolution by enhancing its nationwide ICT infrastructure to facilitate digital transformation and the efficient operation of e-government services. ultimately contributing to our objectives of economic and social stability and growth. Mr. Chair, regarding the topic of existing and potential threats, we acknowledge that the rapid evolution of artificial intelligence is unfolding at an unprecedented rate, offering various ways for growth and cooperation. However, concurrently, it poses risk to the global peace, security, as well as national security and public order. Thus, the development of AI necessitates an alignment with the principles of international law, the United Nations Charter, and the framework of responsible state behavior within cyberspace. Ensuring that AI progresses within these parameters is critical to upholding global norms and maintaining stability in the digital realm. The United Nations assumes a central role in establishing the governance framework for AI, recognizing its potential to achieve the sustainable development goals while simultaneously addressing the most multifaceted risk AI poses to national sovereignty and security on cyberspace. The question on AI governance cannot be separated from the broader imperative of cultivating an open, safe, secure, peaceful, and resilient cyber ecosystem. Such an environment must place humans at its center, prioritizing their physical, mental, and intellectual well-being, fostering economic and social progressives, and safeguarding the legitimate rights of individuals, organizations, and states alike. Mr. Chair, the integration of AI into military and security systems represents a significant advancement, introducing new dimensions of capability and complexity. AI’s massive compute capability is being synergized with the global connectivity infrastructure. including undersea and orbit communication networks to enhance its effectiveness and impact. Notably, the AI’s role in identifying systems, vulnerabilities, and devising sophisticated cyber weapons is rapidly evolving, enabling quicker and more precise tailor-made attacks. Consequently, the threat landscape facing critical information systems is expanding as AI continues to exert its influence. Mr. Chair, this delegation again supports for the research and application of AI systems, which may assist states and the public in addressing concerns relating to national security, disaster relief, prevention of natural disaster, and response to emergencies, including pandemics. We also endorse international collaboration and encourage transparency in sharing AI algorithms, while also ensuring the role of human factors in AI operations. Vietnam stands firm in its determination to actively promote multilateral frameworks under the auspices of the United Nations to maximize the benefits of AI, while simultaneously mitigating emerging risk. I thank you for your kind attention.

Chair:
Thank you very much, Vietnam, for your statement. Croatia, to be followed by Republic of Moldova. Croatia, please.

Croatia:
Thank you, Chair, and your team, and Secretariat for dedicated work, and also for the guiding questions. Croatia aligns itself with intervention of the European Union, and in national capacity, we would like to echo many interventions by distinguished colleagues on constantly evolving threat landscape, both in amount, scope, and sophistication. And we cannot ignore the fact that geopolitics continue to have strong impact on cyber, and that cyber operations are used in armed conflicts. As mentioned by many, threats arise from the misuse of new and emerging technologies. like AI and quantum, but also from the increase of ransomware attacks which are jeopardizing normal functioning of public and private sector. All mentioned is a cause of great concern, and we agree with Ireland and Brazil that those threats can seriously impact international peace and security. Since the threats are evolving on a daily basis, the experts of the European Union Agency for Cybersecurity, shorter ANISA, had the demanding task to predict main cybersecurity trends till 2030. The full list is available on the ANISA website, and here I would like to mention just a few of them, such as supply chain compromise of software dependencies, advanced cyber-enabled disinformation campaigns, including deepfakes, rise of digital surveillance, auto-tourism, and loss of privacy, targeted attacks, such as ransomware, enhanced by smart device data, cross-border ICT service providers as a single point of failure, artificial intelligence abuse, increased digital currency-enabled cybercrime, exploitation of e-health and genetic data, attacks using quantum computing, exploitation of unpatched and out-of-date systems with the overwhelmed cross-sector tech ecosystem, disruption in public blockchains, manipulation of system necessary for emergency response, and skills shortages, which will encourage cybercriminals groups to target organizations with the largest skills gap and the last maturity. Since cyber threats are borderless and cross-cutting through different sectors, it is important to have cooperation and connect dots between different cyber and broader communities. Therefore, we cannot work in silos, since only with a whole-of-government and whole-of-society approach. we will be able to prevent, deter, respond and recover from malicious cyber activities. Divida et impera was for centuries motto of different hostile actors. Cyber malicious actors are no different. If we want to address those challenges and threats in a right way, a close collaboration between public and private sector, research and technical community and civil society is of outmost importance. States especially have responsibility and obligation to investigate criminal cyber groups and malicious cyber actors operating from their territories, so that such malicious cyber activities don’t go unpunished. And to quote Grand Master Yoda, do or do not, there is no try. So states are either acting responsible or not, respecting international law or not, implementing norms of responsible state behavior in cyberspace or not. We would like to express solidarity with all states which have suffered grave consequences from malicious cyber attacks in recent times, such as Albania, Australia, Costa Rica, Vanuatu and especially Ukraine, which is a victim from both cyber and kinetic unjustified military attacks. Mr. Chair, in this super election year, we would like to join colleagues who raise concerns regarding cyber-enabled foreign interference in democratic processes and stress the importance of protection of electoral infrastructure and processes. As the UK and France mentioned, the responsible use of commercial cyber intrusion tools and services should also be discussed within this group. Just to give you an example, how easy it is to hire a black hat hacker. For DDoS attack, average price is 26 US dollars per hour. For website hacking, 394 dollars per hour. And for email hacking, 241 dollars. And if you want a custom malware, it will cost you only $318 average. Additionally, we agree with Philippines that malicious use of AI in cyberspace should be further discussed since the generative AI is used not only to write malicious software, but also to spread malware more efficiently and more cheaper. We also support Malaysia that security by design is one of the prerogatives for more secure use of ICT. In the European Union, we have made a significant step into that direction with agreement on Cyber Resilience Act, which will bring common cybersecurity standards for products with digital elements at the European market, and we are ready to cooperate with others in this area. And although this working group is an exceptional example for women participation and their valuable intervention, the situation in cyberspace is not that bright, and therefore, we agree with Australia, New Zealand, and Netherlands, that special attention should be given to gender perspective in all chapters of APR this year. Thank you very much.

Chair:
Thank you very much, Kurusha, for your statement and for your Yoda wisdom. And I also know that at some point Yoda did say that many of the truths that we cling to depend on our point of view. And this is a process in which we have to listen to everyone’s point of view and try and understand where everyone else is coming from. This was a point I made yesterday at the reception as well, but thank you very much. We need all the wisdom we can get in this process to get us to where we need to go and avoid the dark side. Let’s go on with the speaker list. I have Republic of Moldova to be followed by Jordan. Moldova, please.

Republic of Moldova:
Thank you, Mr. Speaker, for giving me the floor. Moldova fully aligns with the statement delivered yesterday by the European Union delegation and would like to make the following statement in its national capacity. Mr. Chair, we have been dealing with cyber incidents for many years, but it is only now that we can say we are entering a new cyber security era, one in which governments, regulatory agencies and companies around the world work to increase oversight of cyber security incidents. The cyber security field is extremely dynamic. As Switzerland and Chile just stated, emerging technologies, especially artificial intelligence or machine learning, create both new opportunities but also new challenges. Attackers’ techniques are becoming more advanced with more tools available to fraudsters. Our region registers a constant increase in cyber attacks, the most widespread types of cyber attacks being DDoS and ransomware. Moreover, the so-called FIMI attacks, foreign manipulation of information and interference, have also registered a substantial increase. Images, fake news and video posts based on artificial intelligence are part of the arsenal of disinformation cyber attacks. We now live in a world where we need to tackle a wide range of threats, including cyber security threats. Our country is no exception. Moldova’s government is constantly being subject to destabilization and are undermining through what we call generically hybrid war instruments. The public sector is still the most targeted by cyber attacks. Attacks are directed at government services but also at critical infrastructure. Commonly, the range of cyber security attacks on the government authority’s website are used to derail the European path established by the Moldovan government. Like Belgium, Germany, Croatia and other delegations, Moldova would also like to express its concern towards the existing threats around the upcoming elections. As we are currently in proximity to the general elections in Moldova, we envisage that these attacks will be continued and will be used on an ever greater scale. We must attest that combining malign political goals with disruptive technologies can lead to serious political implications. The collective responsibility for cybersecurity that we are talking about today highlights the common obligation we have to protect the digital space that increasingly defines our daily lives. We are here today to also show the strong and coordinated commitment to the cybersecurity priorities of our governments by enhancing our capacities, establishing effective international partnerships, building trust and resilience. I thank you, Mr. Chair.

Chair:
Thank you very much, Republic of Moldova. Give the floor now to Jordan to be followed by Kenya. Jordan, please.

Jordan:
Thank you, Mr. Chair. In addressing the existing and potential threats related to the use of ICTs, Jordan would like to make the following remarks. Regarding new developments or trends in existing and potential ICT threats, which the open-ended working group should discuss in depth, the group should continue to address various aspects, including critical infrastructure, critical information infrastructures, risk assessments and policies, in-depth and extensive discussions on the applicability of international law in cyberspace, the potential and existing misuse of emerging technologies like applied and generative AI challenges and opportunities posed by the fragmentation of cyber norms, the intersection of cyberspace and geopolitics and strategies for attributing cyber attacks, particularly ransomware, and mitigating their consequences for developing countries. Recent discussions at the Open-Ended Working Group have included the potential implications of recent developments in artificial intelligence and other emerging technologies for ICT security. The Open-Ended Working Group should further investigate potential threats in this area, including cyber attacks, targeting AI algorithms, the activities of malicious actors exploring and leveraging AI for cyber attacks, the risks posed by unsecured AI leading to misuse of AI technologies, the importance of taking security precautions, biases in AI-based and distorted data, and privacy considerations when utilizing AI technologies. On concerns related to the proliferation and accessibility of advanced commercial and open-source ICT capabilities to non-state actors potentially impacting ICT security, the Open-Ended Working Group should indeed consider further studying potential threats in this domain, including the heightened sophistication of malicious acts in cyberspace, the urgent necessity to regulate open-source AI to mitigate associated threats and risks, and the implications of the expanding commercial market facilitating the acquisition and utilization of cyber intrusion capabilities on national security, human rights, and international peace and security. Recognizing the urgent imperative for heightened awareness and comprehension of both existing and potential threats, Jordan advocates for global-level initiatives. These include fellowship programs aimed at strengthening understanding and awareness of ICT threats to ensure global alignment, joint collaboration with the private sector, and the development of monitoring and evaluation metrics for such partnerships, aligning cyber-related engagements with globally recognized events, and conducting research to identify incentives for promoting awareness of existing and potential ICT threats, including a list of potential consequences in cases of non-compliance is crucial. Collaboration among states is essential to ensure the alignment and effectiveness of these initiatives in addressing ICT threats. I thank you, Mr. Chair.

Chair:
Thank you very much, Jonathan, for your statement. Kenya, to be followed by Fiji. Kenya, please.

Kenya:
Thank you, Chair. My delegation commends Your Excellency and your team for your continued efforts in providing the needed leadership of this open-ended working group, including the action-oriented program of work. We hope that during this session we will continue to build on the progress that we have so far achieved. Kenya, like many other developing countries, is undertaking advancements in digital connectivity and technology adoption, both in the public and the private sector. The government is using ICTs to improve access to efficient public services, while reducing on the cost of providing them. In the last one year alone, the government has added 5,000 public services, representing 90 percent of all public services to digital platforms. What this means is that we have a greater risk of exposure to cybersecurity threats. On the issue of existing and potential threats, and the question posed on potential threats that may be studied further, there are vulnerabilities stemming from inadequate infrastructure, limited resources, and varying levels of cyber security awareness. We remain highly susceptible to cyber crimes, data breaches, and other malicious activity. AI as a technology is a welcome development, as a tool with the ability to create actors with urgency, to make and implement decisions autonomously, greatly improving efficiency in data delivery. However, unlimited urgency may lead to undesirable outcomes. Distorted data sets that are unreliable and not vetted may result in biased output, security breaches, or system failures. The increased ease with which information can be accessed and assessed using AI models may result in increased ransomware attacks. The use of malware, distributed denial of service, and crypto-jacking attacks, which compromise container-based cloud systems, restrict access to services, expose restricted data, and enhance outdoor backdoor attacks also pose increased risks and threats to cyberspace. To address the challenges we face today, Kenya hopes for an inclusive access to cyber security resources. We remain alive to the existing huge digital divide and pursue equitable global cyber security. The UN must assertively champion inclusive access to cyber security resources. This is why Kenya supports cyber security proposals and initiatives that transcend technological disparities among countries. The UN should create a database that make essential cyber security tools, best practices and threat intelligence universally accessible. The advantage of having this approach is that regardless of a nation’s level of technological development, it would create a shared foundation for addressing and mitigating cyber security threats. This is where a nation, irrespective of their digital maturity, can actively participate in safeguarding their cyber environment, and the benefits of cyber security can be realized universally, enhancing the resilience of nations and collectively contributing to global cyber security governance. I thank you.

Chair:
Thank you very much, Kenya, for your statement. Fiji to be followed by Guatemala. Fiji, please.

Fiji:
Mbulavanaka Chair, colleagues and dear friends, Fiji, like fellow member states, commends the Chair on your decisive leadership and the Secretariat in organizing this meeting. Chair, your words resonate. Ultimately, it is the people that hold the utmost importance. Our mission remains steadfast to safeguard a secure and a resilient cyberspace that propels socio-economic advancement. That is our North Star. That is our why. Chair, Fiji is pleased with the emphasis in the second annual progress report on the existing and potential threats on the need to give due attention to the growing digital divide in the context of accelerating the implementation of the Sustainable Development Goals while respecting the national needs and priorities of states. Regarding this, Fiji notes that at the end of 2018, the International Telecommunications Union confirmed that 49% of the global population were offline. At the end of last year, this statistic has decreased to 33% of the global population. And this demonstrates the good work being done to ensure universal access to meaningful connectivity. But more needs to be done in this regard. Fiji is resolutely advancing towards the enhancement of meaningful connectivity and investment in modern and resilient ICT infrastructure. Chair, now with the increased connectivity efforts not only in Fiji but the region and globally and with the surge in digital transformation efforts, the cyber threat landscape continues to increase. And we have also seen the increase in the sophistication and frequency of cyber attacks. Coupled with this, we note that states are also grappling with the spillover effects from global conflicts. This makes the work that we do here more urgent and more crucial. Regarding your first guiding question, Fiji echoes the statements made by a number of delegations both yesterday and this morning, and is deeply concerned with the surge in ransomware incidents, phishing attacks, online scams, and the malicious use in artificial intelligence. The Pacific Security Outlook Report of 2022 and 2023 confirms that the Pacific region is experiencing an increase in ransomware efforts, events, as previously mentioned by Australia and New Zealand, such as the attack on a Department of Finance’s payment system of a Pacific Island country and a regional hospital in another. The hospital ransomware attack disrupted delivery of critical emergency surgical and other healthcare services. Similarly, a national telecommunications authority of a Pacific Island country experienced a major distributed denial-of-service cyber attack that disrupted Internet services for about 10 days. Now, we’re observing and through this report see that these are infiltrating networks and are digging deep into infrastructures before deploying subsequent attacks. Furthermore, Chair, the World Economic Forum, in its Global Risks Report of 2024, stated that out of the top 10 risks globally within a two-year projection, Disinformation and misinformation continues to be the number one global risk. Cyber insecurity is a number four threat. Now, these existing and potential threats aggravate existing vulnerabilities that are inherent in small, isolated economies of the blue Pacific continent who are dealing with compounded crises and are also on the cold face of climate change. Therefore, Chair, to promote common and deepened understanding and to enable all states to be on an equal footing, Fiji also welcomes the proposal of a dedicated session with focused discussions and briefings for our experts on these threats, including the need for a gender perspective in addressing these threats. Noting the increased relevance of data, as stated in our annual progress report, Fiji advocates for and welcomes further discussions on the security by design approach embedding data protection and data security as smaller states are rapidly undertaking digitalization efforts. Fiji also looks forward to further exploring the proposal by Canada and has further contributed to by Malaysia. Fiji looks forward to further understanding how the repository of cyber threats can fit within the existing platforms. Fiji acknowledges, Chair, that under your leadership, we have achieved tangible progress through the two annual progress reports. We will continue to forge a common path ahead and continue to build bridges as we prepare for the upcoming annual progress report. Chair, in closing, please be rest assured of Fiji’s continued commitment in this regard. Thank you.

Chair:
Thank you very much, Fiji, for your statement. Guatemala, please.

Guatemala:
Thank you, Chairman. Allow me to begin by thanking you and your team for coordinating this, the seventh substantive meeting of the Open-Ended Working Group and all the coordination work previous to this meeting. We recognize that cyberspace has become a place which is indispensable for global activities because of its civil and dual use, and it is used by criminal groups and terrorist groups on more than one occasion. The interconnected global networks and the importance in the global economy means that violations of security represent serious threats economically and in terms of security. Mr. Chair, following up on the guiding questions, my delegation would love to raise the following themes which we believe are important. My country is concerned at the vulnerabilities in and on ICT networks. These can be used by malicious users to access confidential information or to undertake illicit activities. Therefore, the use of software or the low access to software or training with regard to implementing adequate protective measures exponentially increases the risk. We have experienced cyber attacks which include the use of malware and phishing and identity theft and also the use of ransomware. These crimes have affected both individuals and companies. They’ve had a significant impact on our economy and national security. It’s of great concern also that despite the importance of confidence building, there is still some problems with sharing information on the threats because of a concern at revealing one’s own vulnerabilities. In this regard, Guatemala recognizes the importance of developing and implementing confidence building measures, in particular by work which is being undertaken regionally in the context of the working group for drawing up cooperation and confidence building measures in cyberspace under the Organization of American States. We can also not forget that this can be a catalyst for human progress and therefore we must deal with crises and it also has an important impact in education and health. and it is important to government, civil society and the UN in all areas. Nevertheless, its malicious use can undermine trust in institutions, it can weaken social cohesion and be a threat to democracy. Mr. Chairman, we are faced with the need to step up our efforts to establish a protection for critical structures such as electrical system, communication networks, transport systems, because they seem to be an attractive target for malicious attacks. There is no doubt that these attacks have a high impact on society. They interrupt vital services and cause considerable damage. We cannot ignore the threats of the greater use of ICT. We support the development of norms under international law that protect the individual. In this line, it is vital to ensure that we protect human rights to promote a safe digital environment to deal with hate speech and cybercrime. Given this, for my country, this is a critical moment to strengthen cooperation in the public and private sector, so that together we work on developing methodologies and norms to deal with the training to face such needs. This is important to ensure that we have improved and better responses to these threats. Finally, Chairman, we would like to remind all states that the ICT should be used for peaceful ends and for the well-being of humanity and to ensure sustainable development in all countries, irrespective of their scientific and technological development. Thank you very much.

Chair:
Thank you very much, Guatemala, for your statement. I’d like to give the floor now to the International Committee of the Red Cross, ICRC. Please.

International Committee of the Red Cross:
Excellencies, dear colleague, Committee of the Red Cross is grateful for the opportunity to participate in this session of the Open Ended Working Group. As a neutral, impartial and independent humanitarian organization, we have been closely monitoring the use of ICTs in situations of armed conflict and the threat that arises for the safety and dignity of people. We would like to commend the pertinent analysis of existing threats in the last progress report and share our view on five threats that we consider of particular concern. First, the group has noted that, I quote, ICTs have already been used in conflict in different regions, end of quote. We share this assessment and the ICRC has expressed its concern about the human and societal cost of such uses. In some of today’s armed conflict, ICTs are used to disrupt critical civilian infrastructure, including ICT infrastructure needed to ensure access to water, petrol, electricity or medical services. The ICRC encouraged this group to reiterate its strong concern about this development. Second, since 2022, the ICRC has also repeatedly drawn the attention of this group to the threat of ICT activities that target humanitarian organization. We commend its inclusion in the last progress report. In a global context marked by large humanitarian needs and an insufficient response capacity, cyber information operation against humanitarian organization creates significant risk for their ability to operate. In recent years, the ICRC and other humanitarian organizations have been affected by such operations. When our systems are disrupted, sensitive data are exfiltrated and our reputation undermined. Our operations for people slow down and we spend scarce resources on feeding off malicious ICT activities and not on people’s needs. Third, the ICRC also shares states’ concerns about the increased involvement of non-state actors, individuals and groups in ICT activities in situations of armed conflict. We see varying trends of civilians being encouraged and supported or otherwise deciding to take part in cyber operations against the civilian infrastructure of countries affected by armed conflict. It is the responsibility of states to impose limits on unlawful cyber operations by non-state actors within their jurisdictions and to ensure that civilians are aware of the risks posed to their activities. Fourth, based on our first-hand experience operating in situations of armed conflict, the ICRC would like to support the agreement in the Progress Report of the relevance of ICT-enabled information operations. This information and its speech, for instance if directed against civilian populations or persons in situations of vulnerability, can cause harm to people and societies, directly and indirectly. Such operations risk raising tension and can contribute to dangerous escalation of conflicts. Fifth, we would like to draw your attention to one threat which is not yet reflected in the Progress Report. States have emphasized in the United Nations that the use of civilian ICT infrastructure, such as cloud computing or communication infrastructure, faces a risk of disruption or destruction if it is used by the military in situations of armed conflict. In other words, if armed forces rely on the same infrastructure and services as civilians, there is a real risk that such infrastructure and services may be considered as military objective and consequently attack and ultimately no longer available for civilian population. Against this background, together with a global group of experts, we recommend that state and ICT companies segment to the maximum extent feasible data and communication infrastructure used for military purposes for civilian ones. To conclude, the ICRC would like to commend your effort in reflecting this very concrete threat in the last progress report. Thank you.

Chair:
Thank you very much, ICRC, for your statement and contributions. I give the floor now to Ukraine.

Ukraine:
Thank you, Mr. Chair. Ukraine aligns itself with the statement delivered by the European Union and would like to make some remarks in its national capacity. Today we are continuing to witness the dramatic increase of malicious cyber activity and directed at critical infrastructure, including against this restructure delivering essential services to the public such as medical facilities, water, energy and sanitation restructure. Ukraine is gravely concerned that certain states deliberately use non-state actors to allow them to conduct malicious cyber activities from their territory with impunity. Mr. Chair, Ukraine has been facing constant large-scale cyber attacks by Russia since the start of its full-scale invasion of our country in 2022, while the active phase of the cyber warfare against Ukraine is currently underway. The strategic goals of Russia’s cyber attacks is to support its aggression by causing a destructive impact on processes, including socio-political, economic, as well as create havoc by destroying electronic resources, blocking the operation of critical services, as well as manipulating public opinion. According to CRT-UA, about 1,374 cyberattacks were carried out on the information systems of enterprises, institutions, and organizations of the private and public sectors of Ukraine in 2021, 2,187 in 2022, and more than 2,300 in 2023. Even though during the fourth quarter of 2023 the Ukrainian authorities have recorded the downward trend in the total number of cyberattacks initiated by pro-Russian hacktivist groups targeting Ukrainian organizations of various forms of ownership and industries since the beginning of 2023, overall there is no notable changes in the attack frequency or intensity. Currently, Russian hackers are using a wide range of cyber means against national security of Ukraine, including, but not limited to, phishing attacks, distribution of malicious software, DDoS attacks, cyberattacks on critical infrastructure, in particular on power grids, transport systems, and water supply, cyberespionage, including theft of data, government institutions, enterprises, and individuals, disinformation and propaganda, including spreading propaganda on the Internet to sow division in Ukrainian society. As our delegation informed the OEWG during the sixth substantive session in December 2023, as the result of a powerful cyberattack launched by a hacker group controlled by the military intelligence of the Russian Federation against Ukraine’s telecommunications operator Kyivstar, 24 million of its subscribers were left without communication. Fortunately, the Ukrainian authorities have successfully restored all basic services affected by the attack within a few days. Mr. Chair, given the importance of effectively tackling cyber threats, Ukraine has joined a number of mechanisms and initiatives at the international level. including the International Counter-Ransomware Initiative as well as the Talon Mechanism. It is worth noting that the Talon Mechanism has been established to strengthen the cooperation in the field of cyber security against the backdrop of Russia’s aggression against Ukraine, and it is an essential component aimed at taking international efforts to enhance cyber resilience and cyber defense of Ukraine’s civil infrastructure. We strongly believe that international cooperation is crucial to prevent and combat cyber threats that cross borders, target critical infrastructure, steal sensitive data, and manipulate public opinion worldwide. In addition, information sharing, including open communications and exchange of knowledge, are also valuable in understanding the nature of cyber attacks and in order to tackle them effectively.

Chair:
I intend to give the floor to the following three delegations before we wrap up the discussion on existing and potential threats. So, starting with the State of Palestine to be followed by the Russian Federation, and then Yemen taking the floor in the exercise of the right of reply. State of Palestine, you have the floor, please.

State of Palestine:
Thank you, Mr. Chair. Mr. Chair, each time an Israeli representative takes the floor, he or she gives the impression that whether they live in another reality, or maybe they think that everyone else does. First of all, I would like to make sure that any Israeli representative here or elsewhere knows that everyone knows the truth now and there is no way to hide it. Mr. Chair, it has been five months of mass killings of Palestinians in Gaza. We are talking about at least 100,000 casualties, including 30,000 or more killed in the most cruel and ugly way, most of them children and women. That, without mentioning hospitals, schools, mosques, churches, and most of the residential buildings are destroyed. Even belongings of this institution, the United Nations, are targeted. The aggression that the extreme right government of Netanyahu is perpetrating is unprecedented in all forms. I would like to remind the Israeli representative that we are talking about a genocide that is taking place in Gaza by the Israeli war machine, and it became a process in the ICG thanks for South Africa. But as usual, Israel is not complying with any of its provisional measures, despite the fact that it’s binding in nature. Israel has been intentionally starving the Palestinian people in Gaza. Now it’s targeting civilians seeking for humanitarian aid and convoys. After all these atrocities that Israel is perpetrating, how its representatives could have the audacity to come and tell us what they are telling us? It’s another attempt, maybe, to distract of what’s really happening. Mr. Chair, I would like to finish my statement by saying that I assure you that I didn’t want to bring this issue to this room. But after what I heard, I can’t, I could not reply. Thank you.

Chair:
I give the floor now to the Russian Federation.

Russian Federation:
Mr. Chair, our delegation is compelled to take the floor to respond to unsubstantiated political attacks against Russia from Western delegations. The attempts of NATO countries to portray Ukraine as the main digital victim are extremely unconvincing, especially given that Kiev authorities continue to boast about their sabotage activities with the use of ICTs and the so-called IT army supervised by the Zelensky regime together with Western governments is increasing its hostile activity. Our experts record on a daily basis computer attacks against information resources, government agencies and critical information infrastructure facilities of the Russian Federation. This rampant hacker conglomerate affects other countries as well. In January 2024, the Bangladesh Election Commission reported attempts originating from the territory of Ukraine to disable electronic voting facilities for the general parliamentary elections. Cyber fraudsters are still operating from about a thousand call centers in Ukraine. It is noteworthy that Kiev acts as an aggressor in the information space owing to the support it receives from the West. U.S. Cyber Command units and multinational European Union cyber forces are deployed in Ukraine. They train and coordinate hackers, collect data on hacking methods and the vulnerabilities of Russian systems, which are subsequently transferred to the Pentagon and NSA, as well as NATO military institutions. Strategic formats are created to assist the Zelensky regime in the use of ICT for military political purposes. In particular, the TALIN mechanism, created in December 2023, is tailored for this task. Western IT corporations are contracted by their governments to provide material and technical support to strengthen the information security of Ukrainian government agencies, circulate reports and papers containing unsubstantiated accusations of Russia for cyber aggression. Products of these companies, such as mobile-aided forensic bi-compulsion, allow unauthorized extraction of protected data from personal devices and are used to intercept the correspondence of Russian citizens. Thank you.

Chair:
MODERATOR I give the floor now to Yemen.

Yemen:
Thank you, Mr. Chairman. My delegation was compelled to take the floor in exercise of the right of reply on behalf of the Arab group in commenting on what was said by the representative of Israel in his intervention. Everybody is aware of… of the genocide and the heinous atrocities perpetrated by the Israeli occupation forces against the Palestinian people in the Gaza Strip and in the West Bank over the last five months. This constitutes a blatant violation of international law and international humanitarian law and led to an unprecedented humanitarian catastrophe to the Palestinian people. It has led to the killing of more than 30,000 Palestinians, including more than 70 percent of women and children, in addition to more than 70,000 wounded. It is no surprise to hear today the representative of Israel calling upon the international community to condemn the targeting of health and civilian facilities and civilian infrastructure, while facts and figures make it necessary to condemn Israel in that case. It is very strange for the killer to call for the condemnation of the victim. Over the last five months, Israel has cut off the supervision of water, energy and communication on the Gaza Strip, thus separating the population of the Strip from the communication networks and the internet. This led to additional humanitarian suffering for civilians in Gaza. It made it impossible to communicate with health facilities to provide support to the wounded. It also prevented showing the world this catastrophe in order to hide their crimes. This in itself is an additional violation of international law. They have not only prevented the civilians in the Gaza Strip to – from having the basic services and prevented the humanitarian assistance to access the Gaza Strip. It also – we have also seen the harrowing scenes of Israel targeting and killing civilians while they are receiving humanitarian assistance. The dissemination of false and distorted information, as well as disinformation campaigns, are among the threats in the use of ICT. We continue to see Israel disseminating distorted information in order to falsify facts and to manipulate the world’s public opinion. But while it has been proven before the international community and on more than one occasion that the information disseminated by Israel is unsubstantiated, we call on the Israeli delegation to stop the spreading of false information in the UN and outside it. We urge the Israeli delegation to stop wasting the time of the delegations here and to concentrate on the substantive discussions of the OEWG. We will reserve our right to raise the question of attack on Gaza in the right form. Thank you, sir.

Chair:
I have received an additional request, I believe, in the exercise of the right of reply. I give the floor now to the delegation of Israel.

Israel:
Thank you, Mr. Chair. It’s very unfortunate that we have to listen to this ROR. And we ask the right of reply because it’s very important to remind all of us here the heinous October 7th massacre and that this massacre did not happen in a vacuum. It happened because decades of, for decades, the minds of Palestinian children were poisoned with murderous doctrine. This was done online, offline, in high schools, in textbooks, and also, as evident in also in the UNRWA books. The words from these books, by the way, turned to action. The atmosphere that was created within the Palestinian territory assisted and most horribly has proved that this was also by evidence that also UNRWA members themselves participated in this massacre. This happened because decades of many countries donating member states, donating funds, also UN money that was funneled to build up this military capabilities of Hamas. Hamas built these capabilities within and underneath hospitals, UN facilities, schools, and civilian infrastructure, and by doing so, they commit a double war crime, shooting rockets at Israel’s civilian population from within Palestinian civilian population. Mr. Chair, in contrary to what we heard, some member states are trying to falsely say that Israel is operating Gaza, and what we are trying to do is depose the Hamas regime, a regime that has been behind the 7th of October massacre, and we would like to remove this terrorist threat posed on every Israeli citizen from the Gaza Strip, and to act to return all our 134 hostages. We call for the immediate and unconditional release of all these hostages, with no exceptions, and we call, and we only hope, that all peace-loving countries will join us in this demand. Israel will achieve these goals in compliance with international law. Israel works to limit damage caused to civilian population and attacks only legitimate military targets and is permitting the passage of humanitarian supplies for the civilian population in Gaza. Israel is facilitating the entrance of humanitarian aid into Gaza, including from its own territory. The full story of the war will be complete without mentioning the oppressive current malign states in the region that are supporting this heinous attack by Hamas. These regimes are in the heart of this problem when they finance, arm, and train Hamas and is therefore also responsible for the capabilities and for its actions. These regimes operate in an identical manner from the north through Hezbollah and from Syria and from the south and also from Yemen by the Houthis. These actions perpetrated by this regime are aimed to destabilize our region and threaten the peace of the entire world. The international community must take its clear and very strong stance against this murderous regime and all its proxies, whether it’s Hamas, Hezbollah, and the pro-Iraqi terrorist groups and the Houthis. Israel will not accept the current security reality. Thank you, Chair.

Chair:
Distinguished Delegates, Distinguished Delegates, I’m getting more requests for the right of reply and I know that this is the sovereign right of all delegations to exercise their right of reply. But I also wish to draw your attention to the fact that this is a meeting of the Open-Ended Working Group on ICT Security established under a mandate in accordance with Resolution 75-240. I can understand the fact that a discussion on issues within the mandate of this working group will inevitably impact on every other aspects, geopolitical issues, as well as ongoing incidents and situations around the world. But at the same time, the open-ended working group cannot take it upon itself to resolve the geopolitical tensions prevailing at this point in time. These are matters to be discussed here at the United Nations, but in different fora. So I’d like to appeal to all delegations which have taken the floor in the exercise of the right of reply to refrain from asking the floor again, and in this period of trying to get back to the substantive matters that is before the agenda of the open-ended working group. I intend to give the floor to three more delegations, and then I really appeal to all delegations to refrain from requesting for the floor in the exercise of the right of reply. I give the floor now to Germany, to be followed by Yemen and the Syrian Arab Republic. Germany, you have the floor in the exercise of the right of reply.

Germany:
Thank you, Chair. This is in response to the most recent statement delivered by Russia. Germany and its allies are cooperating with President Zelensky as a legitimate and democratically elected head of government. and with Ukraine as a sovereign state that has fallen victim to Russia’s illegal war of aggression. In particular, the Tallinn Mechanism merely supports fostering our Ukrainian partners’ cyber-resilience. Russia’s attack on Ukrainian sovereignty through its illegal war of aggression must not be repeated by any statements that put the sovereign legitimacy of the state of Ukraine or any other state into question. Thank you, Chair.

Chair:
I give the floor now to Yemen.

Yemen:
Thank you, Mr. Chair. I apologize for taking the floor again. I would like to exercise the right of reply on behalf of the Arab group. I agree with you, Mr. Chair. This OEWG is not the most appropriate avenue to discuss geopolitical issues, but we had to reply on behalf of the Arab group. We had to reply to Israel’s delegate. The 7 October incidents did not come out of vacuum. I agree, but as the Secretary General said, they are the result of 75 years of heinous Israeli aggression and attack and occupation on the Palestinians. The crisis will only end with the establishment of a Palestinian state based on the two-state solution along the 4 June 1967 borders. The Palestinians should enjoy their fully-fledged rights to the establishment of their Palestinian state and their self-determination. Thank you.

Syrian Arab Republic:
Thank you, Mr. Chair. I did not intend to take the floor, but I had to because my country was mentioned in Israel’s statement. In this context, I would like to dot the I. Firstly, Israel itself is a serious threat to international peace and security, given its track record occupation of occupied Arab territories, including Golan. Israel, for tens of years, has turned a blind eye to international resolutions. Israel did not withdraw from Arab territories. It is an entity that is based on occupation and aggression. It repeatedly targets my country. It targets civilian objects and infrastructure, including airports and seaports, in flagrant violation of international law and the Charter of the United Nations. This shows Israel’s true hypocrisy. Israel’s delegate pays lip service to international principles, but this will not be enough to conceal Israel’s disregard of international legitimacy resolutions. Stability and security in the Middle East will remain at risk if Israel continues its – the Israeli occupation power pursues its crimes, and if the occupying forces continue its practice. And of course, the list is endless of Israel’s crimes against humanity and genocidal crimes perpetrated. On the statement of Israel and what he mentioned about my country, I categorically reject this statement. Its goal is known, and it lacks credibility. It comes from a hostile regime. Thank you, Mr. Chair.

Chair:
I have no further requests for the floor, and I’d like to thank all delegations for the understanding. Now, I just wanted to make some concluding observations with regard to the section on rules, norms, and principles. First, it is very clear that the Open-Ended Working Group is a barometer of the global geopolitical temperature and conditions. And as we have just seen, we have had a very rich discussion, but a discussion on the threat landscape inevitably will address prevailing geopolitical tensions and situations. And in such a context, I’d like to reiterate what I said yesterday, right at the outset, that we cannot take for granted that consensus in this process in the OEWG is guaranteed. We have to work for outcomes, and we have to work for consensus because of prevailing geopolitical tensions. And also, as the Under-Secretary-General Izumi Nakamitsu told us yesterday, there is a low level of trust across the board. That is precisely why the work of this Working Group is challenging. But it is also precisely why the work of this Working Group has become even more important. Because it is only in the context of geopolitical tensions that there is the possibility, a heightened possibility, of ICT incidents escalating or evolving into interstate conflict. And so the work we do is not abstract. It’s real. It is directly related to prevailing international situation. So that’s the first point that I want to make. Please do not take for granted that success in this open-ended working group is a given. And please do not assume that the chair and the team and the secretariat will deliver you a document that will somehow miraculously capture all your concerns and find a perfect balance. It’s impossible. Just because we have done it twice does not mean we will be able to do it again this year or next year. Each time we have to work for it. It’s not me as the chair working for it. Each time you have to work for it. Because ultimately the demonstrations of flexibility will have to come from the floor, not from the chair. I don’t have a position of my own. My position is that we get to consensus. And that will require each one of you demonstrating flexibility and each one of you not taking for granted the spirit of consensus that has prevailed so far. And each one of you need to nurture that. And yes, there will be differences expressed in this working group, but those differences are also legitimate and we need to listen to each other, which is also a message that I conveyed. Yesterday, as opening remarks at the reception I convened at the Singapore Mission yesterday evening. So that’s the first point I want to make. The second point I want to make is that this discussion on threats has been almost two sessions, six hours of it. We’ve exceeded the time allocated for it. But if you had noticed, I had not cut short any intervention, because I think the discussion on the threat landscape is foundational to international cooperative action. And it’s therefore important and necessary for everyone to understand the evolving and emerging as well as the existing threat landscape. And therefore, the Open-Ended Working Group itself is a platform for information sharing on existing and potential threats. In some ways, it is an informal repository of information about existing and potential threats. This is the only place where all member states can come and listen to each other’s assessments of existing and potential threats, and in the process, also raise the collective level of awareness about existing and potential threats. But more importantly, to then begin to have a discussion about what we can do. Because if this is just an exercise of coming here, spending two or three sessions talking about threats, and then going back, that in itself would serve no productive purpose. Because the question is, what are we going to do? So in that sense, this discussion was useful. It exceeded the time that we had allocated under the work program. But I think it’s a worthwhile investment of our time in understanding the threat landscape, which therefore raises the question, what are we going to do about it collectively? And that, therefore, leads to the next topic. Next topic is rules, norms and principles. And so I’d like to get into that discussion, but we have 10 minutes left. But before we take speakers under rules, norms and principles, I want to also say this. It is very clear, and I’m very encouraged by this, no one has recycled their statements. Everyone has looked at the guiding questions very seriously. Everyone has come prepared with very detailed statements. And I have no doubt that some of the statements were also the result of domestic interagency processes. And therefore, you feel a deep sense of obligation to read every single word that has been prepared, and that’s on your laptop. Now, if we take that approach of giving everyone the chance to read the entirety of their very well-crafted and thoughtful statements, then we may not have the time this week to cover all the issues that we need to cover. In fact, sitting here, I was thinking to myself that the future mechanism, future permanent mechanism that we are going to discuss later in the week, the future permanent mechanism post-2025, should perhaps be meeting for two weeks, because all of you are so hard-working, all of you have done the homework, all of you are A students, all of you are so deeply committed to this process, that it’s fair that we give everyone the time. to make the contributions that they feel strongly about. So I just wanted to say that when we get to the norms, rules, norms, and principles section, I do encourage delegations. I do not want to cut off delegations yet, yet, underline that. I do not want to put a time limit, yet, yet, underline that. But I do ask you to look at your statements for the subsequent sections and highlight the key elements that you think everyone else should know about your position. So this afternoon, when we start with rules, norms, and principles, it is almost one, so I do not intend to start the next list of speakers at this point for rules, norms, and principles. So this afternoon, when we come to rules, norms, and principles, please look at your careful, please look carefully at your prepared interventions and see how you can summarize it and make it succinct. And then after rules, norms, and principles, tomorrow is Wednesday, and tomorrow afternoon, we have a dedicated stakeholder session, and we have allocated three hours for that, but I’d like to say that the dedicated stakeholder session will be now limited to one hour, three to four p.m. This by no means limits the opportunity for stakeholders, because we have invited them to register themselves for the interventions. I think we can give everyone who wishes to speak an opportunity, but I would put a time limit for stakeholders, and I beg their indulgence. and the understanding for that. So we should be able to cover the stakeholder contributions from 3 to 4 p.m. and then from 4 to 6 p.m. Wednesday. We will continue with the other items under our program of work. And as I said, I do attach the greatest importance to the contributions from the stakeholders. I did have a separate session of my own last week, but it’s important that we also hear them here. And for the stakeholders as well, I’d like all of you to look at your prepared statements and see how you can zero in on the key points that you would like members to think about and reflect about. So friends, once again, this is what I would call a good start to the seventh substantive session. We covered a lot of ground under the first section on existing and potential threats. We touched on every other aspect of the mandate in terms of rules, in terms of international law, in terms of CBMs, in terms of capacity building. And also, I think there was a discussion about how we should structure our work in the future. So in that context, we also looked at the post-2025 possibilities. So I wish you all a good lunch, and we will begin the meeting this afternoon, 3 p.m. sharp, Swiss time. So I wish you a pleasant lunch, and the meeting is adjourned. Thank you very much.