Digital Breakthroughs Must Serve Betterment of People, Planet, Speakers Tell Security Council during Day-Long Debate on Evolving Cyberspace Threats

While advances in digital technology offer incredible opportunities to create a better future for all, “breakthroughs must be oriented towards the good”, the leader of the United Nations told the Security Council today during a day-long debate on evolving cyberspace threats, during which speakers spotlighted myriad examples of the opposite.

Digital breakthroughs are happening at “warp speed”, observed UN Secretary-General António Guterres.  They bring people together, deliver information instantly and supercharge economies.  “But, the very quality of seamless, instant connectivity that powers the enormous benefits of cyberspace can also leave people, institutions and entire countries deeply vulnerable,” he added.  Spotlighting ransomware as “one grievous example”, he cited an estimated total of $1.1 billion in ransomware payments in 2023.  “But, far beyond the financial costs are the costs to our common peace, security and stability,” he stressed.

Against that backdrop, he noted that the “New Agenda for Peace” calls for focused efforts by States to prevent the extension and escalation of conflicts both within and through cyberspace.  Adding that “the rule of law must exist in the digital sphere as it does in the physical world”, he spotlighted Member States’ efforts towards consensus on a new cybercrime treaty.  Further, he underlined the “clear and growing links” between cyberspace and global peace and security, urging the Council to integrate cyberrelated considerations into its work.

Next to brief the Council was Stéphane Duguin, Chief Executive Officer of the CyberPeace Institute, who reported that an “AcidRain” cyberattack against Ukraine in February 2022 impacted the functioning of wind turbines and satellite Internet access across Europe.  He also spotlighted the activities of groups linked to the Democratic People’s Republic of Korea, stating that “these criminal groups coordinate global cyberattacks of all types” for estimated gains of $3 billion.  Underlining the need to call out perpetrators, he stressed:  “There cannot be de-escalation without attribution.”

Meanwhile, in places like Africa, the activities of terrorist and extremist groups are enabled by cybertechnology, said Nnenna Ifeanyi-Ajufo, Professor of Law and Technology at Leeds Beckett University and Vice-Chair of the African Union Cyber Security Experts Group.  In 2023 alone, Kenya recorded 860 million cyberattacks targeting the country’s critical information infrastructure.  There is also the danger of States violating human rights using “the alibi of cybersecurity” by shutting down Internet access during armed conflict, she said, urging the Council to develop mechanisms for understanding the cyberthreat landscape across regions.

In the ensuing debate, almost 70 speakers took the floor to detail such threats, offer national experiences and discuss what role the Council should play on a stage featuring State and non-State actors’ increasing use of rapidly evolving technology to accomplish troubling goals.

“The Security Council must not bury its head in the sand,” urged Cho-Tae Yul, Minister for Foreign Affairs of the Republic of Korea and Council President for June, as he spoke in his national capacity.  Providing one example of why the Council must strengthen its engagement in response to cyberspace threats, he said:  “Through digital means, the DPRK [Democratic People’s Republic of Korea] systematically evades the very sanctions adopted by this Council and challenges the international non-proliferation regime that is integral to the Council’s work.”

Others also expressed concern about Pyongyang’s activities, including the representative of Malta, who cited reports estimating that malicious cyberactivities by hackers sponsored by that country generated $1 billion.  The regime uses this revenue to fund its illegal weapons-of-mass-destruction programme, she said, threatening peace and security in the Korean Peninsula and beyond.  “The stakes have never been higher,” observed Japan’s representative, concurring.

“Ukraine has been facing Russia’s aggression, including in cyberspace, since the start of the war,” said Ukraine’s representative, turning to another theatre.  Moscow’s cyberattacks have grown more sophisticated, targeting Government and security agencies, businesses and financial institutions and critical infrastructure, she said, also noting the spread of disinformation and propaganda.  On that, the United Kingdom’s representative recalled that the Russian Federation delegation “brought to the Chamber, and to the Internet, the conspiracy of weaponized bats and ducks”.

Adding to these examples were speakers who detailed cyberattacks directed at their countries.  Among them, the representative of the Philippines recalled recent incidents including the defacement of Government websites and the large-scale theft of personal information.  Iran’s representative pointed to cyberattacks on his country’s nuclear facilities and critical industrial infrastructure.  The representative of Albania, meanwhile, said that her country was targeted by “unprecedented heavy cyberattacks” by multiple hacker groups linked to Iran that aimed to destroy Government infrastructure, paralyse public services and create insecurity.  Israel’s representative also detailed ongoing cyberattacks on his country “orchestrated by Iran”.

“We still feel the long-term impact caused by the disruptions to our health-care, social security, finance and other critically important Government sectors,” said Costa Rica’s representative, as she recalled that her country was the victim of large-scale ransomware attacks in 2022.  “As a victim of continuing hostile cyber- and other propaganda, Pakistan remains committed to countering the virus of disinformation,” stressed that country’s representative.  The representative of India said that his country “has been a victim of terrorism for several decades, and we are cognizant of the serious nature of the cyberterrorism challenge”.

The representative of the Russian Federation, however, pointed to a lack of understanding regarding which cases of malicious use of digital technology could constitute a direct threat to international peace and security.  Also denouncing the West for accusing “inconvenient countries” of cyberattacks, he opposed involving the Council in this area.  “Moving this topic to this Council automatically excludes all States who are not on the organ,” he said.

Inclusive processes within the UN, primarily under the auspices of the General Assembly, are the most efficient way to establish equitable and effective arrangements in this domain, stressed Egypt’s representative.  She added that the Council “should not be utilized as a legislative body that attempts to set norms and rules on behalf of UN Member States on matters that necessarily require inclusive and transparent processes”.  The right forum for these discussions, concurred Brazil’s representative, continues to be the General Assembly.

Yet, many others urged the Council to play an active role.  Mamadou Tangara, Minister for Foreign Affairs of the Gambia, said that the organ “is well-suited to become a leader in building a more secure and stable cyberspace for all”.  The Council’s engagement can complement other ongoing UN processes, suggested Sierra Leone’s representative, while Mozambique’s representative — underlining the need to hear perspectives from the Global South — said that cyberthreats should be intrinsically linked to other Council agenda items.

The Council “cannot afford to drag its heels in the light of the development of these threats in cyberspace”, stressed Ecuador’s representative.  Joining him was Omran Sharaf, Assistant Minister for Advanced Science and Technology of the United Arab Emirates, who expressed support for “mainstreaming cyberconcerns” in the Council’s work.  “In the end, this Council addresses State behaviour,” emphasized Austria’s representative, adding that it is “only logical” that the Council does not shy away from one form of that — cyberactivities — whenever it becomes relevant for its mandate.

Robert Persaud, Foreign Secretary of Guyana, also said that the Council “must be a part of the cybersecurity dialogue”.  He also raised a point echoed by others — namely, that many developing countries lack the necessary resources and expertise to combat cyberthreats and build resilience.  “Building technical capacity in these countries must be viewed as an investment in our collective security,” he stressed.  Algeria’s representative echoed that, also stating that “cooperation is key in our endeavours to effectively fight ever-changing cyberthreats”.

Underscoring that cyberspace must “never become a new battlefield”, China’s representative urged those present to abandon zero-sum games and cold-war mentalities, and instead, foster a vision of common, comprehensive and cooperative security.  Erecting a “digital iron curtain” to achieve dominance will only hinder international efforts to govern cyberspace, he added, spotlighting his country’s proposed global initiatives on artificial intelligence (AI) governance and on data security as “blueprints for future rulemaking”.

MAINTENANCE OF INTERNATIONAL PEACE AND SECURITY:  ADDRESSING EVOLVING THREATS IN CYBERSPACE (S/2024/446)

Briefings

ANTÓNIO GUTERRES, Secretary-General of the United Nations, observing that breakthroughs in digital technology are happening at “warp speed”, said that digital advances are bringing people together, delivering information instantly, enabling citizens to access Government services and “supercharging” economies.  “But, the very quality of seamless, instant connectivity that powers the enormous benefits of cyberspace can also leave people, institutions and entire countries deeply vulnerable,” he added.  Further, the perils of weaponized digital technology are growing, he said, pointing out that “cyberspace has kicked the doors wide open — anyone can walk through, and many are”.  Serious cybersecurity incidents are disturbingly common, including breaches of essential public services, relentless illicit activity and “a legion of hate merchants littering the information superhighway with fear and division”, he emphasized.  Additionally, the growing integration of digital tools with weapons systems presents new vulnerabilities.

He went on to say that cyberoperations enabled by artificial intelligence (AI) are “multiplying the threat”, quantum computing could “break down entire systems” with its ability to breach encryption and hackers are actively targeting supply chains.  Spotlighting ransomware as “one grievous example”, he reported that total ransomware payments reached $1.1 billion in 2023 according to some estimates. “But, far beyond the financial costs are the costs to our common peace, security and stability — both within countries and among them,” he emphasized.  Malicious activity that undermines public institutions, electoral processes and online integrity erodes trust, fuels tension and sows the seeds of violence and conflict.  Against that backdrop, he underscored that — while digital technology offers an “incredible” opportunity to create a more just, equal, sustainable and peaceful future for all — “breakthroughs must be oriented towards the good”.

In that context, he noted that the “New Agenda for Peace” calls for focused efforts by States to prevent the extension and escalation of conflicts both within and through cyberspace, adding that “the rule of law must exist in the digital sphere as it does in the physical world”.  He also spotlighted Member States’ work to reach consensus on a new cybercrime treaty, which should deepen cooperation while protecting human rights online.  And underlining the “clear and growing links” between cyberspace and global peace and security, he urged the Security Council to integrate cyberrelated considerations into its existing workstreams and resolutions.  While today marks only the second time that the 15-member organ has held a formal meeting on this issue, many of the issues it considers are affected by — and linked to — cyberspace, including the protection of civilians in armed conflict, peace operations, countering terrorism and humanitarian operations.

“Peace and security in the physical world demand new approaches to peace and security in the digital world,” he stressed, noting that the pact that will emerge from the Summit of the Future in September will provide an opportunity to support the maintenance of international peace and security in cyberspace.  Among other priorities, it will aim to reaffirm global consensus on safeguarding critical infrastructure and create enhanced accountability for data-driven technology such as AI.  Concluding, he said that he will continue to work with the Council, General Assembly and all Member States “to ensure that technology is focused where it belongs — on the progress and security of all people and the planet that we share”.

STÉPHANE DUGUIN, Chief Executive Officer of the CyberPeace Institute, said that the Institute is an independent and neutral non-governmental organization in Switzerland that offers free cybersecurity assistance, provides threat detection and analysis and advocates for respect of laws and norms in cyberspace.  Since the 2022 invasion of Ukraine by the Russian Federation, the Institute has documented a proliferation of threats and threat actors siding with both belligerents.  “Warfare is no longer the sole preserve of States,” he said, noting that a range of non-State actors — from criminal groups, hacktivist collectives with geopolitical motives and other civilians — taking part in cyberattacks and operations.  It traced 3,225 cyberattack campaigns by 127 different threat actors, targeting 24 different critical infrastructure sectors and affecting some 56 countries.  The harm caused by these cyberattacks is felt far beyond the borders of the belligerent countries, with about 70 per cent of all cyberattacks impacting organizations in non-belligerent countries.

He reported that in February 2022, a cyberattack by the “AcidRain” malware targeted Ukraine’s broadband satellite Internet access.  It impacted the functioning of wind turbines across Europe.  A major German energy company lost remote monitoring access to over 5,800 wind turbines, and thousands of satellite Internet service subscribers in Germany, France, Hungary, Greece, Italy and Poland were also affected.  Cyberattacks are also used to evade international sanctions and finance illegal activities.  Citing the activities of the Kimsuky and Lazarus groups that have been attributed to the Democratic People’s Republic of Korea, he said that “these criminal groups coordinate global cyberattacks of all types”, including against supply chains, cryptocurrency exchange and financial institutions.  More than $3 billion is estimated to have been gained by these groups through these attacks.  “Such an escalation of State-sponsored cyberattacks can create massive harm,” he said.

It is therefore important to foresee new risks, he said, citing the threat of quantum computing on cryptography and generative AI on criminal models.  AI might be used to automate part of a cyberattack, which could bear “an unacceptable risk”.  He said that responding to fast-evolving cyberthreats through a coherent strategy is complex, outlining some measures to be taken, including operationalizing laws, norms and sanctions through the transparent documentation of violations to prevent the malicious use of cyberspace, including the misuse of AI or quantum computing.  He also stressed the need to call out perpetrators.  “There cannot be de-escalation without attribution,” he said, as it can inform decision-making about countermeasures.  It is also imperative to measure harm from cyberattacks comprehensively.  The Institute is developing a methodology to measure such harm.  “These aspects are critical to maintaining international peace and security, cooperating in solving the escalation of cyberthreats and harmonizing the actions of nations,” he concluded.

NNENNA IFEANYI-AJUFO, Professor of Law and Technology, Leeds Beckett University and Vice-Chair of the African Union Cyber Security Experts Group, stressed the need to acknowledge both “our cybersecurity commonalities”, as well as the differences between regions and country-specific realities.  Drawing attention to the various frameworks currently in place in Africa, she pointed to the Digital Transformation Strategy for Africa — 2020-2030, adopted by the African Union Commission in 2014, as well as its Convention on Cyber Security and Personal Data Protection (the Malabo Convention), which entered into force in June 2023.  The Union also adopted, in January 2024, the Common African Position on the Application of International Law to the Use of Information and Communication Technologies in the Cyberspace, “the first position document on the application of international law in cyberspace that includes a section on capacity-building”, she pointed out.

Since 2023, she recalled, there have been cyberattacks on the African Union Commission headquarters which compromised the functioning of email systems.  In 2023 alone, Kenya recorded 860 million cyberattacks targeting the country's critical information infrastructure, she said, adding that a group that calls itself Anonymous Sudan declared responsibility for these.  Highlighting the blurry lines between State actors’ and non-State actors’ responsibility, she said the activities of terrorist and extremist groups are further enabled by cybertechnologies in places like Africa.  There is also the danger of States breaching international human rights “on the alibi of cybersecurity, through shutting down Internet access during armed conflicts”.  That not only infringes on civilians’ rights to communication and freedom of information, but have also prevented effective humanitarian action during conflicts, she added.  Also underscoring the threat posed by cyberenabled disinformation and misinformation, she said this is further aggravated by the deployment of AI.

Stressing the need for capacity-building, she said this is not only a matter of legal, technical and operational capacity, but also a matter of social, economic and political realities.  Priority areas include governance, policymaking, technical tools, infrastructure and research, she said, also pointing to the need to implement the UN norms of responsible State behaviour in cyberspace across all regions.  Highlighting the voluntary nature of the norms, she said that confidence-building measures between States will decrease mistrust in the cyberdomain.  The Council must develop mechanisms for understanding the cyberthreat landscape across regions, she said, adding that this may mean setting up a working group on peace and security in cyberspace.  Developing functional regional cybersecurity centres and coordinating cross-border cooperation is essential, and regional organizations have key roles to play in formulating policies.  The Council should promote a platform for effective dialogue and establish defined cyber governance principles and standards, she stressed.

Statements

CHO TAE-YUL, Minister for Foreign Affairs of the Republic of Korea and Council President for June, spoke in his national capacity to say that developments since its first meeting on the issue three years ago sharply underscore the need to step up engagement cyberspace threats.  In addition to the proliferation of attacks and the gaps in governance, highlighted in the Secretary-General’s report, dramatic advancements in AI have also significantly empowered nefarious actors to create chaos in cyberspace, he said, stressing their real‑world impacts.  Highlighting that the development of the weapons of mass destruction imperilling his country are largely funded through such activities, he pointed to the most recent report of the Panel of Experts of the Security Council Committee established pursuant to resolution 1718 (2006) which said that illicit cybermeans funds 40 per cent of the Democratic People’s Republic of Korea’s weapons of mass destruction programmes.  The Panel investigated some 60 suspected cyberattacks on cryptocurrency companies between 2017 and 2023 by the Democratic People’s Republic of Korea, he said, adding that, sadly, the Panel is now defunct.  “Through digital means, the DPRK [Democratic People’s Republic of Korea] systematically evades the very sanctions adopted by this Council and challenges the international non-proliferation regime that is integral to the Council’s work,” he said.

“The Security Council must not bury its head in the sand,” he said, urging the organ to strengthen its engagement in response to cyberspace threats.  Just as the Council and General Assembly work in synergy when it comes to discussions on small arms, terrorism and non-proliferation, they can carve out complementary roles on cybersecurity, he said.  To do so, the Council needs a clear diagnosis of the present situation and can request a regular report on how evolving cyberthreats impact international peace and security.  Second, the prescription that follows could be mainstreamed into the Council’s agenda like other cross-cutting issues, such as women, peace and security, youth and climate change, he said, noting the link between the malicious use of information and communications technology (ICT) and the various issues under the Security Council’s remit, including sanctions, non-proliferation and terrorism.  Third, the Council can convene meetings on malicious cyberactivities, urging all relevant actors to use cybertechnology in a responsible manner and pursuing accountability through the tools at the organ’s disposal.  “The Security Council must confront cybersecurity head on if it is to remain relevant and agile in addressing one of the most pressing security challenges of our time,” he said.

The representative of the United States said that “cybersecurity enables our basic systems to function — our economies, democratic institutions and the UN itself”.  To safeguard the benefits of cyberspace, it is pivotal to work with all responsible actors, build digital solidarity and leverage technology to meet the Sustainable Development Goals (SDGs).  And yet, far too many State and non-State actors have taken an opposite approach — worldwide, they have exploited digital connectivity to extort victims for profit, steal money and ideas from Governments and private entities, target journalists and human rights defenders and threaten critical infrastructure, including at the UN.  “As the Council, we must work together to address cyberthreats posed by State and non-State actors,” she asserted, spotlighting the framework for responsible State behaviour in cyberspace, adopted repeatedly and by consensus, which makes clear that international law applies there.  However, some countries choose to empower bad actors, she observed, noting that cyberoperations of the Democratic People’s Republic of Korea are used to fund its weapons of mass destruction and ballistic-missile programmes. Similarly, the Russian Federation’s cyberactivities target political parties and democratic institutions in numerous countries, she added.

ROBERT PERSAUD, Foreign Secretary of Guyana, said that the malicious use of digital technology has demonstrated the potential to disrupt institutions and pose regulatory and policy challenges related to governance. Moreover, the transnational nature of cyberthreats has rendered traditional notions of national security and defence obsolete.  As contemporary threats to cybersecurity become more sophisticated and multifaceted, he stressed that “so, too, must be our response”.  There must be accountability and oversight mechanisms in place to guard against cyberattacks, and in that context, he spotlighted recent discussions around whether cyberattacks targeting critical infrastructure with grave consequences for life can amount to war crimes, crimes against humanity, genocide or the crime of aggression.  Also urging cooperation to build cybersecurity capacity and resilience and to investigate and prosecute cybercrimes across countries and regions, he pointed out that many developing countries — such as Guyana — lack the necessary resources and expertise to combat cyberthreats and build resilience. “Building technical capacity in these countries must be viewed as an investment in our collective security,” he stressed, adding that the Council “must be a part of the cybersecurity dialogue”.

The representative of the Russian Federation said that his country was among “the initiators” of discussion on international information security at the United Nations 26 years ago, tabling the first draft resolution on this topic — text that has since become an annual one and enjoys the support of a vast majority of Member States.  To discuss this matter, a group of governmental experts was created, which later grew into a more inclusive Open-Ended Working Group — the United Nations’ single negotiation platform to discuss all questions related to international information security.  Moscow has already submitted its vision for a permanent, inclusive mechanism in this field.  “It is wise to preserve our common gains through creating a post-2025 permanent Open-Ended Working Group with a decision-making function,” he said, opposing the involvement of the Security Council.  “Moving this topic to this Council automatically excludes all States who are not on the organ,” he said.  There is still not even the most basic understanding of what cases of malicious use of ICT could be a direct threat to international peace and security.  He also denounced the West for accusing “inconvenient countries” of cyberattacks, saying “attributions of responsibility require professional approaches to identify complete proof”.  The Kremlin advocated for never militarizing cyberspace long before the West, presenting to the General Assembly in 2023 a prototype of a UN convention on ensuring international information security.

The representative of Mozambique said “hardly a day goes” by without a report of a ransomware attack against public or private entities or a denial-of-service attempt against a country or services such as electricity grids, e-government and other critical infrastructures.  Geopolitical competition has resulted in a cyberarms race, he said, adding that the “immobilism” or lack of progress towards an international agreement on cybersecurity norms risks undermining science and digital technology cooperation.  Highlighting the Council’s role in setting international norms for responsible State behaviour in cyberspace, as well as establishing capacity-building initiatives, he said there is a need for “situational awareness” briefings and the sharing of threat intelligence and best practices.  Cyberthreats should be intrinsically linked to other Council agenda items, such as counter-terrorism and protection of critical infrastructure, he said, adding that the perspectives of the Global South should be heard in this discussion. 

The representative of Sierra Leone called for increased collaboration to respond effectively to malicious activities in cyberspace, particularly those threatening critical infrastructure, humanitarian operations and the protection of civilians.  “The malicious use of information and communication technologies acts as a threat multiplier when they exacerbate existing conflicts and challenges,” he said, expressing support for regular briefings to assess evolving cyberthreats.  Engagement by the Council can complement other ongoing United Nations processes, he said, suggesting mainstreaming cyber-related concerns into the Council's discussions on various thematic files, including peacekeeping missions, sanctions and non-proliferation and counter-terrorism efforts.  He noted the creation of the National Computer Security Incidence Response Coordination Centre in Sierra Leone, which has bolstered the nation’s cybersecurity resilience, and concluded by condemning cyberattacks against the International Criminal Court, reiterating a commitment to protect the Court, its officials and those cooperating with it, from interference and pressure.

The representative of Algeria observed that ransomware attacks on critical infrastructure and the theft of digital assets and data put public safety and political stability at risk.  The involvement of both State and non-State actors makes the situation even more complex, he pointed out, adding that the spread of disinformation on online platforms fuels divisions, terrorism and intolerance, with false information interfering in State affairs, hampering cooperation and threatening peace.  New technology — including AI — are further exacerbating cyberthreats.  Accordingly, he called for a legally binding UN framework, taking into consideration every nation’s concerns and interests.  He further stressed the need to help developing countries build protection against cyberthreats and close the digital divide, as building their abilities is essential for securing cyberspace for all nations.  Also, Governments must cooperate to face this challenge through continuous effort, he said, noting that “cooperation is key in our endeavours to effectively fight ever-changing cyberthreats.”

The representative of Slovenia said that, as the Council bears the primary responsibility for maintaining international peace and security, it “should therefore play a decisive role in de-escalating tensions and promoting accountability” when malicious cyberactivities threaten the same. Activities that support terrorism or the proliferation of weapons of mass destruction — or that exacerbate existing conflicts — “pose such a threat, necessitating the Council’s response”, he emphasized.  The Council should also address disinformation campaigns that incite violence against civilians, cause humanitarian suffering or disrupt the work of humanitarian organizations and peacekeeping operations.  “In an era marked by the growing digitalization of conflicts, it is crucial to emphasize the applicability of international law,” he stressed, underlining his country’s commitment to implementing existing norms of responsible State behaviour in cyberspace.

The representative of Malta expressed concern about the malicious cyberactivities targeting Government institutions and democratic processes, often with a direct intent to undermine security and erode trust in election outcomes.  “Our collective efforts to promote stability in this domain must be rooted in human rights, both online and offline,” she said, stressing that cyberpolicies must be conflict-sensitive, age-sensitive and gender-responsive.  State-sponsored malicious cyberactors exploit ransomware and digital thefts to generate illicit revenues.  Reports estimate that, in 2023, malicious cyberactivities by Democratic People’s Republic of Korea-sponsored hackers generated $1 billion.  The regime uses these revenues to fund its illegal weapons of mass destruction programme, which threatens peace and security in the Korean Peninsula and beyond.  “These activities have been well-documented” in the reports of the Panel of Experts assisting the UN Sanctions Committee on that country, she said.

The representative of Japan, noting the alarming qualitative and quantitative increase in cybersecurity threats, said it is well-known that the Democratic People’s Republic of Korea is financing its weapons and ballistic-missile programmes through cyberoperations.  Also noting the effect of spyware on national security and human rights, he said:  “The stakes have never been higher.”  The international community must uphold the rule of law in cyberspace by implementing agreed norms and principles of responsible State behaviour.  Sharing of information on potential threats is crucial, he said, also reaffirming the need for capacity-building and fostering trust.  His country will continue its constructive engagement with the current Open-Ended Working Group, he said, adding that the Council needs to have a greater role in this field.  It must monitor cyberincidents, hold regular briefings and address the cyberthreat to the non-proliferation regime.

The representative of the United Kingdom said that, as the use of AI systems grow, it is important to understand how cyberthreats will change while identifying opportunities for AI to support cybersecurity goals.  “Maintenance of international peace will require AI systems to be secure by design,” she said, urging continued awareness of cyberthreats and expressing concern over the Democratic People’s Republic of Korea’s use of malicious cyberactivities to obtain cryptocurrencies to fund their illegal weapons programme.  “We need to redouble our efforts to ensure effective implementation of the DPRK sanctions regime,” she said, adding that another cyber challenge is disinformation.  “For Russia to accuse the UK [United Kingdom] of running a disinformation war is astonishing when their own disinformation machine has been so obviously and clearly exposed,” she said.  “We were not the delegation who brought to the Chamber, and to the Internet, the conspiracy of weaponized bats and ducks.”

The representative of Switzerland voiced concern over the increasing digitization of conflicts and the use of cyberoperations in armed conflicts, transforming the nature of these conflicts.  Concurrently, the growing intensity of attacks by ransomware and State-sponsored cyberattacks against critical infrastructure is equally alarming.  The use of ransomware to extort currency and cryptocurrencies, or the targeting of essential infrastructures, threatens to paralyse vital structures in our societies.  These activities also affect the international community’s ability to achieve the SDGs due to developing countries’ heightened vulnerability, posing a threat to international peace and security.  For its part, the Council should regularly take note of current cybersecurity developments and threats, she stressed, noting that this awareness-raising would enable the organ to make fully informed decisions on specific geographical issues and in the context of peacekeeping operations.  The Council should also emphasize the importance of State responsibility and due diligence and recognize the 11 norms of responsible State behaviour in cyberspace, she added.

The representative of China said that, as digital economies flourish, the world is “seeing accelerated integration into a community with a shared future, featuring intertwined interests and shared weal and woe”. However, the risks are ever more serious, as cyberterrorism becomes a global menace, cyberspace is increasingly militarized and the digital divide among countries and regions continues to widen. Underscoring that cyberspace must “never become a new battlefield”, he said that “a certain country” designated cyberspace as a domain of military operations, builds cybermilitary alliances and pushes for rules of engagement.  This will only escalate the risk of conflict in cyberspace, and all parties should therefore abandon zero-sum games and cold-war mentalities and foster a vision of common, comprehensive and cooperative security. Erecting a “digital iron curtain” to achieve dominance will only hinder international efforts to govern cyberspace, he added, spotlighting his country’s proposed global initiatives on AI governance and on data security as “blueprints for future rulemaking”.

The representative of Ecuador said that the Council “cannot afford to drag its heels in the light of the development of these threats in cyberspace” because they are interconnected with various items on the agenda of this organ, including non-proliferation and counter-terrorism.  In this regard, the Council must consider including, in its products, elements related to cybersecurity on a case-by-case basis — for example, a provision aimed at strengthening strategic communications in peacekeeping operations and special political missions.  The development of international law in this field must be accompanied by capacity-building, particularly in countries in conflict situations, because they are the most susceptible to the malicious use of ICT.  The Open-Ended Working Group has made significant progress in this area.  “The outcome of their work could serve as a guide for the work of this Council,” he said.

The representative of France, noting that cyberattacks can be threats to international peace and can impact critical infrastructure, pointed out that ransomware attacks in 2023 had increased by 30 per cent, and can disrupt economies and Governments.  Highlighting the attacks carried out by Russian Federation on the satellite technology of Ukraine, he said the Democratic People’s Republic of Korea’s illegal weapons of mass destruction programme was partly financed by illicit cybermeans.  The international community must ensure that “the cyberspace is not the Wild West”, he said, expressing support for the work under way in the First Committee (Disarmament and International Security) to establish a normative framework on cyberspace.  The Council must encourage States to implement norms and include cyberissues in its mandate, he said, adding that it must receive regular expert presentations on this matter.

MAMADOU TANGARA, Minister for Foreign Affairs of the Gambia, said the evolving threat of cybercrime is not just a matter of stolen data, but a direct challenge to international peace and security, demanding urgent attention.  “We need a comprehensive approach that addresses this evolving menace,” he said, suggesting three points.  One, the Council must champion for exemplary norms of responsible State behaviour in cyberspace.  Secondly, the organ can strengthen accountability for cybercrimes by building a unified front against impunity.  And thirdly, the Council can leverage the expertise of United Nations agencies to adequately address the menace of undermining sustainable international peace, security and democracy.  “The Security Council, therefore, is well-suited to become a leader in building a more secure and stable cyberspace for all,” he said, stressing the need to encourage States to incorporate norms into action.

TOBIAS LINDNER, Minister of State of Germany, said that the international community is exposed to a growing number of State-sponsored and private cyberactivity incidents, which seriously impact the maintenance of international peace and security.  Severe attacks by cybercriminals — including ransomware attacks — have shown that these attacks have the potential to threaten the stability of State institutions and affect entire societies.  A recent trend is the emergence of hacktivist groups in the theatre of international conflicts, who attack key infrastructure targets.  This has eroded trust in the delivery of public services and spread fear among civilians.  “All these trends serve as threat multipliers, given that the cyberdomain extends conventional battlefields far into the civilian domain,” he observed, highlighting the Council’s important role in assessing the threat and its trust- and norm-building potential by putting international cyberconflicts on its agenda, investigating situations of cyberconflict or facilitating their peaceful settlement.

OMRAN SHARAF, Assistant Minister for Advanced Science and Technology of the United Arab Emirates, said that international law must guide the use of digital technology and that “addressing normative gaps requires continued convergences on how to uphold and maintain international law in the cyberdomain”. He also expressed support for “mainstreaming cyberconcerns” in the Council’s work, which could include referencing cyber-related concerns, trends and developments in briefings and feature statements on priority issues more regularly.  For example, resolution 2341 (2017) — recognizing the need to protect critical infrastructure against terrorist attacks — underscores the importance of addressing the broad spectrum of cyberthreats that accompany digitization.  He also encouraged the Council to consider convening an annual briefing on emerging technology threats and their implications for international peace and security.  Further, the publication of an annual cybersecurity report by the Secretary-General would provide a comprehensive assessment of the global cyberthreat landscape, along with recommendations for enhancing international cooperation in this area.  “Harnessing cybertechnologies is crucial for our future, but vigilance against their risks is essential,” he observed.

DACE MELBĀRDE, Parliamentary Secretary of the Ministry of Foreign Affairs of Latvia, cited a growing number of cases where critical infrastructure, including information infrastructure, saying these cyberattacks could have catastrophic “real world” consequences.  Cyberattacks have become an integral part of the Russian Federation’s full-scale aggression against Ukraine.  Threats and challenges in cyberspace merit regular deliberations in the Council, she stressed, adding that developing a more robust Council role in addressing cybersecurity matters cannot be accomplished in one day, as it is a step-by-step endeavour.  The Council, however, should not replace the work already done in other UN formats under the General Assembly.  It should instead reinforce the understanding reached in these formats, including the applicability of international law to cyberspace.  Anticipating the establishment of a permanent UN mechanism to address cybersecurity, she said:  “We see the potential for new synergies between the Council and the Assembly in this field”.

The representative of Egypt, noting that the lines between conventional and non-conventional weapons continue to erode, especially in the cyberarms race, cautioned that technology developed by States is being transferred, copied or reproduced by terrorists and criminals.  Recalling Assembly resolution 75/240 and acknowledging the progress made in the working group it established, she said it must lay the ground for a future mechanism that is action-oriented, single-track and consensus-based.  Inclusive processes within the UN, primarily under the auspices of the General Assembly, are the most efficient way to establish equitable and effective arrangements in this domain, she stressed.  While encouraging the Council to consider the opportunities offered by emerging technologies in peacekeeping and counterterrorism, she stressed that “the Council should not be utilized as a legislative body that attempts to set norms and rules on behalf of UN Member States on matters that necessarily require inclusive and transparent processes”.

The representative of Ukraine, associating herself with the statement to be delivered by the European Union, said the Democratic People’s Republic of Korea has been engaged in cyberespionage and cryptocurrency theft to further develop its nuclear and weapons of mass destruction programmes in violation of Security Council resolutions and recently the Russian Federation’s cyberespionage group, APT28, conducted cyberattacks against several Member States.  “Ukraine has been facing Russia’s aggression, including in cyberspace since the start of the war,” she said, adding that Moscow’s cyberattacks have grown more sophisticated, targeting Government and security agencies, businesses and financial institutions and critical infrastructure as well as spreading disinformation and propaganda.  Ukraine cooperates with international partners to defend itself against such attacks and has additionally begun to investigate and prosecute cyberattacks as war crimes.  States must abide by their international commitments and obligations, including in the use of ICT.  “International law, including the UN Charter, is applicable in the cyberdomain,” she said.

The representative of Estonia underscored that the increasing sophistication and damage caused by malicious cyberincidents carried out by State and non-State actors cannot be ignored.  The Russian Federation’s aggression against Ukraine has highlighted how cyberoperations are intertwined with kinetic warfare, he said, adding that Moscow’s actions have highlighted the need to focus on the comprehensive approach to national defence and internal security.  To strengthen Ukraine’s resistance to cyberattacks, Estonia has actively supported the country in cyberdomain bilaterally, as well as through the Tallinn Mechanism and IT-Coalition — cybersecurity platforms for both civilian and military assistance.  He also strongly condemned Pyongyang’s malicious cyberactivities, which aim to fuel that country’s weapons programme, destabilize regional security and threaten global peace.  “[An] open, secure, stable, accessible and peaceful ICT environment cannot be taken for granted and is not separate from the physical world,” he said, highlighting the Council’s substantial role in this regard.

The representative of the Czech Republic, noting the increasing use of ICT in armed conflict and the use of cyberspace to spread disinformation, exacerbate existing social conflicts and incite terrorist acts, urged the Council to intensify efforts “to find effective ways to address these less obvious malicious activities in cyberspace”. Further, it should raise awareness of the true scale of these threats and facilitate greater resilience.  He reported that his country, for its part, publicly condemned the activities of “the Russian State-controlled actor APT28”, which had been conducting a long-term cyberespionage campaign in Europe and targeting Czech Government institutions.  Underscoring that such activities violate UN norms of responsible State behaviour in cyberspace, he endorsed an international order based on international law that promotes an open, secure, stable, accessible and peaceful ICT environment.  He added that his country has engaged with States in Africa, the Indo-Pacific and Latin America to map out the evolving threat landscape and strengthen joint response.

The representative of the European Union, in its capacity as observer, said that the blurred lines — between criminal activities and State-sponsored attacks using cybercriminals for hire — make the already difficult task of attribution all the more challenging.  In May, Germany shared its assessment that the Russian Federation-linked cyberespionage group APT28 compromised email accounts of the German Social Democratic Party.  State institutions, agencies and entities, including in the Czech Republic, Poland, Lithuania, Slovakia and Sweden, were targeted by the same threat actor before.  These malign activities must stop.  “The top lines are straightforward:  international law applies in cyberspace,” she stressed. For the bloc, focusing on developing and implementing the agreed framework for responsible State behaviour in cyberspace is crucial.  For that framework to be effective, “we must uphold it together”.  She said this reinforces the importance of establishing a permanent, inclusive, action-oriented UN mechanism, expressing support for creating a Programme of Action.  She also welcomed efforts to underscore the Council’s important role in spotlighting the unique and specific international threats emerging in the cyberdomain.

The representative of the Philippines, expressing concern about the rise of AI-powered robocalls for fraud, the proliferation of deep fakes and ransomware attacks, said the international community must prioritize the development of robust cybersecurity policies and ensure the safe deployment of AI technology.  His country has experienced firsthand the devastating impact of cyberattacks on national security and public trust, he said, recalling recent incidents, including the defacement of Government websites and large-scale theft of personal information.  Non-State actors are also able to maliciously use this technology for commercial gain, he said, describing how cyberattacks can serve as “significant threat multipliers”.  The Security Council must reinforce the agreed normative framework of responsible State behaviour in cyberspace and convene annually to review the threat landscape, he said, also calling on the organ to lead on information gathering.

The representative of Indonesia warned of the clear and present danger of threats in cyberspace and encouraged a robust international response.  First, mitigating the human cost of cyberattacks against critical infrastructure must be a priority.  “We must ensure cyberspace is safeguarded as a domain free from conflict,” he said.  “Not an arena of conflict.”  Secondly, synergy and coherence within the UN system around cybersecurity, ICT and international peace and security are essential.  Thirdly, it is important to strengthen regional cooperation, he said, highlighting the role of the Association of Southeast Asian Nations (ASEAN) in enhancing regional resilience against cyberthreats.  Finally, he noted the importance of bridging the technology gap to improve cyberresilience, a critical challenge for developing countries that leaves them vulnerable to escalating threats and undermines their stability.

The representative of Singapore emphasized that, to combat the global and transboundary nature of the cyberthreat landscape, the General Assembly and the Security Council must work together to strengthen adherence to the normative framework of responsible State behaviour.  Cybersecurity is of vital importance for many small and developing States, he pointed out.  Noting that the Council should avoid duplicating the work already done in other processes, he underscored the need to recognize the body’s clear mandate to discuss matters relating to the maintenance of international peace and security.  “We cannot rule out the possibility that a cyberincident could create misunderstanding between States and lead to an escalation and potential conflict, thereby creating an incident of international peace and security,” he stated, adding that the Council should operate with the awareness that cyberthreats can have physical and real-world consequences.

The representative of Costa Rica, recalling that her country was the victim of large-scale ransomware attacks in 2022, emphasized: “We still feel the long-term impact caused by the disruptions to our health-care, social security, finance and other critically important Government sectors.”  Urging extension of the protection-of-civilians agenda to encompass cyberactivities affecting civilians during armed conflict, she called on States to join the “growing consensus that civilian data enjoys the same protection under international humanitarian law as all other civilian objects”.  She also stressed that the women, peace and security agenda should be updated to address the safety of women in the digital realm, calling on Council members to consider adopting a resolution to protect women and girls from online violence, abuse and exploitation.  She added:  “All States, whether members of the Council or not, are responsible for strengthening the international rule of law in cyberspace.”

The representative of Cuba stressed that ICT use must be preserved for exclusively peaceful ends and opposed the militarization of cyberspace or any use of ITC as instruments to interfere in States’ internal affairs.  Article 51 of the UN Charter is not applicable, nor can it be invoked in the context of cyberspace, he said, warning against some States that include in their national security strategies the use of cyberweapons or the possibility of conducting cyberattacks to deter their enemies.  Cuba supports negotiations on a legally binding international instrument that will make it possible to cover the significant legal gaps in cybersecurity and address the growing challenges and threats in this area. The Open-Ended Working Group mandated by the First Committee (Disarmament and International Security) is the appropriate mechanism for exchanging views and an inclusive forum where all Member States can contribute equally to crafting consensus-based solutions, he stressed.

The representative of Bahrain, noting the interconnected nature of cyberspace, called for a multidimensional approach that leverages current tools and new strategies and involves all stakeholders.  Cybertechnologies are no longer the exclusive domain of Governments, she pointed out, adding that capacity-building is crucial.  Reaffirming support for the Assembly’s efforts to strengthen collaboration in promoting cybersecurity, she highlighted the efforts of the working group on information and communications technology.  Her Government’s national centre for cybersecurity provides a safe cyberspace for the people of the country, she said, adding that the national strategy involves enhancing regional and international partnerships, especially in promoting effective governance and awareness of cyber security.

The representative of Poland stressed the growing dependence on cyberspace poses a challenge for States’ security and sovereignty, given the growing number of malicious activities carried out by both non-State and State actors.  He noted that, under certain circumstances, actions in cyberspace may constitute a violation of the prohibition of the use of force and that a cyberattack may be qualified as an armed attack.  “For us, the right to self-defence applies to cyberspace,” he said.  “We shall not seize from efforts aimed at bringing responsible States, and cybercriminals, to justice.”  Some States, instead of fighting cybercriminals operating from their territories, groom and protect them for political or economic gain, and in so doing, undermine the stability of others.  A permanent platform for cooperation within the UN framework is needed, he said, aligning himself the European Union and expressing support for the Programme of Action.

The representative of Romania sounded alarm over the number of malicious cyberactivities targeting Government institutions and democratic processes.  Cyberoperations, often in combination with disinformation aiming to influence public opinion and perceptions — including during elections — could undermine the integrity of democratic processes and the resilience of our societies, he warned.  Equally concerning are cyberattacks against critical infrastructure and essential services, adding that “these malicious activities must stop”.  Irresponsible conduct in cyberspace creates risks to international peace and security, and the Council is entitled to address such issues and encourage increased accountability.  Stressing that international law applies in cyberspace, he underlined the need to enhance the Council’s role in addressing cyber threats in a manner complementary to other UN processes on ICT.

The representative of Austria, aligning himself with the European Union, said that it “adds conceptual clarity to approach this debate through the common language we all agreed on — international law”. Observing that “cyberactivities do not take place in a separate virtual space, but in the real world”, he stated that such activities, therefore, do not constitute a new domain that requires new rules or distinct application of international law.  “In the end, this Council addresses State behaviour,” he emphasized, adding that it is “only logical” that the Council does not shy away from one form of such behaviour — cyberactivities — whenever it becomes relevant for its mandate. Spotlighting sanctions as an example, he said that all activities — including cyberactivities — aimed at breaching binding sanctions decided on by the Council merit its attention. Mainstreaming cybersecurity in the Council’s files is, thus, crucial.

The representative of Kazakhstan said malicious acts in cyberspace could disrupt critical infrastructure and serve as a “threat multiplier” in existing conflicts, requiring the Council’s involvement.  His country supports the global intergovernmental points-of-contact directory launched by the Open-Ended Working Group in May and is appointing such points of contact.  The directory helps Member States respond to cyberincidents.  The Council could play a key role in coordinating international efforts and implementing specific countermeasures, including by supporting capacity-building, especially in developing countries and by involving non-State actors, such as tech companies and civil society organizations, in strengthening collective efforts.  The 15-member organ can also raise awareness of cybersecurity issues and organize regular reviews of the changing cyberlandscape, he said.

The representative of Iran, noting that his country has been “the primary target and main victim of numerous cyberattacks”, recalled the Stuxnet and Duqu attacks on his country’s nuclear facilities, as well as cyberattacks on its critical industrial infrastructures.  Stressing that the primary responsibility for maintaining secure ICT rests with States, he said they must act in accordance with international law.  “Current international law often lags behind the rapid pace of technological change, creating gaps that malicious actors exploit,” he pointed out, adding that States must refrain from using ICT for economic, political or other coercive measures.  They must also avoid abusing related supply chains and ensure appropriate measures for companies and platforms with exterritorial impacts within their jurisdiction, he said.

The representative of Pakistan noted that cyberwarfare has emerged as an important domain of warfare by State and non-State actors.  Stressing that several countries, including Pakistan, are victims of disinformation, he highlighted reports from the European Union Disinformation Lab regarding anti-Pakistan propaganda and cyberwarfare against Pakistan involving more than 10 so-called non-governmental organizations fraudulently accredited to the UN Human Rights Council; more than 750 fake media outlets and 550 fake websites even resurrecting dead people.  Describing it as a systematic, State-led campaign, he stressed that the campaign aimed to malign Pakistan.  He recalled the General Assembly’s 2021 adoption by consensus of a resolution on disinformation, sponsored by Pakistan (document A/RES/76/227).  The text affirmed the responsibility of States to counter the dissemination of disinformation that undermines the promotion of peace and the cooperation among States.  “As a victim of continuing hostile cyber- and other propaganda, Pakistan remains committed to countering the virus of disinformation,” he said.

The representative of Uruguay supported initiatives to promote positive actions to counter the malicious use of ICT in all their forms, observing that most countries have suffered from some type of cyberattack. Cyberspace has become unsafe, impacting critical infrastructure, while AI serves as a multiplying factor in cyberspace attacks, increasing the capacity for damage.  Noting that “cyberspace should be free, open and safe”, she underscored the need to promote the safe use of the Internet.  She emphasized that developing countries need to be given the technology and equipment to effectively counter the challenges that stem from the malicious use of ICT.  Highlighting the UN’s fundamental role in safeguarding international peace and security, she stressed the importance of crafting an international convention to counter the malicious use of ICT for criminal purposes.

The representative of Albania recalled that her country was the target of “unprecedented heavy cyberattacks” by multiple hacker groups linked to Iran that aimed to destroy Government infrastructure, paralyse public services and create insecurity.  As Western Balkan States continue to face a growing number of continuously evolving cyberthreats, Albania works to build capacity in the region through programmes focusing on cybersecurity, cybercrime and cyberdiplomacy. Additionally, the regional summit on cybersecurity that Albania will host in July will aim to foster greater cyberresilience in the Western Balkans.  Emphasizing that “more should — and could — be done at the international level”, she urged the Council to become more engaged.  Further, accountability for malign State and non-State actors should “become more present in joint efforts for a more secure cyberspace”, she said, also calling for strengthened capacity building in developing countries that lack the resources and expertise to address cyberthreats.

The representative of Greece said that “cyberspace is not a lawless domain”. As part of the framework of responsible State behaviour in cyberspace, all States have agreed that existing international law, particularly the UN Charter, is applicable in maintaining peace and stability.  He expressed hope that the Council will adopt a more active role in matters that involve emerging and contemporary threats.  His country is fully committed to further discussions on “this important topic”, including during its 2025-2026 term as a non-permanent Council member.  Highlighting the high level of women’s participation in the Open-Ended Working Group, he underscored the importance of promoting the effective and meaningful participation and leadership of women in decision-making processes related to international cybersecurity.

The representative of Spain, reaffirming commitment to tackling cyberthreats through regional and international cooperation, said that “cyberresilience is key.” Expressing concern about alarming trends such as data theft and manipulation of information, he said these hybrid strategies have changed the very nature of conflict and “the crystal-clear distinction between war and peace is no longer valid”.  Stressing that any mechanism concerning ICT must be based on agreed upon frameworks regarding the responsible conduct of States, he said it should be crafted in an inclusive process.

The representative of Portugal stressed that the impact of cyberinsecurity on the physical world cannot be underestimated.  The increasing offensive capabilities of hostile cyberactors has increased the cost of preventing and recovering from their attacks, he said, noting that, following disruptive attacks from alleged ransomware groups, Portugal joined the International Counter Ransomware Initiative.  “It is worth noting that ransomware is also increasingly used as a cover for the pursuit of strategic objectives by State-sponsored actors,” he said, adding that AI has further expanded the threat landscape.  In the face of these challenges, he expressed hope that the future UN convention to combat cybercrime will soon be finalized and able to promote international law enforcement cooperation against cybercrime.  The Council has an important role to play while preserving the role of the Open-Ended Working Group on Information and Communications Technology security, he said. 

The representative of El Salvador underscored that digital technology represents the backbone of modern interactions. However, the threats linked to the use of ICT in the context of international security continue to evolve in scale and intensity: associated with the misuse of emerging technology, such as AI or quantum computing, they could generate new types of attacks.  Due to the increasing connectivity of digital infrastructure in all areas of governance — social, economic and political — there may be a cascade effect whose impacts are difficult to predict.  Against this backdrop, she emphasized that the Council should more systematically and proactively address cyberspace-related threats to peace and security as part of its mandate.  This could be done through discussions related to the protection of critical infrastructures and critical information infrastructures, the risk analysis of evolving threats in the field of information security, the detection, response and recovery to cybersecurity incidents, and the implementation of the regulatory framework.

The representative of Bulgaria underscored the critical importance of enhancing the Council’s role in addressing cyberthreats.  Its proactive engagement in cybersecurity, aligned with its primary responsibility to maintain international peace and security, helps the Council better respond to malicious cyberactivities.  The interconnected nature of cyberspace requires all stakeholders to engage.  The multistakeholder approach is thus vital to address the evolving cyberthreats properly, she said.  States and international institutions, including the Council, should aim to reinforce regular and structured exchanges with all stakeholders, including the private sector, academia and civil society.

The representative of the International Criminal Police Organization (INTERPOL) stressed the need to enhance understanding of the modern cyberthreat landscape which is fragmented across regions and sectors.  Highlighting her organization’s Gateway model which facilitates industry data access and information-sharing, she highlighted its tailored cybercrime platforms and 24/7 points-of-contact list and regional working groups.  There remain significant disparities in cyberresilience, she said, reaffirming commitment to supporting States in overcoming the digital divide by providing technical assistance and capacity-building.  “We aim to equip law enforcement with the knowledge and skills needed to face today's cyberchallenges,” she said, adding that it is essential to maximize synergies through regular institutional dialogue and multilateral mechanisms.  “Collaboration, not duplication, is key,” she underscored.

The representative of India said that in this interconnected world, the reliance on cyberspace is profound and has exposed the world to a myriad of cyberthreats.  “The cryptocurrency heists, data hijacking, deep fakes, misinformation and incitements are commonplace now,” he said, adding that the potential of AI to add scope and scale to cyberattacks are notable.  Such nefarious acts undermine trust and confidence and create potential flashpoints between States.  “India has been a victim of terrorism for several decades and we are cognizant of the serious nature of the cyberterrorism challenge,” he said, stressing that the threats in cyberspace have the potential to undermine the very fabric of global stability and that to combat them requires a united front.  The international community should achieve uniformity in counterterrorism crime laws, he said, arguing global cooperation in this area will help harmonize cybersecurity benchmarks, best practices and regulations.

The representative of Cambodia said that the rapid advancement of ICT has brought immense possibilities, but it also exposes new and evolving risks that threaten international peace and security.  “The recent rise in cyberattacks has demonstrated that ICT systems are more vulnerable than ever,” he stated, noting his Government’s commitment to fostering a secure digital environment for all. Highlighting the importance of international cooperation, he urged the global community to provide technical assistance and knowledge-sharing to enhance cybersecurity, particularly in developing countries.  For its part, Cambodia took decisive action by establishing the Digital Security Committee aimed at cybercrime prevention and cybersecurity, he noted. Furthermore, he advocated for robust legal frameworks and international norms that promote responsible behaviour in cyberspace, upholding national sovereignty and preventing malicious actions.

The representative of Brazil said that the right forum for these discussions continues to be the General Assembly.  In 2024, the Council revealed its limitations in setting rules for the new domains when it twice failed to adopt a resolution on weapons in outer space.  On both occasions, delegations raised concerns about bringing to the Council complex issues best addressed by the full UN membership.  “These concerns are valid and apply here, too,” he said.  The ongoing Open-Ended Working Group has been “productive in identifying cyberthreats”, highlighting ransomware and cryptocurrency threats, as well as other vectors of attack, including on critical infrastructure.  It is discussing concrete measures to implement the framework for responsible State behaviour. “In an era when progress in disarmament has almost stalled, the area of cybersecurity stands out as a result of the significant progress achieved in the General Assembly,” he said, urging: “Let us work to sustain that momentum.”

The representative of Guatemala, noting that electrical networks, hospital systems and schools have become vulnerable to cyberattacks, said that malicious activity in cyberspace has a multiplier effect in conflict situations.  Cyberattacks fuel conflict both internally and internationally, she said, adding that AI can be used to undermine confidence in institutions and threaten democracy.  It is crucial to strengthen existing efforts, she said, noting the need to establish a mechanism to impose sanctions to regulate conduct in cyberspace and increase assistance to States to enhance their cybercapacities.  The Council must play a greater role in tackling cyberthreats.

The representative of Belgium, also speaking on behalf of Luxembourg and the Netherlands, expressed deep concern over the malicious cyberactivities that continue to rise in scale and may be further exacerbated by emerging technology, such as AI and quantum computing.  One worrying trend is the increase of ransomware attacks, the use of ransomware as a service and malicious cyberthreats targeting critical infrastructure, he said.  “The effects of such incidents, and the risks of spillover effects, are, of course, a threat to international peace and security,” he said, noting that the First Committee (Disarmament and International Security) adopted by consensus the UN Framework for Responsible State Behavior which confirms that international law applies to cyberspace.  Expressing support for a UN convention to combat cybercrime, he said the Council has an important role in promoting an open, free and secure cyberdomain.  In conclusion, he called for a victim-centered approach of the discussions.

The representative of Norway, speaking also on behalf of Denmark, Finland, Iceland and Sweden, voiced concern over the developments in the cyberthreat landscape, noting that State-sponsored cyberaction has continued, most notably in the context of Moscow’s illegal war of aggression against Ukraine.  That country’s cybercapabilities have been weaponized in Ukraine in an attempt to undermine trust in authorities and destroy critical infrastructure.  In this context, he underlined that international law applies in cyberspace.  Additionally, the blurring of lines among State-sponsored, non-State and criminal actors has continued to grow, he observed, voicing concern over the increasing number of ransomware attacks and the accessibility of advanced cybertools and techniques to a broader range of State and non-State actors.  Considering the evolving cyberthreats, the Security Council should discuss the issue more regularly, he said, noting that such discussions can help raise awareness of the threats, share lessons and formulate appropriate responses. 

The representative of Croatia commended the International Committee of the Red Cross (ICRC) for highlighting that cyberspace is not a lawless domain and affirmed that international humanitarian law applies equally in both the physical realm and cyberspace.  That is why the Council should consider further developing its understanding of this highly complex matter through regular exchanges with various stakeholders in cybersecurity, peacebuilding, conflict prevention and mediation.  The Council’s role in addressing cyberthreats could develop in a mutually reinforcing and complementary manner, alongside the existing work of other UN bodies and multilateral initiatives. “The Council could assume an important role in the existing UN cybersecurity ecosystem and improve safeguarding international peace and security in the digital age,” he said.

The representative of Chile, noting that cyberattacks can affect different groups in different ways, said it is important to consider their impact on women, girls and adolescents.  Expressing concern about attacks on supply chains and Internet servers, malware such as Trojan horses and phishing, she said it is vital to strengthen joint cooperation, exchange lessons learned and implement international law in this field.  All stakeholders, from civil society to the private sector, must be involved in this discussion, she said, adding that the Council has a role to play in establishing a cyberspace that is peaceful and open.  Noting that malicious actors often target countries that do not have the tools and capability to respond fully to their attacks, she said the Council must work to build the capacity of vulnerable countries.

The representative of Nepal said no infrastructure or system is immune from cyberattacks — be it civilian infrastructure or nuclear weapons or autonomous weapon systems.  Nepal has also been the victim of cyberattacks and ransomware attacks against its banking institutions, government websites and servers, highlighting the need to implement a robust set of rules based on the accepted norms of international laws including the UN Charter while ensuring cyberspace's openness, stability and security.  Stressing the importance of regular briefings with insights from tech-focused companies, private sectors, civil society and academia, he noted that countries like Nepal are more vulnerable to such emerging threats.  “We should promote cybersecurity through inclusive development and prosperity for all by bridging digital divides among the States,” he said.  “By taking proactive, comprehensive and coordinated actions, we can ensure a secure, open and peaceful cyberspace for all.”

The representative of Bangladesh said that cyberthreats have become pervasive and imminent, disrupting global financial, democratic, sociocultural and security structures.  “The 2024 Global Risks Report underscores cyberthreats as one of the most serious challenges of our time, estimating potential cybercrime costs of $24 trillion by 2027,” he stated, adding the appalling impact of cybercrime on individuals and societies cannot be underestimated.  The proliferation of cyber threats — including ransomware attacks, cyberespionage, and misinformation and disinformation campaigns through deep fakes poses significant risks to global peace and stability.  These threats target critical infrastructure and undermine democratic processes by spreading xenophobia, intolerance and stereotypes.  Also, advancements in AI and quantum computing have magnified the scope and complexity of cyberthreats.  “With billions relying on digital platforms for daily activities, the urgency to address these threats has reached an unprecedented level,” he stressed, noting the need to enhance international cooperation, strengthen cybersecurity measures, foster information-sharing mechanisms and invest in capacity-building initiatives.

The representative of Viet Nam urged the Council to give more attention to this issue and address the interlinkages between cyberthreats and other key issues on its agenda, such as conflict prevention, counter-terrorism and the protection of critical infrastructure.  His Government has embraced a comprehensive, society-wide approach to addressing cyberthreats by enacting a cybersecurity law in 2018.  Reiterating its support for a concerted global effort to establish robust frameworks and mechanisms aimed at upholding the principles of sovereignty, noninterference and responsible behaviour in cyberspace, he declared:  “Through constructive dialogue and cooperation, we can effectively address the challenges that come with the evolving technologies while safeguarding the integrity of the global cyberspace and information ecosystem.”

The representative of Ghana said that Africa has witnessed an “exponential growth of information and communications technology challenges and threats”, from phishing and identity theft to trade in small arms and ammunition on the dark web.  “Private businesses and critical public infrastructure have not been spared,” she said, adding that, while ICT has a positive influence in empowering African citizens, fake news, disinformation and misinformation have resulted in setbacks. Stressing also that Governments must avoid overreaching in regulating this sphere, she said African leaders have been working together to bolster a continental cybersecurity strategy.  The Council must promote action towards a reliable and safe cyberspace for all, she said, adding that it must supplement the Assembly’s role in promoting responsible State behaviour in this field.  Underscoring the need for a legal framework to tackle cybercrimes, she said a subsidiary body devoted to the matter would be a good starting point.

The representative of Panama recognized the importance of building global architecture to effectively combat cyberthreats, which are constantly evolving. The Security Council can play a fundamental role in addressing these challenges and safeguarding our shared digital space, she said, stressing that the Council must explore ways to respond to malicious cyberactivities that may impact critical infrastructure, civilians and humanitarian efforts.  In navigating the complex landscape of these cyberthreats, it is essential to consider discussions under way regarding a comprehensive international Convention to counter the use of ICT with criminal purpose, she said.  “The evolving nature of cyberthreats demands adoption of — and strengthening of — our legal frameworks,” she said.  “In updating these frameworks, we can better address the new challenges that arising in cyberspace,” she said, adding that the Council must work in coordination with Member States, international organizations and other interested actors. 

The representative of Italy, aligning himself with the European Union, expressed concern about the increasing number of malicious cyberactivities and the development of ICT capabilities for military purposes. The Security Council is uniquely positioned to respond to cybersecurity threats for the benefit of all nations, he emphasized, noting the need to strengthen the UN’s capacity to respond to malicious ICT use.  This is especially relevant vis-à-vis the protection of civilians, critical infrastructure and humanitarian operations, he observed, adding that new technology — such as AI — have the potential to multiply existing conflicts.  For its part, Italy will host a national conference on 2 July on enhancing the ecosystem of public and private entities tasked with cybercapacity-building activities worldwide, he added.

The representative of Israel said that, since the Hamas attacks on 7 October 2023, his country has also been under ongoing massive cyberattacks “orchestrated by Iran” with the active support and participation of its proxies, Hizbullah, Hamas and other terror groups, targeting the most critical and sensitive infrastructure, such as water and energy facilities and hospitals.  Iran must be condemned for blatantly violating the norms of responsible State behaviour in cyberspace and for breaching basic humane and moral standards.  Israeli and Jewish communities around the globe are experiencing a global wave of incitement, hate speech and antisemitism, hugely augmented by coordinated, unauthentic behaviour on social media.  Despite the evolving efforts by some big tech companies and their social media platforms to mitigate hate, much more must be done, he said, calling on all social media platforms to demonstrate more responsibility in that regard.  Hate speech of any kind “should not be allowed to echo around the world”, he said.

The representative of Morocco, reaffirming the importance of greater cybersecurity cooperation among Member States, said it should be a shared domain that preserves its peaceful nature.  Given the unpredictable geopolitical context, the international community needs a framework for a global digital transition. Stressing the importance of sharing best practices and promoting capacity-building at the request of Member States, he said his country’s approach to cybersecurity hinges on cooperation with friendly African and Arab nations.  The Council must be more dynamically engaged in this sensitive area, he said, calling for more in‑depth discussions on this matter.  Women and young people, as well as the private sector and academia, must participate in this process, he said, adding that the United Nations must maintain the momentum of the past decade and secure a safe cyberspace.

The representative of Liechtenstein stressed that the escalating sophistication and frequency of cyberattacks — including in the Russian Federation’s aggression against Ukraine — requires clarity on how international law applies to cyberspace.  Relevant assessments have affirmed that the International Criminal Court can investigate and prosecute cyberattacks.  “This is only logical:  international humanitarian law applies to cyberoperations,” he said.  “Therefore, violations of international humanitarian law that meet the ICC’s gravity threshold are prosecutable.”  Prosecuting cyber- and cyberenabled crimes at the Court is instrumental to effectively address the evolving cyberthreat landscape, he said, noting that, building on Liechtenstein’s Council of Advisers report, the Court’s Prosecutor recently launched a multistakeholder consultation process with Microsoft to develop an official International Criminal Court policy to address cyberenabled crimes through the Rome Statute system, a welcome development to help international law practitioners gain a deeper understanding of the complexities associated with prosecuting cyberenabled crimes, he said.

The representative of Türkiye said that cyberthreats are evolving and becoming even more complex, with security vulnerabilities in ICT systems often threatening the economy, public order and national security.  Terrorism, digital espionage, fraud, online child abuse, and exploitation and misuse of personal data conducted via ICT are among these threats, also posing risks to international peace and security.  He voiced concern over the growing number of cyberattacks:  in 2023, there were more than 317 million ransomware and more than 6 billion malware attempts worldwide.  Due to technological developments, cyberattacks have become easier to carry out, while the adverse effects on the victims are rapidly increasing.  Given the transborder nature of cyberthreats, increasing international cooperation and capacity-building are crucial, he observed, adding that his country engages in cyberthreat intelligence-sharing and contributes to cooperation strategies within regional and international organizations.

The representative of Saudi Arabia detailed how his country advanced cybersecurity domestically, regionally and globally. It developed “a Saudi model” for cybersecurity based on centralized governance and decentralized operability. In 2017, it established the National Cybersecurity Authority as the responsible agency for cybersecurity. His country has received international recognition and was ranked second in cybersecurity globally and first in the Arab world by the International Telecommunication Union (ITU) global cybersecurity index and ranked first in the cybersecurity index in the International Institute for Management Development (IMD) World Competitiveness Yearbook 2024.  Saudi Arabia also provides capacity-building exercises worldwide, with over 40 States and organizations participating in such training.  Moreover, his country established the Global Cybersecurity Forum Institute (GCF Institute) which is headquartered in its capital city of Riyadh. The GCF Institute will aim to contribute to achieving a safe and trusted cyberspace that enables growth and prosperity for all peoples of the world.  Riyadh will also host the Secretariat and the Executive Office of the Arab Cybersecurity Ministerial Council, which was formed under the aegis of the League of Arab States (LAS). 

The representative of Argentina, stressing that capacity-building must not undermine the territorial integrity and sovereignty of States, said the Council’s work must not overlap with other efforts, and must be complementary to the work of the Open-Ended Working Group.  The Council will benefit from having reports or presentations from representatives of the private sector “since they, in most cases, are the owners and operators of critical infrastructures”, he said, noting that they also have greater capacity to study this topic and can provide updated information on current threats in real time.  Capacity-building is an indispensable element, he said, adding that cybersecurity gaps do not discriminate.  While States with less capacity in cybersecurity are more vulnerable to attacks, the interconnected nature of cyberspace means that can have significant repercussions elsewhere.  The actions of the Council must be in line with established norms, he said.

The representative of Georgia stressed that the Council’s role remains crucial in addressing and minimizing threats to international peace and security, including those stemming from cyberspace.  In recent years, the international community has witnessed how certain States and non-State actors threaten the rules-based international order by combining conventional methods of warfare with newly developed unconventional ones, with some using cybertactics to gain strategic advantages, such as disabling communication networks and targeting critical infrastructure.  “We all witness aggressive application of hybrid toolkits against Georgia’s sovereignty by Russia,” he said. “Georgia was the first case where, along with the conventional military engagement, the country became a target of numerous attacks in cyberspace over the course of Russia’s full-scale military aggression in 2008.”  He stressed capacity-building as an indispensable element of multilateral cooperation, given the uneven distribution of ICT capabilities.

The representative of Australia, speaking also on behalf of Canada and New Zealand, underscored that cyberthreats undermine the transformative opportunities otherwise provided by digital technology.  These threats are increasing in scale and sophistication and pose particular challenges when employed in connection with armed conflicts.  “The services that we — as citizens and consumers — rely on in everyday life also mean that cyberincidents against critical infrastructure can cause devastating and cascading impacts across society,” he cautioned, noting that they serve as a “threat multiplier” to existing risks and can threaten the effective functioning and public trust in Government.  Detailing significant cyberincidents on critical infrastructure, he said that, in Australia, a heinous ransomware incident on the health-care sector exposed the personal information of millions of people.  In Canada, a ransomware incident paralysed the systems of provincial health-care providers, which caused serious delays and imperilled sensitive information pertaining to thousands of staff and patients.  In New Zealand, the proportion of financially motivated activity has exceeded State-sponsored activity for the first time, he noted.

LAETITIA COURTOIS, Permanent Observer of the International Committee of the Red Cross, said that the organization works to protect people affected by 120 armed conflicts worldwide.  In many of these conflicts, cyberoperations are creating additional risks for people’s security and well-being.  She drew attention to three concerning trends:  cyberoperations disrupting the provision of essential services for civilian populations, such as electricity, water and medical care; the growing involvement of civilian actors — individuals, hacker groups and tech companies — in cyberspace activities related to armed conflicts; and a growing threat of such operations to humanitarian organizations, including data breaches and disinformation.  The Council should mainstream the potential human cost of cyberoperations in its work, she said, stressing:  “In today’s digitalized world, the Security Council should not ignore the threats that ICT activities pose to civilian populations during armed conflict.”

The representative of Kiribati, expressing concern about cyberoperations against critical civilian infrastructures, such as water and electricity, stressed the importance of respecting international humanitarian law.  “Imagine a world where these protections would not apply to cyberoperations and ask yourselves whether such a world is the kind we want to live in and call it home. For us, the answer is no,” he said. The Security Council should listen to the stakeholders, non-governmental organizations and academia who voice concerns about malicious cyberactivities, he said, calling on it to mainstream humanitarian concerns into cyberoperations and uphold the limits placed on all means of warfare, including cyberoperations, under international humanitarian law.  Further, the global tech companies in control of ICT must ensure that such technology is used responsibly to build “a more human and loving home planet”, he said.

The representative of Iran, taking the floor for a second time, responded to the unsubstantiated claims by Albania and the Israeli regime, falsely accusing his country of supporting cyberattacks.  “We categorically reject and denounce these baseless claims,” he said.  Regarding the unwarranted statement by the representative of Albania, he said the Government of Albania was misled by misinformation from the MKO, a terrorist organization based in Albania that has carried out cyberterrorist attacks against Iran’s critical infrastructure, with the assistance and support of certain States, including the Israeli regime.  “This terrorist organization has martyred numerous Iranian officials and civilians,” he said.  Regarding the unfounded allegations made by the Israeli regime, he noted the irony that a regime, notorious for its malicious, criminal and terrorist activities in both cyberspace and real space, accuses other of the very actions it repeatedly commits.