UNITED NATIONS (AP) β The U.N. disarmament chief warned Tuesday that digital technologies are lowering barriers to malicious intrusions and opening potential areas for governments, armed groups, terrorists and criminals to carry out attacks, including across international borders.
Izumi Nakamitsu told a U.N. Security Council meeting on cybersecurity that there has been βa dramatic increase in the frequency of malicious incidents in recent yearsβ ranging from disinformation to the disruption of computer networks which are contributing to βa diminishing trust and confidenceβ among nations.
The political and technical difficulty of determining responsibility for cyber attacks βcould result in significant consequences, including in unintended armed responses and escalation,β she warned. βThese dynamics can encourage states to adopt offensive postures for the hostile use of these technologies.β
As of January, Nakamitsu said, there were over 4.6 billion active users of the internet worldwide and itβs estimated there will be 28.5 billion βnetworked devicesβ connected to the internet by 2022, a significant increase from 18 billion in 2017.
βAs advances in digital technologies continue to revolutionize human life, we must remain vigilant in our understanding of malicious use of such technologies that could imperil the security of future generations,β she said. βDigital technologies are increasingly straining existing legal, humanitarian and ethical norms, non-proliferation, international stability, and peace and security.β
Nakamitsu cited risks to critical infrastructure that rely on communications technologies including the financial sector, electrical power grids, nuclear facilities and hospitals and health care facilities.
Over the past 15 years at the United Nations, she said, five groups of government experts have recommended measures to address cyber threats and a sixth group and an Open-ended Working Group that includes all 193 U.N. member nations have recently adopted βconcrete action-oriented recommendationsβ for an initial framework on responsible government behavior in the use of information and communications technologies.
U.S. Ambassador Linda Thomas-Greenfield warned that both governments and βnon-state actorsβ are taking advantage of the increased reliance on cyber technologies, pointing to recent high-profile ransomware attacks that disrupted the major food processing company JBS and Colonial Pipeline, which provides fuel to much of the U.S. East Coast. These attacks demonstrate βthe unacceptable risk that cybercrime poses to critical infrastructure,β she said.
Thomas-Greenfield said malicious cyber activities are often not contained within borders, citing the targeting of software company SolarWinds and Microsoftβs Exchange Server as examples.
She said βthe rules of the roadβ that the government experts and working group have worked hard to develop must now be put into practice.
At the same time, Thomas-Greenfield said, internet freedom must be protected and the βsame rights that people have offline -- including the rights of freedom of expression, association, and peaceful assembly β must also be protected online.β
Estonia, which holds the council presidency this month, organized the meeting. Its prime minister, Kaja Kallas, who presided, said the solution to malicious actors in cyberspace is to ensure that all countries βcollectively take on the role of guardians.β
βEstonia holds the strong view that existing international law, including the U.N. Charter in its entirety, international humanitarian law and international human rights law, applies in cyberspace,β she said.
Kallas said implementing the framework agreed on by both the government experts and working group βis a major goal for the international community,β but regional activities are also needed and cyber threats must also be tackled with the private sector, civil society and academia.
Lord Tariq Ahmad, Britainβs Foreign Office minister of state for South Asia and the Commonwealth, said the United Kingdom wants to go further than the norms, rules and principles of cyberspace agreed on by the government experts and working group.
βIt is no secret that states are developing cyber operations to support their military and national security capabilities. Indeed, the United Kingdom is one of them,β he said. βLet me be clear: We will use these capabilities to defend ourselves against those who seek to harm us.β
Ahmad said the challenge is to clarify how the rules of international law apply to state activities in cyberspace, βguard against malicious actors bending the rules, and enforce the consequences for those who commit malicious cyber activity.β
In December 2019, the U.N. General Assembly approved a Russian-written resolution to start the process of drafting a new international treaty to combat cybercrime over objections from the European Union, the United States and other countries.
Russian Ambassador Vassily Nebenzia called on all countries Tuesday βto contribute meaningfullyβ to the work of the committee tasked with drafting the convention by 2023.
He welcomed the multilateral discussions at the U.N. by the government experts and the working group but expressed concern βover the resolve of some technologically advanced states to militarize information space by promoting the concept of `preventive military cyberstrikesβ ... against critical infrastructure.β
Nebenzia said this runs counter to the goal of preventing conflicts in cyberspace and Russia perceives it as an attempt by βsome actors to impose their own `rules of the gameβ in the information space from the position of force.β
