Opening of the session/OEWG 2025

17 Feb 2025 15:00h - 18:00h

Session at a Glance

Summary

This transcript covers the opening session of the 10th Substantive Session of the UN Open-Ended Working Group on Security of and in the Use of ICTs 2021-2025. The discussion focused on existing and potential threats in cyberspace, with delegates from various countries sharing their perspectives and concerns.

Key themes included the increasing sophistication of cyber attacks, particularly those targeting critical infrastructure and essential services. Many delegates highlighted the growing threats posed by ransomware, AI-enabled attacks, and the exploitation of emerging technologies like quantum computing. There was widespread agreement on the need for international cooperation to address these challenges.

Several countries emphasized the importance of capacity building, especially for developing nations, to enhance global cyber resilience. The protection of critical infrastructure, data security, and the ethical use of AI were recurring topics. Some delegates also raised concerns about the militarization of cyberspace and the use of ICTs for political manipulation.

The discussion touched on the need for a permanent mechanism to address cybersecurity issues under UN auspices. Many speakers supported the creation of thematic working groups to tackle specific areas like enhancing cooperation, building resilience, and maintaining stability in cyberspace.

Overall, the session highlighted the complex and evolving nature of cyber threats, the interconnectedness of global cybersecurity, and the urgent need for collective action to ensure a safe, stable, and peaceful cyberspace for all nations.

Keypoints

Major discussion points:

– Existing and emerging cyber threats, including attacks on critical infrastructure, ransomware, AI-enabled attacks, and threats to undersea cables

– The need for international cooperation and capacity building to address cyber threats, especially for developing countries

– Concerns about some states using cyber capabilities for malicious purposes or failing to address threats emanating from their territory

– Proposals for the future permanent mechanism, including thematic working groups on topics like resilience and incident response

Overall purpose/goal:

The purpose of this discussion was to identify key existing and potential cyber threats facing the international community, in order to inform the work of the Open-Ended Working Group and shape recommendations for the future permanent mechanism on ICT security.

Tone:

The overall tone was serious and concerned about the growing cyber threats, but generally constructive in proposing solutions. There were some moments of tension when states accused each other of malicious cyber activities, but the chair worked to keep the discussion focused on finding common ground. The tone became more collaborative as states built on each other’s comments and proposals.

Speakers

– Chair: Chair of the Open-Ended Working Group

– USG HR Disarmament Izumi Nakamitsu: Under-Secretary General and High Representative for Disarmament Affairs

– Russian Federation

– Nigeria: Speaking on behalf of the African group

– Pakistan

– Bosnia and Herzegovina

– European Union

– China

– El Salvador

– United States

– Portugal

– Mexico

– Uruguay

– Kingdom of the Netherlands

– Cuba

– Mauritius

– Malaysia

– United Kingdom

– Morocco

– Kazakhstan

– Singapore

– Sweden

– Malawi

– African group: Represented by Nigeria

Additional speakers:

– Japan (mentioned but did not speak in the provided transcript)

– Australia (mentioned but did not speak in the provided transcript)

– Argentina (mentioned but did not speak in the provided transcript)

Full session report

Summary of the 10th Substantive Session of the UN Open-Ended Working Group on Security of and in the Use of ICTs 2021-2025

The 10th Substantive Session of the UN Open-Ended Working Group (OEWG) on Security of and in the Use of Information and Communications Technologies (ICTs) 2021-2025 convened to discuss existing and potential threats in cyberspace, cooperative measures to address these threats, and proposals for a future permanent mechanism. The Chair opened the session by emphasizing the importance of finding common ground and making concise statements. The program of work was adopted, and the participation of non-governmental entities was approved.

Key Themes and Discussion Points

1. Existing and Potential Threats

Delegates highlighted various cyber threats facing the international community:

a) Critical Infrastructure Attacks: The European Union, United States, and Singapore emphasized the growing risk of cyberattacks on critical infrastructure, particularly in sectors such as healthcare, energy, and transportation.

b) Ransomware: The United States highlighted ransomware as a major concern, especially its impact on healthcare systems.

c) AI and Quantum Computing: Mauritius, El Salvador, and Bosnia and Herzegovina drew attention to the challenges posed by artificial intelligence and quantum computing, including new cybersecurity risks and the need for post-quantum cryptographic solutions.

d) Undersea Cables and Telecommunications: Kazakhstan raised concerns about increasing threats to undersea cables and telecommunications networks.

e) Disinformation and Election Interference: Sweden highlighted the dangers of disinformation campaigns and election interference.

f) Cryptocurrency-related Cybercrimes: Malawi identified this as an emerging threat requiring international attention.

g) Commercial Cyber Intrusion Capabilities: The United Kingdom expressed concern about the expanding market for commercial cyber intrusion tools.

2. Cooperative Measures to Address Threats

Delegates proposed various measures to enhance international cooperation and capacity building:

a) Support for Developing Nations: Nigeria, on behalf of the African group, emphasized the need for technical assistance and resource support for developing countries.

b) CERT Collaboration: Malaysia stressed the importance of collaboration among Computer Emergency Response Teams (CERTs) and information sharing.

c) Cybersecurity Capacity Fund: Mauritius called for the establishment of a voluntary cybersecurity capacity fund.

d) Public-Private Partnerships: Malawi highlighted the importance of public-private partnerships in addressing cyber threats.

e) Critical Information Infrastructure Protection: China emphasized the need for cooperation in protecting critical information infrastructure.

f) Regional and International Frameworks: Uruguay underscored the importance of regional and international frameworks for cybersecurity.

g) AI Governance: El Salvador called for AI governance and ethical guidelines.

h) UN Framework Implementation: The Kingdom of the Netherlands stressed the importance of implementing the UN Framework for Responsible State Behaviour in Cyberspace.

i) Legally Binding Instrument: Cuba advocated for a legally binding international instrument on cybersecurity.

j) Data Protection and Privacy: Pakistan emphasized the importance of data protection and privacy regulations.

3. Future Permanent Mechanism

Delegates discussed the structure and focus of a future permanent mechanism to address cybersecurity issues:

a) Thematic Groups: The United Kingdom proposed dedicated thematic groups on cooperation, resilience, and stability.

b) Action-Oriented Recommendations: Morocco called for action-oriented recommendations in the future mechanism.

c) Stakeholder Involvement: Portugal stressed the importance of stakeholder involvement.

d) Emerging Threats: The Russian Federation emphasized the need to address emerging threats in the permanent mechanism.

e) Cross-Cutting Approach: Sweden advocated for a cross-cutting approach to cyber threats in the future mechanism.

Conclusion and Next Steps

The Chair concluded the session by emphasizing the need to find common ground and make statements more succinct in future discussions. The group will continue to work towards establishing a future permanent mechanism for addressing cybersecurity issues, considering the creation of dedicated thematic groups and exploring the establishment of a voluntary cybersecurity capacity fund for developing nations.

The OEWG is set to prepare its final progress report in July 2025, which will likely incorporate the insights and recommendations from this substantive session. Future meetings will continue to address unresolved issues, such as the specific structure of the future mechanism and approaches to regulating emerging technologies.

Session Transcript

Chair: Good morning, Distinguished Delegates. The first meeting of the 10th Substantive Session of the Open-Ended Working Group on Security of and in the Use of ICTs 2021-2025, established pursuant to General Assembly Resolution 75-240, is now called to order. Distinguished Delegates, I extend a very warm welcome to all of you attending this meeting and to those who are watching the meeting through UN Web TV. I’d like to acknowledge the presence of Ms Izumi Nakamitsu, Under-Secretary General and High Representative for Disarmament Affairs, and I’d like to start by giving her the floor to make some opening remarks. Ms Nakamitsu, the floor is yours.

USG HR Disarmament Izumi Nakamitsu: Thank you very much, Mr Chair. Mr Chair, Distinguished Delegates, Dear Colleagues, I am pleased to once again have the opportunity to brief the Open-Ended Working Group on Security of and in the Use of Information and Communications Technologies. It is hard to believe that this is the penultimate session before the Working Group’s mandate concludes in July. It has been a long and sometimes arduous road, but it has been an important journey with many positive markers along the way. Steady, consistent progress has always been a defining characteristic of this group. From elaborating confidence-building measures to the convening of the first Global Roundtable on Capacity Building to unpack new threats, including the impact of emerging technologies like AI, the group’s milestones are clear. The Global Intergovernmental Points of Contact Directory, now with the participation of 116 and counting, is another tremendous achievement. The directory is a prime example of a concrete output that not only serves as confidence-building measure in its own right, but is a vehicle through which other such measures can be pursued. In this way, it has the potential to be a multiplying force for progress. My office is working closely with the chair and our partners, Unidear and ITU, in the preparation of the first POC simulation exercise in March. We look forward to broad and active participation. But now, we enter the final phase of this journey. Our attention is rightly towards the future. And the future is anything but certain. Challenges to international peace and security arising from state use of ICT continues to grow. Incidents of malicious use of ICTs by both state and non-state actors remain well-documented, including those with impacts on infrastructure providing essential services to the public, like healthcare, banking, and government services. Concerns that technological advances are outpacing our governance structures are coming from all corners, from governments and civil society alike. Lightspeed developments in artificial intelligence, in particular, are raising flags. But as the Secretary-General has said, we begin 2025 lifted by the commitments of the Pact for the Future and the Global Digital Compact. These commitments are an affirmation of the underlying power and purpose of the United Nations in our 80th anniversary year. Leveraging those frameworks, we can close digital divides and harness technologies for good while also mitigating risks. Pursuant to these commitments, states are already actively engaging in discussions on how to enhance global governance of AI through the establishment of an international scientific panel and global dialogue. But more remains to be done. This working group has the unique opportunity to create a permanent single-track mechanism on ICT security matters under United Nations auspices, thus setting the stage for long-term progress in the years to come. There is already a strong basis in the consensus elements agreed in July last year in the third annual progress report. The foundational elements of the mechanism are clear, from guiding principles to function and scope, to structure, modalities, and decision-making. As I said at the previous session in December, there are a number of outstanding matters to tackle, but this year is a chance to build on what has already been agreed. We’re working towards a seamless transition, which is what we all hope for. While there’s not unanimity, In all matters at hand, the Working Group has undeniably served as an indispensable platform for exchange. This commitment to constructive exchange has driven progress forward. I trust this same commitment will help States find consensus on the outstanding matters for the future mechanism. I must acknowledge the efforts of the very able Chair of this process, Ambassador Burhan Ghafor, in forging a consensus on these matters. The Chair’s latest discussion paper on elements for stakeholder modalities and the dedicated thematic groups is a strong basis for further discussion. In particular, I welcome States’ consideration of the topics for consideration of the future thematic groups. It is critical that States have the space to consider these issues with a view to action-oriented recommendations. Having spent nearly five years in this Forum actively discussing a wide range of issues, the need for deeper substantive exchange is clear. Building resilience of critical infrastructure, enhancing cooperation in the management of ICT incidents, preventing conflict and increasing stability in the ICT sphere represent just a few of these discussion topics. On the matter of stakeholders, I have repeatedly emphasised the value of inclusive, diverse and sustained engagement, given the unique nature of ICTs and the central role played by non-governmental entities in the management of many ICT resources. Diverse stakeholders have much to contribute to this and any future process. This includes direct support to states in implementation of the normative framework as well as the provision of technical, legal and other expert advice. Partnership amongst relevant stakeholders from states to the business community to technical experts to scholars are an essential ingredient to our collective efforts in ensuring a peaceful and secure ICT environment. My hope is that all delegations will exercise maximum flexibility in finalising modalities for stakeholder engagement that provide for inclusive and sustained engagement while of course safeguarding the intergovernmental nature of the process. Mr Chair, distinguished delegates, dear colleagues, it is not often that states have the chance to put in place a mechanism of a permanent nature. We are often looking to just the next two, three or five years at a time. I am confident this unique opportunity to create something enduring for future generations will not be lost. The peace and security of the ICT environment is too important to waste it. I thank you very much for your attention and wish you a successful week.

Chair: I thank the High Representative for Disarmament Affairs for her statement. Thank you very much, Ms Nakamitsu. Distinguished delegates, please allow me now at this stage to offer some remarks in my capacity. Let’s check out this process. I want to start by making some general comments before highlighting some specific aspects of our work. First, this is a process where we have made good progress in the context of a very challenging geopolitical environment. The geopolitical context in which we began our work four years ago was very challenging and it remains challenging even as we near the end of our mandate. All of you would know that the work of the United Nations has become very challenging and multilateralism is facing a severe test. Against this backdrop, it is really important that all of us rally together in order to strengthen the United Nations and the multilateral architecture. Second, we can be proud of the good progress that we have made so far. This has been possible as a result of your commitment to this process and your demonstrations of flexibility. It is important that as we near the finish line of this five-year process, we retain that commitment and continue to demonstrate flexibility. Thirdly, as we look back at what we have achieved, we can not only take satisfaction in having built common ground, we can also be proud of the fact that we have adopted many action-oriented outcomes. This includes the operationalisation of the Global POC Directory that Ms Nakamitsu referred to earlier. And as she pointed out, we have 116 countries who have nominated Points of Contact Directory. This is a significant achievement for all of us collectively. Second, we have adopted eight voluntary global CBMs at the global level. This too is a significant achievement because we came almost from ground zero to having adopted eight voluntary global CBMs that I believe will serve as an important foundation and framework for building international understanding. Third, we also convened the inaugural Global Roundtable on ICT Security Capacity Building, which was convened last year, and we also agreed in principle to convene future Global Roundtable sessions, and that is an issue we will have to discuss in the context of our work later this week. Now with regard to norms, rules and principles, as well as international law, we continued our discussions and I think we have deepened our understanding of how international law applies to the use of ICTs. And we have also, I believe, had deeper discussions on how the existing and potential threats in the context of ICT affects all of us collectively. These, dear delegates, are the package of decisions that we have adopted over the last few years. But our work is not finished. We are close to the finish line and there is a lot of items that remain on our agenda. As we enter the final phase of this process, it is important that we sustain the spirit of consensus and the level of political commitment that has gotten us this far. Each of the achievements we have made in this process was possible only because each one of you was ready to exercise flexibility. And in the process, each one of you have also, I believe, built a level of understanding with each other in terms of your concerns and positions. Of the many outstanding issues on our table, all of them will require that we continue this spirit of flexibility. And in this context, I appeal to all of you to go beyond your stated positions and your preferred visions of how we should address the various issues. Each one of you need to go beyond your stated in order to find common ground. As we enter the final phase of our process, we need to maintain our momentum. I am optimistic. that it is possible to adopt a final progress report with consensus on the range of issues on the table. I see a narrow path of progress ahead of us. The path is not wide, but there is a path forward. And we must take this opportunity to take that collective step forward to address the range of issues. Please allow me now to go into some specific comments. On rules, norms and principles of responsible state behaviour, in paragraph 33 of the Third Annual Progress Report, we agreed to discuss and update the Voluntary Checklist of Practical Actions with a view towards reaching consensus by July 2025. It is my hope that delegations will have reflected carefully on the Voluntary Checklist as a tool and instrument to further international cooperation in the domain of ICT security. And of course, it is my hope that we can take a step forward on this specific issue. In paragraph 34, we agreed to continue discussions on possible additional norms. And we need to give careful thought as to how we will reflect our discussions on possible additional norms in the final report. On international law, we need to assess whether we are in a position to add additional layers of common understanding that we can capture in the final report. And in particular, we need to reflect carefully on how we can capture the… discussions we have had within the OEWG on various aspects related to international law, in particular international humanitarian law, and the potential of adopting legally binding obligations. On CBMs, in paragraph 33 of the Third Annual Progress Report, we agreed to exchange views on the potential development of additional CBMs. We have eight global CBMs adopted. The question is whether we need to adopt any further additional global CBMs. In this regard, I know that a working paper was recently submitted proposing an additional global CBM, and if there are additional global CBMs, what exactly would they be, and how will they add to our current list of eight CBMs to be adopted. In paragraph 47, we requested that the Secretariat develop an example of a standardized template to optimize communication by April 2025, with a view towards reaching a consensus recommendation. And once we receive the Secretariat’s proposal, we will need to consider how best we can reach consensus and include it in the final report. On capacity building, in paragraph 52 of the Third Annual Progress Report, we requested that the Secretariat prepare a proposal for the development and operationalization of the global ICT security cooperation and capacity building portal. This report was circulated earlier this month, and I hope all delegations have studied it in detail. Can we take a step forward and build consensus on the portal, in line with the proposal put forward by the Secretariat? If not, what changes need to be made or adjustments made to the proposals as presented by the Secretariat in order for us to reach consensus? This is an important issue that has been with us for some time now and it is important that we reach a consensus on this recommendation for the final report in July. In paragraph 54 of the third annual progress report, we requested that the Secretariat prepare a proposal for the development and operationalization of a voluntary fund to support the capacity building of states. This report was also circulated earlier this month by the Secretariat, and I take this opportunity to thank the Secretariat for having done all its expected reports and homework in time, in spite of the many constraints facing the Secretariat. And now the ball is in our court as Member States to make a decision, and the question arises as to whether we will be in a position to reach consensus on the idea of a voluntary fund to support the capacity building of states. On regular institutional dialogue, we had convened an informal virtual town hall meeting earlier last week, and we had a thorough discussion in that context. And we need to continue that discussion this week. In paragraph 59 of the third annual progress report, we agreed to submit recommendations in the final report on stakeholder modalities, as well as recommendations on dedicated thematic groups and other elements of the report. as required. I circulated a discussion paper dated 27 January as well as some additional guiding questions that I circulated last week, 12th of February. And we had productive discussions at our town hall meeting on the 6th of February. So it is my hope that we can also get closer to consensus on these important issues. Distinguished delegates, as you can see, we have a full range of outstanding tasks before us on which we have to reach consensus. And if we are to achieve a smooth transition to a future permanent mechanism, it is important that we reach consensus on all these outstanding issues. And in order to reach consensus, we need to start our work at this session. I therefore would like to appeal to all delegations to look at this session as the beginning of drafting the final progress report. This session is not a general debate where there is going to be a general exchange of views with your stated and preferred positions and your desired solutions. What I’d like to hear from you is how can we find compromises, how can we build consensus, what demonstrations of flexibility can each of you show in order for all of us to take a step forward. As of today, we only have four months and 24 days before the mandate of this working group expires. And there is no flexibility in terms of the timeline. At our 11th substantive session, the mandate of this Working Group will expire. On Friday, 11 July, this Working Group has to complete its work. There is no possibility of any extension, nor any possibility of further meetings beyond the 11th of July. And even if there was any possibility of further meetings, there is no availability of this Chair beyond Friday, the 11th of July. I’ve made alternative plans after the 11th of July. But while I’m here as your Chair, you will have my complete attention and devotion to this process to work closely with all of you to complete the many, many things that we need to do. Let me conclude on a note of gratitude and appreciation. I think over the last few years, this process has evolved a sense of community. And this is very gratifying to me, because like all processes at the UN, it is ultimately a community of people. Community of diplomats, experts, no doubt, but each one of you are also individuals, of course, representing your country, but individuals who have come together in this process over the last few years, who have built a certain level of understanding of each other’s positions, concerns, red lines, as well as needs to be addressed in an international context. And given the fact that the OEWG has always been itself an exercise in building confidence, I think the reservoir of… The goodwill and sense of community that has been built in this process over the last few years means something and gives me some hope that this sense of community and camaraderie among each one of you will help us take that final step towards a final progress report to be adopted by consensus in July, which in turn will allow for the creation of a permanent mechanism and ensure a smooth transition to that permanent mechanism. I echo completely what Ms Nakamitsu said, which is that it is not often at the United Nations that we have an opportunity to establish a new institution. That is almost a once-in-a-generation opportunity, a new mechanism that will serve the interests of all our nations, all our people, but it is a mechanism that we have the opportunity to create. And it is therefore important that as we create this new permanent future, permanent mechanism, that we create it in a way that maintains the levels of trust and confidence and sense of community and allows the work to continue next year in as smooth a way as possible. I believe it is possible to do so. I believe there is a narrow path of progress ahead. And I believe that all of you are committed to making that progress that is expected of us. So that is why I want to conclude this meeting with a note of gratitude and appreciation to each one of you for the work that you bring, for your commitment that you bring to your work and to this process, and for your spirit of camaraderie and community that I sense here from the podium. So, distinguished delegates, with those remarks, I complete my remarks as chair of this process. Thank you very much for your attention. Distinguished delegates, we will now consider the organization of work under agenda item three. And delegations are reminded that the group will continue to conduct its work in accordance with the decisions taken at its organizational session held on the 1st of June 2021. These decisions include the adoption of the working group’s agenda as contained in document AC-292-2021-1, an agreement that the work of the group will be conducted in accordance with the rules of procedure of the main committees of the General Assembly while acting on a consensus basis. Now I would like to draw the attention of the working group to the provisional program of work of the 10th substantive session as contained in document AC-292-2025-3. May I take it that the working group wishes to proceed in accordance with the provisional program of work of the 10th substantive session as contained in document AC-292-2025-3. Russian Federation, please.

Russian Federation: Distinguished Chairman, we support the Provisional Programme of Work. At the same time, we would like to draw your attention, as well as the attention of the United Nations Office for Disarmament Affairs

Chair: The Russian Federation â let me get my interpretation on, just one second â sorry, please begin again, if you may. Thank you.

Russian Federation: Thank you. In that case, I’ll start again from the beginning. We support the Provisional Programme of Work. At the same time, we would like to draw your attention, as well as the attention of the UN Office for Disarmament Affairs and all Member States to the following. Among the non-government entities that have applied for accreditation for this round of negotiations, there is one intergovernmental organization. The Russian Federation has not expressed objections to this application and has no reservations concerning the presence of this organization in the meetings. Still, it is quite clear that international organizations do not meet the criteria of NGOs and, in particular, they contradict the parameters approved by the General Assembly in its consensus decision 77-512. We urge all stakeholders interested in participating in the OEWG meetings to stick to the established modalities for submitting applications and call on the Chair and UNOGA to keep an eye on this issue. Thank you very much, Mr. Chairman.

Chair: Thank you very much, Russian Federation. Your delegation’s remarks are very well noted and I thank you for not raising objections to the adoption of the Programme of Work. The Programme of Work is therefore adopted. The fact that we may need to spend a fair bit of time on different issues at different times of the week, I would ask for your flexibility should there be changes that need to be made to our programme of work. I will of course do so in consultation with all of you. I would now like to address the attendance of stakeholders at this 10th substantive session. Delegates would recall that the Working Group had adopted the modalities for the participation of stakeholders in the Working Group at its third substantive session in 2022, and following the latest round of accreditation conducted ahead of this session in accordance with that decision, an updated list of non-governmental entities is contained in Document AAC.292.2025.info.1. May I take it that the Open-Ended Working Group approves the attendance of the non-governmental entities as contained in Document AAC.292.2025.info.1? I see no objection, it is so decided. Distinguished Delegates, I do want to point out to you that we have in the list of non-governmental entities that we have just adopted, we have 100 non-governmental organisations. In some ways this is a milestone for us as a process too, because when we began this process we had a number of non-governmental organisations. We have a number of non-governmental organisations. We had a big discussion on stakeholder modalities, and this is a discussion that continues, even as we come close to the finish line. The debate on modalities was very intense, and like many things at the UN, we did not arrive at a perfect solution. But imperfect as the modalities are, the fact that we have 100 non-governmental entities accredited to participate in our work at this session indicates the level of interest that stakeholders have shown. And I want to take this opportunity to thank all the stakeholders for their active participation and contribution to this process. Not only at the formal meetings, but also through the informal engagements that I’ve had with them through my own efforts in my capacity as chair of the open-ended working group. In this regard, I want to inform all members, in the interest of transparency, that I did convene an informal virtual meeting with all interested stakeholders last week, and I was very gratified with the inputs that I received from them. Once again, my thanks to the stakeholder community. So, distinguished delegates, we’ll now begin our consideration of Agenda Item 5. Yeah, so we’ll begin our discussion on substantive issues contained in Paragraph 1 of General Assembly Resolution 75-240. And the group will begin its consideration in the following order. General Assembly Resolution 75-240. And the group will begin its consideration in the following order. starting with the question of existing and potential threats. We’ll go straight away into that discussion and as I said in my opening remarks, it is really important that as delegations make their statements that we do our best to make very specific comments and avoid general statements and also I invite all delegations to keep your interventions brief. There’s no established list of speakers. Delegations are reminded to request the floor by pressing the speakers button in the conference room and we’ll give them the floor in the order of inscription as they appear in the console in front of me and if you’re speaking on behalf of a group, do let the Secretariat know. We will find a way to give you a chance to speak earlier rather than later in the discussion. So the floor is now open under agenda item 5 for general, sorry for a discussion on issues relating to existing and potential threats. Yeah, the buttons have been pressed. There’s a very long list of speakers now. So I’m not sure I can give you a coffee break this morning so we’ll jump straight into our work right from this morning and before I start giving delegations the opportunity to speak. two points of reminder. First are the guiding questions that I had circulated last December. They remain valid and I invite each one of you to look at these guiding questions and to respond to them as best as possible. Second, keep in mind that what you say this week will help to shape the drafting of the zero draft of the final progress report. And therefore, the more specific your comments are, the better it will be as guidance to me and to all of us here in terms of how we should craft and draft the zero draft of the final progress report. So this is not a general debate per se, but it is a discussion in terms of how we can find solutions to some of the most difficult issues and how do we capture them for the final progress report. So with those two caveats, I give the floor now to Nigeria, speaking on behalf of the African group to be followed by Pakistan.

African group: Thank you for giving me the floor. Mr. Chair, I wish to deliver this statement on behalf of the African group. The African group wish to express its deep appreciation to the chair for his stewardship and thank him and his team for the progress made in this process since its inception in 2021. We further wish to highlight the successful concessional adoption of the last annual progress report of the eighth section of the open-ended working group and the fruitful deliberation that took place during the ninth substantive session in December 2024. The group take note of the chair’s discussion as well as the recommendation therein as we consider the initiative as a constructive contribution him at bringing us closer to a smooth transition from the current open-ended working group to the future permanent mechanism in July 2025. At this tense section, the African group would like to highlight the following view in relation to the pillar of threat within the ICT domain. The group underscored the importance of expressing the risk and threats associated with malicious use of ICT, including attack on critical civilian infrastructure, which is a form of threats increasingly relevant to African countries. Given the valuable investment put in such infrastructure, which are allocated from a limited pool of resources. And bearing in mind the trajectory of digitalization that several African states are pursuing in support of their sustainable development aspiration. Similarly, it is our view that there are other equally important and relevant threat and risk that target our nation, which should be addressed on an equal footing. This include, but it is not limited to, targeting supply chains, business email compromise, widespread misinformation and disinformation campaign, including deepfake, particularly targeting state institution and designed to influence public opinion and destabilize governance during phase of post-conflict recovery and political crisis. Ransom attack, cyber attack, disrupting workflow in state institution or regional organizations. We wish to reiterate that this type and form of threat emanating from cyberspace. are not only harmful by definition, but also impair the ability of African states to pursue their developmental path, compromising the credibility and functionality of state institutions, reducing public confidence and trust, as well as general safety and society harmony. We therefore reiterate our call for more in-depth discussion on this form of trade in our deliberation as well as in future mechanism. Mr. Chair, allow me to state that as we proceed in this ongoing process, African group will continue to intervene all other pillars as we proceed. Thank you so much. And your Excellency, I would like to also encourage the indigenous, having read the African group statement, I would like my colleague to take the floor to read my statement in our national capacity. Thank you so much.

Nigeria: Mr. Chair, allow me on behalf of my delegation to express gratitude to you and your team for your tireless commitment in coordinating the overall goal of the open-ended working group since its inception. Nigeria also salutes all member states for their dedication to the laudable feats achieved from the commencement of this discussion in December 2021 to date. The remarkable journey has been daunting, but the consensus on the first, second, third annual reports indeed demonstrates the efficacy of multilateralism amidst our divergent view. It’s our hope that the action-oriented mechanism under the United Nations would promote the responsibilities of ICT to instill sanity, reduce its potential threats to national and international security. Nigeria aligns itself with the African group statement on all thematic issues and believe that convergence will be reached on our overarching goal of safeguiding the cyberspace. and establishing the modalities of a future permanence mechanism during this pre-ultimate session. Chair, Nigeria associates technology to a double-edged sword, with gigantic benefits and escalating threats, which could be escalatory if left unchecked. The proliferation of cyber threats is more unnerving. In view of the rapid development of modern technologies, it makes it more difficult for developing countries to catch up with their dynamics. It has emboldened malicious actors, making them more audacious in their criminal activities. And the cyberspace is more susceptible to their nefarious acts. To forestall the vulnerabilities of the cyberspace, Nigeria believes a comprehensive international framework on harmonizing existing and potential cyber threats through collaboration among state computer emergency response teams is essential. The collaborative framework would include strategic planning in anticipation of attacks to aid the reduction and mitigation of future attacks. This will require constant observation of new technological intruder activities and related trends to help identify future threats. An intrusion detection system could be installed in the systems of critical infrastructure and critical information infrastructure to detect suspicious activities. Vulnerability assessments and penetration testing are equally crucial to aid early detection of intruders. The implementation of the above suggestions would require capacity building for set personnel in developing countries to enable early detection of vulnerability in order to deploy preventive tactics to safeguard the information systems of their CI and CII. Such capacity building under the auspices of an international framework will go in the long term reduce the technological dependency gap between countries of the northern and southern hemisphere. Other threats of widespread misinformation and deliberate disinformation against government policies or institutions. including election interference, designed to influence public opinion should be nipped in the bud through circulation of facts conjuring disastered information. This is not to limit freedom of expression, but to prevent the propaganda of discord in any given society. As a nation, Nigeria is committed to secure cyberspace against the destructive impacts of these emerging technologies, particularly as regard possible implications for our socioeconomic development. We believe the threat of destructive technologies and innovation require a government-led approach, public-private partnership, and coordinated effort from all stakeholders at all level. The collaboration among relevant stakeholders at national, regional, and international levels will reinforce knowledge sharing and technical assistance, and will further enhance both diplomatic and technical points of contact with relevant expertise in performance of the assigned text. Nigeria will continue to work with our development partners to enhance the sustenance of an open, secure, stable, accessible, and peaceful use of the cyberspace, which protects basic human rights and fundamental freedom of individuals and people. Finally, Mr. Chair, Nigeria recommended development of indigenous technology among emerging economies to reinforce local knowledge in protecting their cyber domain against malicious activities. I thank you all for your kind attention.

Chair: Thank you. Thank you, Nigeria. Pakistan, to be followed by Bosnia and Herzegovina.

Pakistan: Mr. Chair, let me begin by expressing Pakistan’s profound appreciation for the unwavering dedication and patience exhibited by you and your team in steering the work of this OEWG since its inception. I would like to acknowledge Member States’ commitment so far on developing common understanding of existing… and potential threats posed by ICTs and the resultant impact on global and regional stability. It is, however, disheartening to observe that despite this shared comprehension, global cyberspace is gradually transforming into an arena of conflict. The rapid advancements in new and emerging technologies, which should be implied for the collective betterment of humanity, are increasingly being used for destructive purposes. This concerning trend is particularly evident in the realm of artificial intelligence and its unregulated military application for the design and development of modern cyber weapons. While AI offers immense potential for societal advancement, its destructive use in cyberspace is increasing, with malicious sectors leveraging AI for sophisticated cyber attacks. This dual nature necessitates international cooperation to develop ethical guidelines and governance frameworks, ensuring that AI serves as a tool for progress rather than destruction. Pakistan believes collective action is crucial to mitigate risks and harness the benefits of emerging technologies for global cybersecurity. Chair, this troubling trend underscores the urgent need for continued dialogue and cooperation among member states to address the evolving challenge in the digital realm. One of the most pressing concerns in this domain is the increasing sophistication of cyberattacks targeting critical infrastructure, systems providing essential services. These malicious activities pose significant risks to national security, economic stability and public safety. Furthermore, the proliferation of ransomware attacks and the malicious use of commercially available ICT intrusion capabilities continue to threaten organizations and individuals alike. Pakistan, like many nations, faces these cyber security challenges. We are actively working to enhance our national cyber resilience while contributing to global efforts to combat cyber threats. We are confronting evolving threats originating from cyberspace and launched by both state and non-state actors, such as critical infrastructure attacks, distributed denial-of-service attacks, AI-driven cyberattacks, ransomware, financial fraud, data breaches, identity theft, cyber espionage, hacking, and you name anyone. Pakistan is also grappling with the growing menace of fake news and disinformation. We believe that if left unaddressed, these insidious forms of digital manipulation could have severe repercussions for both regional and global stability. Such activities have the potential to undermine social cohesion and erode trust in institutions, posing a significant challenge to peace and security. To effectively counter these challenges posed by unregulated cyberspace, Pakistan is continuously investing in the revamping of its national cyber regime to make its cyber defence more resilient. At the same time, we call for a global framework to ensure the employment of ICTs in a responsible manner. As we approach July 2025, when this group will be concluding its work, we look forward to the adoption of a final report encapsulating the concerns of all Member States in a comprehensive manner. We believe that this report should reflect the collective wisdom and shared experiences of the international community in addressing the multifaceted challenges posed by ICTs in the context of international security. Let us remind ourselves the importance of this unique OEWG, the only multilateral and inclusive forum to substantively discuss and take action on ICTs in the context of international security. I thank you, Chair.

Chair: Thank you, Pakistan, for your contribution. Bosnia and Herzegovina to be followed by the European Union.

Bosnia and Herzegovina: Thank you, Mr. Chair. At the outset, I would like to thank you, Mr. Chair, and your team, as well as the Secretariat, for the efforts invested in preparing this session. It is a great pleasure to participate again in the work of the OEWG. In this regard, I wish to thank the Government of the Kingdom of Netherlands for supporting the continuation of participation of Bosnia and Herzegovina’s representative in the Women in International Security and Cyberspace Fellowship. I also wish to thank the GFCE for the facilitation of the participation. As Bosnia-Herzegovina pursues regional cooperation, promote Euro-Atlantic integration, and tackle evolving security challenges, including hybrid and cyber threats, it is essential to strengthen our resilience, enhance cooperation with regional and international partners, and foster institutional preparedness. I wish to emphasize that Bosnia-Herzegovina has just adopted a new law on the personal data protection, aiming at aligning with the EU General Data Protection Regulation and the EU Directive on the Protection of Natural Persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection, or prosecution of criminal offenses, or the execution of criminal penalties, and on the free movement of such data. Enhancing defense and reducing vulnerabilities is essential, especially given the ongoing digitalization and rapid advancement of the AI. The cybersecurity of critical infrastructure is crucial. Safeguarding essential systems and assets that are vital to the functioning of society and the economy is a priority. Also building resilience through strategic communication and fostering a well-informed public discourse is highly important. Raising public awareness and further promoting the role of cyber diplomacy should also be emphasized. Through a comprehensive approach, we can protect our societies, uphold democratic values, and ensure lasting stability. Having in mind the importance of strengthening resilience and protecting critical infrastructure, Mr. Herzegovina strongly supports the proposal of including in the Future Permanent Mechanism a dedicated thematic group on enhancing cyber resilience and protecting critical infrastructure. Thank you.

Chair: Thank you very much, Bosnia and Herzegovina. European Union, to be followed by China.

European Union: Thank you, Chair. I’m honoured to speak on behalf of the EU and its member states, as well as also the Canada countries, North Macedonia, Montenegro, Albania, Ukraine, the Republic of Moldova, Bosnia and Herzegovina, the EFTA country, Norway, a member of the European Economic Area, as well as San Marino, aligned themselves with this statement. Chair, let me first start by expressing my gratitude for your efforts, commitment and your guidance throughout these important and yet at the same time quite challenging discussions. I also want to extend my gratitude to your team for their hard work in preparing this session. We are encouraged by the progress made in recognizing the broad scope of cyber threats that we all have faced over recent years, particularly the paragraphs in previous annual progress reports expressing concern about the rise in malicious cyber activities against critical infrastructure, such as healthcare, financial and energy sectors, as well as international humanitarian organizations. Furthermore, we continue to stress concern about the use of malicious software, especially ransomware, and the expanding market for commercial intrusion capabilities for the increase of cryptocurrency as well as intellectual property theft. We see cyber threats continuing to target our societies, our economies and our democracies. Regrettably, we also continue witnessing incidents that have actually significant impacts, not only as part of Russia’s continued aggression against Ukraine, but also incidents that directly target the EU and its member states. For instance, in early January 2025, the offices of the Slovakian Land Registry were targeted by a suspected ransomware attack. As a result, its activities were suspended nationwide, having a direct impact on other sectors such as banking, construction, and agriculture. This case serves as a clear and current example of the profound effects a cyberattack can have on our societies and economies, causing disruptions in essential services and directly affecting citizens. Given these consequences, we continue to support strong references to ransomware in the Open-Ended Working Group reports. Also in recent years, the healthcare sector has become a prime target for ransomware actors due to the vast amount of sensitive patient data and the criticality of its operations. In response, the EU has been taking concrete steps to strengthen the protection of the health sector. In December 2024, we published an EU Action Plan to protect the health sector from cyberattacks. We are enhancing cyber threat detection, reinforcing crisis preparedness, and fostering close cooperation. In line with the UN Framework for Responsible State Behaviour, and particularly Norm 13c, all states should work to keep their territory from being used for malicious cyber activities, and to respond to appropriate requests in accordance with their capacities to mitigate such threats. And as EU member states and the EU, we continue to support strengthening cyber resilience with our partners, working together to implement the UN Framework and ensuring international security and stability. At the same time, we also feel that we should work together as an international community to enhance global accountability. Together we should ensure that states do not conduct malicious cyber activity, particularly as their behaviour affects the security, stability, and economic prosperity of all of us. For instance, to ensure accountability following the breaches of the UN Framework of Responsible State Behaviour, the EU has listed three Russian officials of the General Staff of the Armed Forces of the Russian Federation. the GRU Unit 29155, responsible for a series of malicious cyber activities carried out against the Republic of Estonia in 2020. These activities granted Russian attackers unauthorized access to non-public information and censored-out data stored within several government ministries, leading to the theft of thousands of confidential documents. We will continue to raise awareness about cyber threats, including through threat advisories such as by the EU Cyber Security Agency and the search for the institution’s bodies and agencies on particular advanced persistent threats that continue to conduct malicious cyber activities against businesses and governments in the EU, and likely also target governments around the world. Unfortunately, we continue to see states, as well as known non-state actors, to conduct malicious cyber activity targeting our critical infrastructure and attempting to sow distrust and destabilize our societies and economies. We also continue to observe non-state actors engaging in offensive actions using ICTs in the context of an armed conflict. The direct or indirect tolerance or even incentivization of such actors increases the threats of attacks on third-parties, as well as the risk of uncontrolled spillover effects. Furthermore, several recent undersea cable incidents in the Baltic Sea underline the importance and urgency of addressing the physical safety of critical cyber infrastructure. We should continue to work together to explore how we might counter cyber threats and strengthen the resilience of our critical infrastructure and essential services, including by identifying best practices, concrete actions, and capacity-building activities. A dedicated thematic group on enhancing cyber resilience and protecting our critical infrastructure under the Future Permanent Mechanism, the POA, could help us to do so. Such group could continue to develop a better common understanding of cyber threats. It could identify measures to promote international security and stability in cyberspace, and help to protect our citizens against such threats. For example, a group on resilience could study and identify threats, as well as actions, to protect critical infrastructure. Those actions are derived from international law and norms, as well as CBNs, and can help us to concretely identify and address capacity-building needs in this area. For instance, by building computer emergency response teams, or developing legislative and policy frameworks. Bringing all of the pillars together to address particular threats, and to protect our critical infrastructure, would allow us to implement the UN Framework for Responsible State Behavior coherently, as well as identify potential gaps, including in international law, when necessary. Chair, the EU and its member states will continue to cooperate with our international partners to promote an open, free, stable, and secure cyberspace. And in this effort, we continue to promote an action-oriented, cross-cutting approach by addressing concrete threats and challenges that states face in maintaining international security, such as enhancing resilience and effectively responding to threats. Thank you very much.

Chair: Thank you, European Union. China, to be followed by El Salvador.

China: Thank you, Chair. First of all, China would like to thank the Chairman for his efforts in convening this meeting. China will, as always, support the work of the OEWG and the Chairman, play a constructive role in promoting positive progress in the 10th session of the Working Group. This year marks the 80th anniversary of the founding of the UN and the closing year of the OEWG. As the Chairman said in his opening remark, The President The President The President The President The President intelligence and AI intelligence are consistent with each other. So I believe that based on those two things, two key words, we can also work together based on this to promote success of the meeting of July. On the existing and potential threats, China believes that the following elements should be reflected in the final report. First, global cyberspace faces the risk of fragmentation and confrontation. For some time now, some countries have been generalizing the concept of national security, politicizing cybersecurity and ICT technology, and expanding their containment and suppression of specific countries from individual enterprises and sectors to the entire digital ecosystem, which has artificially fragmented the global digital market and undermined the integrity of its supply chain and seriously jeopardized global development and cooperation. Maintaining openness and cooperation in cyberspace and opposing division and confrontation in cyberspace is in line with the common aspirations of a vast majority of countries. The final report of the working group should fully and clearly state its attitude in this regard so as to make a strong statement on the maintenance of an open, fair, and non-discriminatory global cyber and digital space environment. Second, the risk of interstate cyber friction and cyber conflict continues to rise. A certain country has pursued the concept and strategy of cyber deterrence and attack, introduced cyber military alliances, developed offensive cyber military forces, and openly declared that the critical infrastructure of other countries will be the legitimate targets of cyber attacks, thus increasing the risk. Those negative measures increase the risk of inter-country cyber friction and conflict. In the statement just now, in the statements made just now, I heard a common concern for many countries, which is the concern about the attacks on the critical infrastructures, cyberspace infrastructures. Against this backdrop, this certain country really stands out. And against this backdrop, maintaining peace and security in cyberspace and post-cybercrises are of great relevance. And therefore, we recommend that this should be emphasized. We should emphasize the maintenance of peace in cyberspace. In addition, last year’s annual report reached an important consensus on the malicious use and proliferation of cyberweapons and cyberintrusion technologies by state actors, which should be reaffirmed in the final report. Third, in recent years, out of narrow geopolitical purposes, a country concerned has continued to disseminate the false information of cyber on cyber trafficking against its big countries, which has seriously undermined mutual trust among countries and affected discussions on the UN information security process. Since last year, China’s cybersecurity agencies have issued a series of reports on the so-called typhoon fault, exposing the so-called typhoon fault, which has been repeatedly referred by the countries concerned as an international ransom organization. And thus, we hope that the final report will reiterate that traceability is a complex process and should take into account a range of factors and be supported by solid factual evidence before determining the source of the ICT incident. And we also hope that the final report will include that all parties are deeply concerned about the dissemination of false information on cyber traceability. which will undermine mutual trust between states and create confrontation between states. Fourth, in 2024, the Pager explosion in Lebanon highlighted the issue of ICT supply chain security. While many of the technical details remain to be further researched, such incidents that link cyber attacks and physical attacks to create harm indiscriminately really break down the barrier between cyberspace and physical space. Any end point that can get access to the internet can be a vector for a cyber attack. Therefore, we hope that the final report should emphasize the need to maintain the open security and stability of the global ICT supply chain. And it should be put in the report that enterprise supply information technology products and services should not set up backdoors in their products and services to illegally obtain user data, control, or manipulate user systems and equipment. Fourth, fifth, AI and other new technologies continue to grow explosively, increasing the diversity and convergence of cybersecurity threats. Not long ago, China’s DeepSeek AI model received a high degree of attention for its open source, low cost, and high performance. At the same time, some countries have banned DeepSeek on the grounds of so-called data security and personal privacy without objective evidence, further highlighting the urgency of the working group and the future permanent mechanism for discussing the data security issues, and also reflecting the farsight of China’s previous proposal for global data security initiative, and as well as a necessity. Thus, China suggests the final report should include principles such as taking a comprehensive view of data security based on facts, giving equal importance to development of security, and at the same time, taking into account the practical needs and hold in-depth discussions on core principles such as not requiring domestic enterprises to store data generated outside the country and not directly retrieving that data from enterprise individuals located in other countries. So as to explore solutions to the issue of data security in the era of artificial intelligence. Thank you, Chair.

Chair: Thank you very much, China, for your contribution. El Salvador to be followed by the United States.

El Salvador: Thank you, Chairman. In line with the opening words, El Salvador hopes to provide comments to all the different sections for them to be reflected in the final report to the group. My country reaffirms the importance of discussing real and potential threats in information security in relation to the annual progress report. We hope we want to bring to your consideration and to the consideration of other member states some recent developments and their implications for international peace and security with a view to these being reflected in the report of the open-ended working group. In previous sessions, we have addressed recent progress in artificial intelligence and in other emerging technology, as well as their possible implications. for information technology, ICT security. When it comes to artificial intelligence, we’ve underscored risks related to generative artificial intelligence that don’t only interpret data, but also generate content. Malicious cyber actors have included this technology in their activities by way of advanced social engineering techniques and accelerated use of malware. Unlike traditional malware, that generated by artificial intelligence combines automated codes with human supervision, facilitating it being able to be adapted for malicious uses and for it to be included in command and control networks. In order to mitigate these risks, we have proposed strengthening cybersecurity by way of multi-factor authentication, updating software, using strong passwords, monitoring networks and adopting advanced approach like zero trust provisions and measures in networks. It’s also fundamental to underscore the role of data in the artificial intelligence realm. The effectiveness of these systems depends on the quality and the security of the data used in training and operating them. Therefore, we urge the annual reports to reflect the importance of safe and transparent data management throughout the whole life cycle with practices that protect privacy. And this is particularly relevant for generative artificial intelligence models like CHAT, GPT or DeepSeek and is increasingly important when it comes to the development of agent artificial intelligence that amplify… decision-making and autonomous actions, posing new challenges that must be addressed in the future of the permanent mechanism. When it comes to emerging technology, we want to focus specifically on quantum computing and its impact on cryptographic standards. The increase in cloud computing has transformed data processing, and while the cryptographic methods traditional ones remain effective today, there is a risk that they might become vulnerable to quantum computing attacks in the future. Therefore, we believe that it’s essential that the report includes a reference to the development of cryptographic standards that are resistant in the quantum era. This will enable us to lay the technical foundations for the next generation in order to mitigate the effects that we’ll see from the evolution of quantum computing. It’s also important to mention that transition towards quantum cryptography will see significant investments, both private and public, and will see progress in its implementation, and that’s why it’s essential for states to have skills in this area. Thank you.

Chair: Thank you, El Salvador, for your contribution. United States to be followed by Portugal.

United States: Thank you, Chair. While the OEWD continues to make substantive progress in its discussion of cyber threats, the United States of America remains concerned by threats perpetrated by or condoned by some states. First among the threats I would like to raise today is state activity targeting our critical infrastructure. In November… 2024, the U.S. government confirmed that cyber actors affiliated with China extensively compromised the telecommunications network of the United States. This broad and significant intrusion into our telecommunications networks, one of our 16 declared critical infrastructure sectors, is unacceptable. The scope and scale of this compromise and indiscriminate nature of the activity makes it a threat to the American people, our national security, and our economic prosperity. President Trump has been crystal clear. The United States will not tolerate any unreasonable behavior from China, especially anything that undermines our national security. We note with concern that we are likely not the only country with telecommunications infrastructure targeted by China. Further, this behavior is part of a larger pattern of malicious cyber activity perpetrated by China. We condemn China’s wide-scale prepositioning on the operational networks of critical infrastructure systems in the United States and around the world. This prepositioning is designed to allow China’s malicious cyber actors to launch disruptive or disruptive cyber attacks, including in the event of a major crisis or conflict. We assess that if Beijing believed that a major conflict with the United States were imminent, it would consider aggressive cyber operations against American and global critical infrastructure and military assets such as gas pipelines, telecommunication systems, and transportation systems. Such a strike would endanger the American people and civilians around the world and would be designed to do so. Their aim is to use harm against civilians. by depriving them of critical infrastructure services to deter U.S. action, induce societal panic, and interfere with governmental decision-making. The scope and scale of these incidents should be of concern to all states, given their potential impact on international peace and security, in particular the targeting of civilians and T-Bellum to influence the course of conflict. In December 2024, the U.S. government highlighted additional information about malicious activity perpetrated by an Iranian cyber actor, cyber avengers, that compromised additional Unitronics version types, including older PLC models and industrial control systems, which are used to control and monitor critical infrastructure. The Iranian, this Iranian threat activity is part of a wider campaign against Israel and Israel-made technology, and has previously impacted American critical infrastructure in the water and wastewater sectors, posing a serious threat to our prosperity and security. Finally, Chair, we note that the 2024 OEWG Annual Progress Report highlighted that ransomware attacks in particular can pose a threat to international peace and security. This threat is greatly exacerbated by states who refuse to take action against known ransomware cyber criminals operating within their territories. The United States raised this ransomware threat and the specific challenges it poses to the American healthcare sector in a recent meeting of the Security Council. We continue to see these disturbing campaigns occur. As recently as the end of January, healthcare facilities in Maryland were disrupted by ransomware. We call on all states to abide by the framework. including Norm 13C, which calls on states to avoid knowingly allowing their territory to be used for internationally wrongful acts. Chair, this ongoing cyber threat activity demonstrates the urgent need to establish the program of action as a permanent but flexible platform for states to discuss and address these threats. Thank you.

Chair: Thank the United States for the statement. I give the floor now to Portugal, to be followed by Mexico.

Portugal: Mr. Chair, Portugal fully aligns with your statement, but would like to add a few brief considerations on the threat environment as seen from our national experience. Since my last intervention in this forum last year, the threat landscape has largely remained unchanged, though certain trends have become increasingly concerning. Notably, there is mounting evidence that hacktivist groups are intensifying their focus on national infrastructure with the potential to disrupt essential services. I wish to take this opportunity to highlight the escalating threat posed by these actors. In terms of their methodologies, we are observing a clear and growing preference for distributed denial-of-service attacks with a primary focus on institutional websites. However, we must not overlook the evolving tactics of these groups, which now demonstrate a keen interest in targeting more sophisticated and vulnerable components of critical infrastructure. Specifically, there is a rising threat to supervisory control and data acquisition SCADA systems and other security management frameworks that are integral to the functioning of essential services. Given the critical nature of these systems, a successful breach could result in devastating and far-reaching consequences. In Portugal, for instance, past attacks have specifically targeted the health sector, directly jeopardizing lives and compromising public safety. Attacks targeting energy systems or transportation have proved to include capabilities to remotely control operations, including supply and internal management of processes. Motivated by both media attention and ideological agendas, these actors tend to operate opportunistically, often in ways that are difficult to anticipate, making their actions all the more perilous and unpredictable. Mr. Chair, this forum underscores the need to protect our critical infrastructure, which is a cornerstone of national security, economic stability and societal well-being. The discussions in the current Open-Ended Working Group, under your highly able chairmanship, have significantly contributed to advancing the global conversation on an agreed framework for responsible state behavior in cyberspace, laying the groundwork for effective strategies to safeguard the systems that underpin essential services. At the same time, we must now recognize that the growing sophistication of activist groups presents unexpected challenges. These challenges are a strong example of the ones which the Future Permanent Mechanism should address in an action-oriented cross-cutting context with a view to the widest possible adoption of effective measures to strengthen critical infrastructure resilience. Thank you, Mr Chair.

Mexico: Thank you very much, Chairman. My country recognises the importance of strengthening the resilience of our ICT ecosystems and of critical infrastructure vis-Ã -vis cyber threats. In this context, we appreciate the joint efforts under the framework of responsible behaviour that we’ve adopted, and we underscore the need for one of the future thematic groups of the regular institutional dialogue mechanism to develop coordinated strategies that include all key stakeholders. These include experts, critical infrastructure operators and the community that operates them. It’s crucial to make headway in harmonising cyber security standards to enable us to protect in an interoperable way critical infrastructure between different jurisdictions. In this regard, Mexico sees a valuable opportunity in the Future Mechanism to foster cooperation between the different stakeholders involved, ensuring that security measures cover not only critical infrastructure operators but also their providers and the whole digital supply chain. thus adopting a principle of shared responsibility. The implementation of these standards must be based on comprehensive risk assessments that would cover both common cyber threats as well as those that are specific to different regional and national contexts. Chairman, Mexico underscores the importance of promoting effective information exchange mechanisms on threats and incidents. This exchange must be facilitated between states through the Global Points of Contact Directory as well as with the private sector and the operating community and academia. Finally, we reiterate the need for comprehensive international cooperation that covers emerging threats considering the close nexus between infrastructure, response capacity and risk management. It is also important to foster collaboration between the public and private sector with a shared responsibility approach. This is something that we have underscored on different occasions. Thank you very much.

Chair: I thank Mexico for the statement. Uruguay to be followed by the Kingdom of the Netherlands.

Uruguay: A very good morning, Chairman. Thank you very much for this opportunity to take the floor. For my delegation, it’s an honor to be here at the opening of this 10th substantive session. We appreciate your leadership and your stewardship when it comes to dealing with the challenges we face. We’re looking forward to the conclusion of this important working group. We wish you every success over the next few days and we reaffirm the commitment of my delegation to the effective… fulfillment of the mandate. As we have constantly expressed at this forum, we are committed to regulating cyberspace and it is linked to international security. In this regard, the development of ICT capacities for military purposes, as well as the use of these in future conflicts between states, is looking more and more probable. There’s also incidents of misuse of ICTs by state and non-state actors, including terrorist groups and crime groups. This is a very concerning trend. In Uruguay, in 2024, the number of cybersecurity incidents saw a 65% increase on 2023. The increase in ill-intentioned activities is concerning related to ICTs that affect critical infrastructure and critical information infrastructure, such as in the healthcare sector, maritime shipping, energy, and others, as well as the media. The facility with which state and non-state actors are able to acquire information access and the fact that they’re open use, this makes them more open to misuse and this is also a matter of the utmost concern. Similarly, in the light of the growing use of data for new technology and the growing amount of new technology, it’s crucially important to protect data. Progress made at this forum has been significant and it’s enabled us to boost relationships between cybersecurity experts, both in terms of diplomacy and specialised agencies in different regions, facilitating access to information and capacity building. We do need to make progress to fulfill our mandate and that’s why we underscore to states the need for flexibility for us to cooperate on the future permanent mechanism so that it’s comprehensive, cross-cutting and focused on policy. Uruguay will continue to advocate for an efficient, regular, permanent mechanism to boost capacities and to ensure international governance of cyberspace, and also we will promote the participation of private and non-state actors while preserving the intergovernmental nature of this process. Chair, boosting capacities is important for trust and confidence building measures and is important for all of the pillars of this group. The technology gap and the lack of financial resources underscore the need for capacity building for ICTs to be a fundamental pillar of our debates. Similarly, it’s key to improve the detection and analysis of threats as well as to strengthen the automated response to threats. That’s why we support international cooperation mechanisms geared towards increasing cyber resilience by way of transfer of knowledge, best practices, lessons learnt and technology. We recognise the fundamental role that the United Nations plays in the promotion of confidence building measures and their implementation globally. We also particularly value the onboarding of regional and sub-regional organisations that are making colossal efforts to boost confidence building measures and to bring specific priorities. Chair, we conclude by saying that you count on the full support of our delegation to make progress in these debates and the substantive debates until the end of the mandate in 2025. Thank you very much.

Kingdom of the Netherlands: would like to make the following remarks in a national capacity. As this is the first time our delegation is taking the floor, we want to express our appreciation to you and your team for your continued leadership and guidance towards the final session of the Open End Working Group. Chair, in the past years, the Open End Working Group made substantial progress in acknowledging existing and emerging threats, as well as their implications for international peace and security. In particular, the Netherlands welcomes the paragraphs in the second and third annual progress report on malicious ICT activity targeting international humanitarian organizations and amnesty cables, and specifically also the notion that malicious ICT activities could affect the technical infrastructure essential to the availability and integrity of the internet. Furthermore, the Netherlands welcomes the acknowledgement that ICTs have already been used in conflicts across various regions. Chair, the Netherlands would specifically like to recall the paragraph in the third annual progress report mentioning the concern of ransomware attacks. In recent years, ransomware incidents have had such widespread impact that they pose a threat to international security, as was also mentioned by other delegations. The Netherlands underlines the severe human, societal, and security consequences of ransomware attacks, and sees room to further strengthen this focus in the final annual progress report. Moreover, the Netherlands, together with Ghana and Global Partners Digital, organized a side event on March of the Open End Working Group session in December on addressing the human impact of cyber incidents, with a specific focus on ransomware. This discussion underscored that ransomware attacks can affect different groups in society in distinct ways, particularly also in relation to gender. We believe that a human-centric approach to cyber threats like ransomware allows us to better understand and mitigate their differentiated impacts. Chair, cyber incidents do not occur in isolation. The Netherlands has increasingly observed ICTs being used as part of broader hybrid campaigns. These campaigns are often aimed at destabilizing societies, weakening institutions, and undermining democratic resilience. In particular, we are increasingly concerned about these campaigns being used to interfere and undermine electoral processes, as stated in the Second Annual Progress Report. This underscores the critical importance of fully implementing and adhering to the UN Framework for Responsible State Behaviour. Our collective commitment to the framework remains fundamental to addressing existing and potential ICT-related threats to international security. In conclusion, the Netherlands believes that in the future permanent mechanism, it would be key to discuss cyber threats in a cross-cutting and action-oriented manner, fostering deeper dialogue on threats within the thematic working groups between state and relevant stakeholders, assessing threats against the framework, and identifying which capacities are needed to counter these threats. We believe this could provide a strong foundation for a future mechanism to mitigate the cyber challenges of today and tomorrow. I thank you, Chair.

Cuba: Thank you, Chairman. The Open-Ended Working Group has shown an increase in its value. It has achieved concrete results with the consent of all states. This purpose needs to be maintained as we look forward to the final session. Only a result that stems from a joint exercise will contribute to its global application. While cyber threats that undermine the sovereignty of states and that interfere directly in their internal affairs are not a new thing, they are becoming more common and complex thanks to the staggering progress in technology. For example, the growing use of artificial intelligence in sophisticated cyber attacks could put at risk the functioning of critical infrastructure and of society in general. We therefore believe that it is more and more urgent to reject the use of ICT as a pretext for war and interventionism. At the same time, it is necessary to expressly oppose the use of ICTs and digital platforms for disinformation campaigns and campaigns of political manipulation. We must protect our nations against the notion that defends the use of force as a legitimate response to a cyber attack. To do this, we must establish as a legal obligation the exclusively peaceful use of ICTs in order to prioritize their use for social and economic development. Further, the militarization of cyberspace and offensive cyber operations must be prohibited. As we move forward towards the drafting of the final report, we underscore how important it is for this document to expressly reflect these things as principles, collective principles or commitments. It is the duty of all states to ensure that cyberspace does not become a battlefield but rather that it is preserved as a resource for the common good. Additionally, among the cooperation measures to overcome threats, the final report of the Open Ended Working Group could also include the aspiration of States to work together to establish a common terminology for the identification and response to cyber incidents. This is something that would facilitate exchange, mutual understanding and cooperation. Another critical aspect that requires our attention is the significant technological gap that developing countries face. This is something that limits their capacities to deal with current and potential threats. It’s essential that the final report of the Open Ended Working Group establish commitments that contribute to reducing this gap by providing technical assistance and also technology transfer and equipment to developing countries. These things would enable them to strengthen security in the use of ICTs. These initiatives must be coupled with a firm commitment to remove unilateral coercive measures, UCMs, that are a stumbling block to the countries that they are applied to and prevent them from creating a safe and secure cyber environment. Chair, the above-mentioned actions can contribute to a more secure and safe use of ICTs. However, we do insist on our view that the most effective way of identifying and addressing in a comprehensive way these cyber threats lies in the adoption of an international legally binding instrument that would establish clear obligations for all States. We must move towards this aspiration. Thank you very much.

Chair: I thank Cuba for the statement. I give the floor now to Mauritius, to be followed by Malaysia.

Mauritius: Distinguished Chair and colleagues, On behalf of the Republic of Mauritius, I would like to begin by expressing my sincere gratitude to our esteemed Chair for his tireless dedication and exceptional leadership over the past years. I would also like to thank the Chair’s team and the ODA for their hard work and unwavering commitment that have been instrumental in shaping this open-ended working group into what it represents today. I cannot move forward without acknowledging the generous support of the UK FCDO and the GFCE for allowing us, Women in Cyber Fellows, to participate in such vital discussions at international level. I do appreciate the opportunity to address the working group on the high-priority concern of existing and potential threats. At this juncture, we face a range of persistent cyber threats that impact both developed and developing nations, albeit with varying degrees of severity. While existing threats remain a serious matter, we must also anticipate and prepare for future challenges. Just as medicines treat illnesses yet come with inevitable side effects, artificial intelligence fortifies cyber security while simultaneously introducing novel risks. Malicious actors can leverage AI for automated phishing attacks, deepfake-based disinformation campaigns, and advanced cyberattacks capable of bypassing traditional security defenses. The rapid development of AI technologies requires urgent international discussions on governance, accountability, and security. Further, advances in quantum computing have the potential to break current encryption standards, posing a major threat to global cybersecurity. While practical quantum computing is still in development, governments and organizations must proactively work on post-quantum cryptographic solutions to safeguard sensitive data. One cannot overlook the fact that the increasing dependence on digital supply chains exposes nations to new vulnerabilities. Attacks targeting software vendors, cloud service providers, and hardware manufacturers can have widespread consequences affecting multiple industries and governments. Notably, the rise of 5G networks and the Internet of Things introduces new security risks that must be addressed through collaborative regulatory measures. Chair, with reference to your set of guiding questions, in order to address these threats, we must first and foremost commit to upholding the 11 agreed-upon norms of responsible behavior in cyberspace, including refraining from attacks on critical infrastructure and respecting the sovereignty of digital domains. It is an irrefutable reality that developing nations require technical assistance, funding, and training in order to build resilient cybersecurity frameworks. Thus, it is crucial that international cooperation prioritises closing the cyber security gap. Moreover, states that haven’t already done so could begin to work towards strengthening mechanisms for sharing cyber threat intelligence between governments, international organisations and the private sector to enhance global cyber resilience. As AI, quantum computing and IoT evolve, the international community must work together to establish regulatory guidelines that ensure security and ethical use. Coupled with that, governments, industry leaders, civil society and academia must work collaboratively to create inclusive and sustainable cyber security strategies that reflect the needs of all states. Before ending, please allow me to highlight that Mauritius has put forward a working paper on the creation of a working group for mitigating emerging cyber threats. The responsibilities outlined in this paper could serve as a reference for finalising the work of the Future Permanent Mechanisms dedicated thematic group on enhancing cooperation in the management of ICT-related incidents, including through confidence-building measures. I thank you very much for your attention, Chair.

Chair: Thank you, Mauritius, for your statement. Malaysia to be followed by the United Kingdom.

Malaysia: Mr Chair, I would like to begin by expressing my delegation’s appreciation to you for convening this substantive session and for your dedicated efforts since the start of the OEWG’s mandate. We also extend our thanks to the Secretary-General. for all the preparatory work for this meeting. With just one more substantive meeting this July, we are now at a critical juncture. We must approach our discussions in the spirits of consensus, focusing our efforts on the agreed-upon elements in the first, second and third APRs. At the same time, it is essential that we find common ground on pending matters so that they can be seamlessly integrated into the future permanent mechanism. Throughout this process, we must not lose sight of our overarching goals to advance collective understanding and implementation of the framework of responsible states’ behaviour. Mr Chair, building on the risk discussions on this agenda item, Malaysia would like to reiterate the importance of tackling prevailing challenges through risk-based approaches. Off-the-shelf devices that connect to networks are vulnerable in their default state. Security baselining enables the hardening of these devices and secure enrollment of these devices onto the network, significantly reducing the level of risk. A comprehensive risk-based approach also helps us accurately measure and increase visibility of the threats while reducing the breadth of the attack surface. It is therefore vital that security and privacy by design are embedded into technologies from the earlier stages of development, mainstreaming these principles as prerequisites for any development of technologies and incorporating them into the fabric of digital transformation are crucial steps that require a concerted strategic approach at the global level. Implementing comprehensive risk-based approaches such as security baselining and security and privacy by design will allow the identification of and protection against threats brought by new and emerging technologies including artificial intelligence to be more focused on the unique characteristic of the AI system compared to the risk of conventional software or information-based system. This includes generative AI as mentioned by El Salvador. Understanding and managing the risk of AI system will help to enhance trustworthiness. In this regard Malaysia supports Mauritius intervention on AI and quantum computing. Malaysia also supports El Salvador to include managing the risk of AI in the final report. Malaysia further supports to include the risk brought by quantum computing including the readiness of post-quantum cryptography in the final report. Cooperative measures to address these matters include agile policy approaches to ensure manufacturers, developers and service providers embed robust security right from the initial design stage. Moreover bringing together appropriate experts from industry, academia or other relevant stakeholders and entities can further strengthen efforts to build a more resilient ICT ecosystem. This includes the risk-based approach to AI. The proper combination of security experts and AI developers will assist adaption to AI landscape as AI technologies continue to develop so society can benefit from AI while also being protected from its potential harm. This should also be considered in the future permanent mechanism. In Malaysia last December a national AI office was launched under the Ministry of Digital to continue efforts in developing necessary safeguards and a robust framework to foster sustainable and ethical AI practices. Additionally, in July 2024, Malaysia amended Personal Data Protection Act 2010, introducing mandatory data breach notification, stricter penalties for non-compliance and regular audits. These amendments also introduced a data protection officer role to ensure that organization comply with data protection regulation. Malaysia also enacted a data sharing bill on 12th of December, 2024, with the aim to creating a clear regulatory framework for sharing public sector data. This to ensure the security and safety of data. In this regard, Malaysia supports China on the importance of addressing data security and should be included in the final report. Protection of data is required for defense in depth and cybersecurity protection. Mr. Chair, Malaysia support statements from Pakistan, Bosnia, EU and the threats targeting, on the threats targeting critical infrastructure is becoming more sophisticated and complex. Malaysia joins to support the threats of ransomware that becomes more sophisticated. Malaysia has enforced the Cybersecurity Act 2024 last August to strengthen our national critical information infrastructure. The Cybersecurity Act 2024 introduces several important features such as the establishment of National Cybersecurity Committee and outline the duties and powers of the Chief of National Cybersecurity Agency. It also sets out the functions and duty of critical information infrastructure sector leads and critical information infrastructure entities or owner. This act also addresses the management of cybersecurity threats and incident related to critical information infrastructure. Further, it includes provision to regulate cybersecurity service provider through licensing to ensure that only qualified entities are authorized to deliver cybersecurity services. With regards to cooperative measures in the protection of critical information infrastructure, it is also important to identify sector-specific uncommon security needed. Hence, it is imperative for the future permanent mechanism to support Member States’ deliberations on cross-sectoral and sector-specific critical infrastructure informed by their particular characteristics, including their supply chain. Thank you, Chair.

Chair: Thank you very much, Malaysia, for your statement. United Kingdom, to be followed by Morocco.

United Kingdom: Thank you, Chair, and good morning. The international community continues to face expanding and evolving threats in cyberspace. Nowhere is this more apparent than in Ukraine, which will mark the third anniversary of Russia’s illegal and unprovoked invasion next week. The UK will continue to partner with Ukraine to detect, deter and disrupt cyberattacks against critical national infrastructure, as we have set out in a 100-year partnership signed jointly with Ukraine last month. Members of this OEWG will have observed that the state calling the loudest for new international law for cyberspace is using offensive cyber capabilities alongside its illegal campaign of aggression. This has included cyberattacks against civilian infrastructure, notably Ukraine’s electricity grid, telecommunications services and mobile networks. There are countless examples of malicious cyberactivity conducted by the Russian state in recent years. Russia’s recklessness is apparent in the deployment of the Whispergate destructive malware against Ukrainian victim organisations. We note with concern the continued reliance on Russia’s cyberattacks. of the Russian state on known cybercriminals to conduct its malicious operations in cyberspace. These links between the Russian state and cybercriminals are part of a much wider ecosystem of concern, with malicious activity including wiperware and ransomware emanating from the Russian state and its territory. Chair, since the 9th session of this OEWG, the UK’s National Cybersecurity Centre has published its annual review. The review highlighted that there were 430 serious cyber incidents in 2024 requiring the intervention of our National Cybersecurity Centre. That is 75 incidents more than in 2022. Ransomware remains one of the most significant and organised cyber threats faced by the UK. 2024 saw 317 reports of ransomware activity made to our NCSC. This included high-profile ransomware attacks on supply chains critical to our national health service. The failure of some states to tackle malicious cyber activity emanating from within their territory fosters a permissive environment in which criminals are encouraged to conduct destabilising cyber attacks against critical infrastructure. The challenge posed by the growing commercial market for cyber intrusion capabilities also remains a priority concern in the annual review. The review highlights our assessment that commercial cyber proliferation will increase the range and number of victims requiring government support, with attacks coming from less predictable threat actors. In a joint statement with France in December, we provided an update on the work of the Palmal process, a state-led multi-stakeholder initiative working to address the threat presented by the ready availability of these tools. Ahead of the second Palma Process Conference in Paris in April this year, we have begun to develop a non-binding code of practice with participating states, which will include a set of guiding principles and policy options. The code will underline the importance of, and will be consistent with, the UN framework on responsible state behavior in cyberspace. Chair, a shared understanding of the cyber threat landscape will continue to be a very important underpinning for our discussions under a program of action. As we stated in December, we see significant benefits in three dedicated thematic working groups on cooperation, resilience, and stability. For the UK, our understanding of the threats faced by states directly shapes our international cooperation, including our capacity building programs. Our understanding of the latest tactics, techniques, and procedures used by threat actors helps us to maintain our own national cyber resilience and to support the resilience of our international partners. And states cannot judge stability in cyberspace without a baseline understanding of the threat context. Sharing views on existing and potential threats could therefore provide important context when considering the themes of cooperation, resilience, and stability. This could be recognized in the scope of future discussions. Thank you, Chair.

Chair: Thank you. UK, Morocco, to be followed by Kazakhstan.

Morocco: Thank you for giving me the floor, Chairman. Morocco aligns itself with the statement by Nigeria on behalf of the African group and the one that will be delivered subsequently by the state of Kuwait on behalf of the Arab group. In this regard, we would like to provide some comments in our national capacity. Allow me also, Chairman, to commend the initiatives and the notable progress made by the OEWG since 2021 under your sure and steady leadership. We now have three annual progress reports under our belt, a directory of points of contact and some dozen initiatives proposed by a number of countries. All of those initiatives and this whole toolkit should encourage us and spur us on to pooling our efforts in order to ensure a smooth and orderly transition of the OEWG to the future mechanism. Mr. Chairman, Morocco promotes the establishment of a regular institutional dialogue as a platform to continue discussions on responsible state behavior in cyberspace. My country reiterates that the future mechanism should be guided by the principles of transparency, pragmatism, consensus and the adoption of action-oriented recommendations in order to achieve a safe, secure, stable, accessible and peaceful cyberspace. As regards the creation of thematic groups, my country encourages the rationalization of the number of those groups to make sure that they are in line with the existing and potential threats in cyberspace. They also need to take into account limited resource capacities for a number of delegations. With this in mind, we consider that the thematic groups proposed by the Chair could constitute a good basis for providing a harmonious transition towards the future mechanism. What’s more, the opportunity of convening ad hoc thematic groups by the Chair, and of course with the consent of the Member States, would further encourage flexibility, responsiveness, and a capacity for the future mechanism to adapt to the issues and priorities that may emerge. It is also crucial that the future mechanism is able to produce concrete and tangible results. It would be desirable to better explicitly outline the objectives, the benchmarks, and the reporting requirements when discussing the thematic groups, and that would constitute an important step towards making this critical transitional period a successful one. To conclude, Mr. Chairman, Morocco remains firmly convinced that dialogue with the various stakeholders and their involvement needs to be strengthened. Those actors play a key role in building capacities and developing innovation in cyberspace. Their involvement in a future permanent mechanism would constitute key support for the joint efforts of Member States in favour of responsible state behaviour in cyberspace. With full respect for the interests of each and every one, the sovereignty of Member States, and the primacy of international law. Thank you, Mr. Chairman.

Chair: Thank you very much, Morocco, for your statement. Kazakhstan, to be followed by Singapore.

Kazakhstan: Thank you for giving the floor. At the outset, Kazakhstan would like to express its sincere gratitude to you, Chair, and your team for the dedication and efforts on the work of OEWG over the past years. The rapid expansion of digital technologies drives economic progress and global interconnectivity while intensifying cyber threats. A key challenge lies in the growing complexity of software supply chains, where vulnerabilities in hyper-connected components can lead to systemic risks. Strengthening transparency, security and collaboration across governments, industry and academia is essential to mitigating these threats. The rapid spread of online information continues to shape public perception and decision-making. While digital platforms enhance access to knowledge, they also amplify misinformation, disinformation and cyber-enabled influence operations. Reinforcing digital trust and countering malicious activities are urgent priorities. Space-based technologies represent another crucial area for international coordination. As more global services depend on satellite networks, ensuring their stability, security and resilience is vital to preserving the integrity of global communication. Cyber threats targeting satellites can lead to communication failures, disrupted navigation systems and compromised security, affecting the digital ecosystem. Cyber risks to critical sectors as telecommunications, healthcare, finance are escalating, particularly as many rely on outdated systems that are vulnerable to modern threats. Attacks on CI and CII can cause disruptions with global consequences. While traditional threats such as phishing, malware and unpatched systems persist, AI-driven attacks are enhancing social engineering and cloud-based intrusions surged alongside global cloud adoption. Identity-based attacks such as theme swapping and multi-factorial authentication bypass, malware-free attacks now pose sensitive risks across sectors. We also would like to highlight that undersea cables are increasingly vulnerable to cyber threats. Attacks on them could disrupt global communication and essential services. highlighting the need for advanced security measures. At the same time, landlocked countries as Kazakhstan face heightened cyber risks due to their reliance on transit roads through neighboring states, making them more vulnerable to data interception, service disruptions, and vulnerabilities in intermediate networks. The global shortage of cyber professionals remain a pressing challenge. Investing in education, capacity building, and raising awareness is crucial to closing expertise gaps and ensuring a secure digital future. For a threat landscape, capacity building should be tailored to national contexts, enabling states to access vulnerabilities and identify achievable priorities. Cooperation with the private sector and academia is equally critical. Public-private partnerships can drive innovation in supply chain security, the development of secure-by-design technologies, and the implementation of practical cyber measures. Ensuring digital resilience is crucial for stability and sustainable development to create open, secure, stable, accessible, and peaceful ICT environment. By implementing action-oriented measures, we can foster a resilient and trustworthy cyberspace that balance innovation with responsibility. I thank you.

Chair: Thank you very much, Kazakhstan. Singapore, to be followed by Sweden.

Singapore: Thank you, Mr. Chair. We would like to express, firstly, our thanks to you and your team for all the hard work in preparing for this meeting. Chair, the last three annual reports are a culmination of our collective efforts in addressing the evolving cyber threat landscape. We have listened carefully to one another and highlighted the key cyber threats and Artificial Intelligence. However, it is just as important for the final consensus report of this OEWG to not just capture the existing threat landscape, but also build on this foundation to share the best practices to mitigate threats and build our collective resilience. To this end, Singapore would like to make three points. First, delegations have mentioned how malicious ICT attacks pose a significant threat to the security of operational technology or OT, which is essential for the normal functioning of many CIIs in the energy, water and transportation sector. Delegations have agreed throughout the course of this process that CIIs play a critical role in delivering essential services to the population and ensuring the effective functioning of the economy and society. Singapore also shares a concern with other delegations and believes that OT security is a key priority for discussions, and there is a need to develop robust measures as part of CII protection. One way that Singapore is building OT resilience is through the Operational Technology Cybersecurity Expert Panel Forum, which annually facilitates discussions among global experts on CII protection on key global OT technologies, policies, standards and in safeguarding OT systems against cyber threats. Singapore also conducts the Singapore Industrial Control System Cybersecurity 301 course for local and regional cybersecurity professionals, where participants are given hands-on training within an actual OT environment. Second, Mr Chair, as delegations from both the developing and developed states have pointed out, and as reflected in the third annual progress report, artificial intelligence expands development opportunities, but also increases the speed and enhances the targeting potential of malicious ICT activity. It is important to address AI security in our legislative, policy and regulatory approaches in order to keep pace with its development and adoption. Last October, Singapore introduced voluntary guidelines offering practical advice on securing AI systems throughout their lifecycle. We keep these documents live, updating them regularly to reflect changes in the AI security landscape. We welcome feedback from UN OEWG members to enhance these resources in a harmonised and practical manner. Delegations such as Vanuatu and Zimbabwe have previously highlighted the urgent need to bridge the technological divide and ensure all nations can benefit from technological advancements but also manage the associated risks effectively. Sensitising stakeholders to AI security across their policy, technical operations and diplomacy spectrum is also necessary to address both opportunities and risks. This could include workshops, simulations and joint training exercises held by different experts to raise awareness of AI’s unique vulnerabilities and mitigation measures. Lastly, delegations such as Ghana and New Zealand have emphasised the importance of strengthening collaboration among CERTs. Singapore echoes this and believes that promoting timely and relevant CERT-related information sharing, supported where relevant through CERT-related capacity building and technical cooperation, is an essential cooperative measure that will help states address threats. Information sharing not only helps states build a clear threat picture, but also empowers the international community to share best practices on identifying and mitigating threats, which will be useful to small and developing states with limited technical resources and expertise. CERT exercises are also an integral effort to ensure that we are working effectively in peacetime and in times of crisis. Singapore has led the organisation of the ASEAN CERT Incident Drill, or ACID, since 2006. In line with the evolution of the latest trends and threats to the cyber landscape, the 19th iteration of the ACID last year was focused on the theme navigating the rise of AI-enabled cyber attacks. We are looking forward to organising the 20th iteration of the ACID at the 10th Singapore International Cyber Week, which will be held from 20 to 23 October this year. Singapore is also working with all ASEAN Member States towards the operationalisation of the ASEAN Regional CERT. The initiative will facilitate regular exchanges on the threat landscape through information sharing to support Member States in the region to better understand the latest tactics, techniques and procedures, or TTPs, used by threat actors and help them better mitigate these cyber threats. Besides ASEAN, other regional organisations, such as the OAS and the OSCE, also have well-established information exchange mechanisms in their own regions and are valuable resources to share experiences at the global level. Thank you, Mr Chair.

Chair: Thank you very much, Singapore, for your statement. Sweden, to be followed by Russian Federation.

Sweden: Chair, thank you for allowing me to take the floor. Sweden fully aligned herself with the statement made on behalf of the European Union. I will make some brief additional remarks in my national capacity. The cyber threat landscape is becoming more complex and malicious activities are increasing in scope as well as in sophistication. Both malicious state and non-state actors are responsible for this unfortunate and dangerous development, which constitutes a threat to political stability, national security, economic growth and development. Cyber activities are targeting our critical national infrastructure and create high costs for the private sector and society at large. Sweden is committed to intensify their work against ransomware and other forms of cyber crime, including in this forum. A particularly serious ransomware attack took place just over a year ago. against a major IT service company in Sweden. The incident led to disruption for a significant number of private and public actors, including regional authorities. Sweden is working to better address such situations, including through a strengthened national cyber security centre. There are concerns that certain states are deliberately failing to tackle malicious activity emanating from within their territory, in spite of their due diligence obligations. We expect all states to use cyber capabilities in accordance with international law and in line with the UN norms of responsible state behaviour in cyberspace, and to take necessary measures to stop malicious actors operating within their jurisdiction. Cyber is also increasingly being used by some to undermine democracy and violate and abuse human rights, a development that is made worse by the growth of the commercial market for cyber intrusion instruments. To support and protect human rights defenders in this context is paramount. Mr. Chair, Sweden encourages further progress in our collective work to more effectively link the identification of threats to appropriate actions to counter these threats, including in the context of the Future Permanent Mechanism. Thank you, Mr. Chair.

Chair: Thank you. Sweden. Russian Federation, to be followed by Malawi.

Russian Federation: The greatest danger we see in the use of information and communication technologies for purposes contrary to the UN Charter, to undermine the sovereignty of states, violate their territorial integrity and interfere in internal affairs. Such an outcome could inter alia be facilitated by attacks on critical information infrastructure. We are concerned by the growing supply of respective malicious services and products from IT companies. We believe it is worrying that ICTs are being used to cause physical harm. In September 2024, we witnessed another terrible act of sabotage when, as a result of a massive explosion of communication devices in Lebanon, entirely innocent citizens became victims. We regard the Pager attack as a gross violation of international law and rules of responsible behavior of states in information space approved by the UN, first of all regarding the commitment to take responsible steps to ensure the integrity of the supply chain and to prevent the use of harmful hidden functions. We point out that the aforementioned and other threats are reflected in the concept for a UN Convention on IIS submitted as an official General Assembly document at the 77th session. It shows the relevance of the initiative and the need to discuss it within the OEWG and the Future Permanent Mechanism. We are convinced that the issue of IIS, including the entire spectrum of existing and potential threats, should be addressed within inclusive formats that have the necessary expertise. Decisions by some states to pull the discussion on international information security out of the OEWG, in particular taking it to the UN Security Council, are counterproductive. They lead to politicization. They do not support the development of effective solutions to meet ICT challenges, particularly when we’re talking about threats that do not directly relate to issues of peace and security. A clear example of this is the November 2024 and January 2025 informal Security Council meetings on ransomware attacks against healthcare facilities and commercial spyware. These problems should be absolutely discussed within the OEWG and the Future Permanent Mechanism with all Member States involved. A basis for the discussion on the issue of ICTs is certainly not the outcomes of work in these non-transparent formats such as the Paris Summit on Artificial Intelligence. To discuss these issues we have the UN and the ITU. It’s important to focus on compliance with the UN Charter, national legislation of states upon the territories of which those ICTs are used, and to give preference to the development of software on the basis of open source code. Another threat in the field of international information security is the creation of obstacles to the participation of Member States delegates in the work of the Competent Negotiating Platform. We are forced to note that ahead of the current session of the OEWG, one of the members of the Russian delegation did not receive a visa and thus was not able to come to the United States on time to participate in the meetings. We believe it is unacceptable that the activities of the OEWG and the Future Permanent Mechanism are being undermined by visa barriers. We call upon the Chair and the UN Secretariat to resolve this issue. Moreover, we are also forced to respond to groundless accusations against the Russian Federation that we have heard. We roundly reject those accusations. They are not only entirely detached from reality, but they are also intentionally fabricated in order to create an advantageous political background noise for some states. No appeals. about these incidents were made through the Global Intergovernmental Points of Contact Directory. It is clear that those making these accusations are interested not in a responsible investigation of the incidents, but only in creating media background noise. We believe that there are blatant attempts to portray Russia as an aggressor in the digital sphere, particularly since in reality things are exactly the other way around. Since early 2022, Russia’s information infrastructure has been subjected to an unprecedented number of computer attacks, primarily by the Zelensky regime. The latter is a tool and a bridgehead for offensive cyber operations in the interests of NATO. Kiev is targeting civilian objects. It is trying to disable electronic services, equipment and to steal the personal data of our citizens. They are not only not trying to hide this, but they are even boasting about their responsibility for digital sabotage, although they are exaggerating the effectiveness of it. As part of such malicious activities, Kiev is using the capabilities of a huge cyber criminal conglomerate, the so-called IT Army of Ukraine, which is supervised by the Ministry of Defense of that country. There are also Ukrainian call centers that are ripping off ordinary Russians and also Europeans. This work is on a conveyor belt that employs more than 100,000 people. In Dnepropetrovsk alone, according to our information, there are around 500 such centers. Of course, we cannot speak about Kiev acting autonomously in these activities. The majority of the anti-Russian operations are carried out with the assistance of NATO countries, including that provided through the IT coalition for Ukraine and the Talin mechanism. The total amount of financial assistance to Kiev from the participating countries in these formats is estimated at at least 800 million euros. And the alliance is not just providing logistical support and training for the Ukrainian hackers. On the territory of the republic, on a permanent basis, there are entire units of Western military and special services deployed, which almost in real time are supervising computer attacks against our country. It is telling, incidentally, that assistance to the Zelensky regime is often then turned against the donors themselves. There are cases of Ukraine interfering in the work of the digital infrastructure of NATO member states. A recent example is a massive cyber attack on the national insurance company of Slovakia, in which, according to the political leadership of that country, Kiev was involved. Thank you for your attention.

Chair: Thank you, Russian Federation, for your statement. Malawi to be followed by Japan.

Malawi: Thank you so much, Chair. Allow me to first thank the GFCE and UK government, through the Women in International Security and Cyberspace, for their continuous efforts in ensuring our participation in these substantive meetings, as well as applaud your leadership and support for this OEWG. To begin, I would like to quote from the UN Secretary General’s 2021 report. The digital transformation is reshaping the global landscape, but alongside its tremendous transformation, but alongside its tremendous opportunities, it brings with it risks and vulnerabilities that must be addressed collectively. This quote resonates with the heart of our discussion today, as we confront the complex and growing threats in the realm of information security. Malawi has recognized the growing significance of cybersecurity as threats evolve and digital adoption expands. Cybercrime, particularly stemming from artificial intelligence in support of statements raised by Malaysia and Mauritius, misinformation and financial fraud through, for example, techniques and tactics of SIM swap in support of Kazakhstan’s intervention, continues to impact our nation, with esteemed losses from mobile money and digital banking fraud increasing each year. These incidents, alongside vulnerabilities such as attacks on critical information infrastructure, demand urgent attention and a robust response. The protection of citizens’ data and privacy is now more critical than ever, and the need for strong cybersecurity governance is paramount. Cyberattacks on critical infrastructure, such as the 2024 breach that disrupted passport issuance services in my delegation, demonstrate the vulnerability of essential government systems. In agreement of the intervention made by Nigeria, as most of our countries are in the season of elections, risks related to misinformation, data breaches, and privacy violations underscore the urgent need for stronger legal frameworks, institutional capacity, and international collaboration. The rapid rise of ransomware attacks has put a significant strain on national efforts to secure critical infrastructure and services. Studies to assess the threat landscape for African countries in the first quarter of 2023 and third quarter of 2024 showed that in every third successful cyberattack on organizations in the region, cybercriminals used ransomware with several countries, including Malawi, grappling with the aftermath. These attacks not only affect private businesses, but also target vital public sector services. including healthcare, education, and threatening the well-being of citizens. As highlighted in Resolution 75-240, my delegation emphasizes the need for continuous capacity building and cooperation amongst states to address these emerging cyber threats. For Malawi, the situation is no different. While we strive to enhance our digital infrastructure and promote the peaceful use of ICTs, we are confronted with the growing concerns regarding cybersecurity, particularly ransomware attacks, data breaches, and mobile money fraud, as well as cryptocurrency-related fraud, most of which stem from social engineering. As emphasized in previous OEWG meetings, Malawi recognizes the critical need for strengthened cybersecurity frameworks in developing nations. To address these challenges, we propose that global stakeholders prioritize capacity building initiatives focused on technical assistance, specifically specialized training and resource support for nations in Africa, such as Malawi, that are facing cybersecurity challenges. I would take this opportunity, on behalf of my delegation, to state our support for the creation of a voluntary cybersecurity capacity fund dedicated to providing targeted support for infrastructure development, skills training, and incident response systems. Furthermore, cryptocurrency-related cybercrimes are emerging as a growing threat. As digital currencies gain popularity, the malicious use of cryptocurrencies for illegal transactions and financial fraud is becoming increasingly prevalent. Malawi is not immune to this threat, and we are taking proactive steps to address these risks through both domestic policy and international cooperation. Our national efforts to strengthen cybersecurity. Malawi has been actively enhancing its cybersecurity… and data protection frameworks through legislative and policy measures. The Data Protection Act of 2024 established the Malawi Data Protection Authority, ensuring compliance with data privacy laws and safeguarding citizens’ personal information. This complements the Electronic Transactions and Cybersecurities Act of 2016, which addresses cybercrime and promotes trust in digital transaction. Furthermore, the National Digitalization Policy reinforces secure digital services, emphasizing cyber resilience and robust data security as key priorities for the country’s digital transformation. Malawi is also finalizing a national cybersecurity policy aimed at addressing emerging threats like ransomware and cryptocurrency-related cybercrimes. This policy will focus on capacity building and information sharing at regional and global levels to enhance national and international cybersecurity resilience. The national CERT continues to play a vital role in incident response, cybersecurity awareness, and facilitating coordination across all sectors. Strengthening public-private partnerships remains a key strategy for enhancing Malawi’s overall cyber resilience and ensuring effective responses to both national and international cyber threats. Recognizing that cyber threats transcend borders, my delegation firmly believes that the challenges we face today require strong international cooperation. We are actively working on signing memoranda of understanding with other nations through national CERT to foster collaboration, enhance information sharing, and promote the joint development of cybersecurity best practices. We invite all Member States to join us in this effort, as collective action is key to building a secure cyberspace. Malawi is actively engaged in regional and international efforts through SADC’s cyber security framework and setting up of the SADIC CSIRT, the African Union’s Malibu Convention, as well as the Budapest Convention on Cybercrime, while also partnering with global organizations such as ITU and Interpol to enhance capacity building, intelligence sharing, and coordinated response mechanisms as they provide a strong framework for international cooperation in tackling emerging threats. My delegation encourages the continuation of dialogue under the UN Open-Ended Working Group as it is essential that we collectively address the evolving threats in the use of ICTs and continue the practice of norms for responsible state behavior. In conclusion, Malawi remains committed to working with all states to ensure that information and communications technologies are used safely and responsibly. Together we can mitigate the risks of cybercrime, foster trust in digital systems, and ensure that the benefits of ICTs are shared equitably while safeguarding our critical information infrastructures and citizens’ privacy. Thank you, Chair.

Chair: Thank you very much, Malawi, for your statement. Now, we have a long list of speakers. This, of course, is a good thing because everyone would like to engage. Now, my intention is to adjourn the meeting at this point and take the rest of the speakers this afternoon, starting with Japan, to be followed by Australia, Argentina. And if there are any requests for rights of reply, as there has already been one, we will take them in the afternoon. Second, the discussions on this question of existing and emerging threats is always… a very important one because in some ways it sets the context for the rest of our works and discussions for the rest of the week. As we engage in this discussion, I’d like you to keep a few things in mind. First, we are trying to see how we can find common ground. Even as you say what you think you need to say, the goal is not just to say what you need to say, but to find common ground. I think that is the purpose that has brought us here to the United Nations. Second, please do your best to respond to other interventions or comments in a way that helps to build common ground. I think you have also referred to or responded to the comments made by other delegations. I find it helpful. I think it’s also useful for us to hear your views if you agree with some of the other comments or proposals that might have been put forward. Thirdly, it is very clear that no one is invulnerable to the threats that are emerging and the threats which are existing. That just underlines the need for collective and collaborative action. No matter how big and mighty one might be, no one is invulnerable. That, too, underlines the need for us to continue our work here. Finally, I know that many of you have come with very thoroughly prepared statements. I’m happy to hear them. and I have indeed done so very carefully. But if there’s a way you can summarize and make your statements more succinct and circulate a full draft to put it on the website, I think that will be helpful. It’s just the first session, so we think we have plenty of time, but I know that as we go to each of these items on which all of you have plenty to say, we usually end up with a squeeze for time in the latter part of the week. So any effort to make your statements more succinct and summarize the key points would be welcome. So with those comments, I want to adjourn the meeting. This is what I call an excellent start to our discussions for the week. I wish you a pleasant afternoon. The meeting will resume at 3 p.m. exactly. Thank you very much. The meeting’s adjourned.

European Union

Speech speed

141 words per minute

Speech length

1026 words

Speech time

433 seconds

Attacks on critical infrastructure pose significant risks

Explanation

The European Union highlights the increasing threat of cyberattacks targeting critical infrastructure. These attacks can disrupt essential services and have widespread consequences for society and the economy.

Evidence

A recent ransomware attack on a major IT service company in Sweden led to disruptions for numerous private and public actors, including regional authorities.

Major Discussion Point

Existing and Potential Cyber Threats

Agreed with

Agreed on

Increasing threat of cyberattacks on critical infrastructure

Differed with

Differed on

Focus of international cooperation

United States

Speech speed

126 words per minute

Speech length

589 words

Speech time

280 seconds

Ransomware attacks are a growing concern, especially in healthcare

Explanation

The United States emphasizes the increasing threat of ransomware attacks, particularly in the healthcare sector. These attacks can disrupt critical services and pose risks to patient safety.

Evidence

Recent ransomware attacks on healthcare facilities in Maryland caused disruptions to services.

Major Discussion Point

Existing and Potential Cyber Threats

Agreed with

Agreed on

Increasing threat of cyberattacks on critical infrastructure

Mauritius

Speech speed

106 words per minute

Speech length

555 words

Speech time

311 seconds

AI and quantum computing introduce new cybersecurity challenges

Explanation

Mauritius highlights the emerging threats posed by artificial intelligence and quantum computing. These technologies can be leveraged for advanced cyberattacks and may compromise current encryption standards.

Evidence

AI can be used for automated phishing attacks and deepfake-based disinformation campaigns. Quantum computing has the potential to break current encryption standards.

Major Discussion Point

Existing and Potential Cyber Threats

Agreed with

Agreed on

Emerging threats from AI and quantum computing

Call for establishment of a voluntary cybersecurity capacity fund

Explanation

Mauritius proposes the creation of a voluntary cybersecurity capacity fund. This fund would be dedicated to providing targeted support for infrastructure development, skills training, and incident response systems in developing countries.

Major Discussion Point

International Cooperation and Capacity Building

Agreed with

Agreed on

Importance of international cooperation and capacity building

Kazakhstan

Speech speed

119 words per minute

Speech length

449 words

Speech time

224 seconds

Threats to undersea cables and telecommunications networks are increasing

Explanation

Kazakhstan raises concerns about the growing vulnerability of undersea cables and telecommunications networks to cyber threats. Attacks on these critical infrastructures could disrupt global communication and essential services.

Major Discussion Point

Existing and Potential Cyber Threats

Agreed with

Agreed on

Increasing threat of cyberattacks on critical infrastructure

Sweden

Speech speed

114 words per minute

Speech length

322 words

Speech time

169 seconds

Disinformation campaigns and election interference are major concerns

Explanation

Sweden expresses concern about the use of cyber capabilities to undermine democracy and interfere with electoral processes. These activities pose a threat to political stability and democratic institutions.

Major Discussion Point

Existing and Potential Cyber Threats

Need for cross-cutting approach to cyber threats in future mechanism

Explanation

Sweden advocates for a cross-cutting approach to addressing cyber threats in the future permanent mechanism. This approach would enable more effective linking of threat identification to appropriate actions for countering these threats.

Major Discussion Point

Future Permanent Mechanism

Malawi

Speech speed

124 words per minute

Speech length

998 words

Speech time

479 seconds

Cryptocurrency-related cybercrimes are an emerging threat

Explanation

Malawi highlights the growing threat of cryptocurrency-related cybercrimes. As digital currencies gain popularity, they are increasingly being used for illegal transactions and financial fraud.

Major Discussion Point

Existing and Potential Cyber Threats

Importance of public-private partnerships in addressing cyber threats

Explanation

Malawi emphasizes the importance of strengthening public-private partnerships to enhance overall cyber resilience. These partnerships are crucial for ensuring effective responses to both national and international cyber threats.

Major Discussion Point

International Cooperation and Capacity Building

Agreed with

Agreed on

Importance of international cooperation and capacity building

United Kingdom

Speech speed

124 words per minute

Speech length

613 words

Speech time

295 seconds

Commercial cyber intrusion capabilities market is expanding

Explanation

The United Kingdom expresses concern about the growing commercial market for cyber intrusion capabilities. This expansion increases the range and number of potential victims and introduces less predictable threat actors.

Evidence

The UK’s National Cybersecurity Centre annual review highlights the challenge posed by the growing commercial market for cyber intrusion capabilities.

Major Discussion Point

Existing and Potential Cyber Threats

Support for dedicated thematic groups on cooperation, resilience, and stability

Explanation

The United Kingdom expresses support for establishing dedicated thematic groups on cooperation, resilience, and stability in the future permanent mechanism. These groups would facilitate deeper dialogue on threats and identify necessary capacities to counter them.

Major Discussion Point

Future Permanent Mechanism

Singapore

Speech speed

147 words per minute

Speech length

770 words

Speech time

313 seconds

Attacks on operational technology in critical sectors are increasing

Explanation

Singapore highlights the growing threat of cyberattacks targeting operational technology (OT) in critical sectors. These attacks pose significant risks to the functioning of critical infrastructure and essential services.

Evidence

Singapore conducts the Singapore Industrial Control System Cybersecurity 301 course for cybersecurity professionals, providing hands-on training within an actual OT environment.

Major Discussion Point

Existing and Potential Cyber Threats

Agreed with

Agreed on

Increasing threat of cyberattacks on critical infrastructure

African group

Speech speed

122 words per minute

Speech length

463 words

Speech time

225 seconds

Need for technical assistance and resource support for developing nations

Explanation

The African group emphasizes the importance of providing technical assistance and resource support to developing nations. This support is crucial for building cybersecurity capacities and addressing the technological gap.

Major Discussion Point

International Cooperation and Capacity Building

Agreed with

Agreed on

Importance of international cooperation and capacity building

Differed with

Differed on

Focus of international cooperation

Malaysia

Speech speed

123 words per minute

Speech length

839 words

Speech time

406 seconds

Importance of CERT collaboration and information sharing

Explanation

Malaysia stresses the significance of collaboration among Computer Emergency Response Teams (CERTs) and information sharing. This cooperation is essential for building a clear threat picture and sharing best practices on identifying and mitigating threats.

Major Discussion Point

International Cooperation and Capacity Building

Agreed with

Agreed on

Importance of international cooperation and capacity building

China

Speech speed

120 words per minute

Speech length

937 words

Speech time

467 seconds

Need for cooperation in protecting critical information infrastructure

Explanation

China highlights the importance of international cooperation in protecting critical information infrastructure. This cooperation is crucial for maintaining the security and stability of global ICT supply chains.

Major Discussion Point

International Cooperation and Capacity Building

Agreed with

Agreed on

Importance of international cooperation and capacity building

Uruguay

Speech speed

136 words per minute

Speech length

565 words

Speech time

247 seconds

Importance of regional and international frameworks for cybersecurity

Explanation

Uruguay emphasizes the significance of regional and international frameworks for cybersecurity. These frameworks are essential for promoting confidence-building measures and their implementation globally.

Major Discussion Point

International Cooperation and Capacity Building

Agreed with

Agreed on

Importance of international cooperation and capacity building

El Salvador

Speech speed

118 words per minute

Speech length

496 words

Speech time

251 seconds

Need for AI governance and ethical guidelines

Explanation

El Salvador stresses the importance of developing governance frameworks and ethical guidelines for artificial intelligence. This is crucial to mitigate risks associated with AI-generated content and malicious use of AI in cyberattacks.

Major Discussion Point

Addressing Threats through Policy and Regulation

Agreed with

Agreed on

Emerging threats from AI and quantum computing

Kingdom of the Netherlands

Speech speed

136 words per minute

Speech length

477 words

Speech time

209 seconds

Importance of implementing the UN Framework for Responsible State Behavior

Explanation

The Netherlands emphasizes the critical importance of fully implementing and adhering to the UN Framework for Responsible State Behaviour. This framework is fundamental to addressing existing and potential ICT-related threats to international security.

Major Discussion Point

Addressing Threats through Policy and Regulation

Differed with

Differed on

Approach to addressing cyber threats

Cuba

Speech speed

106 words per minute

Speech length

517 words

Speech time

290 seconds

Call for legally binding international instrument on cybersecurity

Explanation

Cuba advocates for the adoption of a legally binding international instrument on cybersecurity. This instrument would establish clear obligations for all states and comprehensively address cyber threats.

Major Discussion Point

Addressing Threats through Policy and Regulation

Differed with

Differed on

Approach to addressing cyber threats

Bosnia and Herzegovina

Speech speed

120 words per minute

Speech length

332 words

Speech time

164 seconds

Need for post-quantum cryptographic solutions

Explanation

Bosnia and Herzegovina highlights the need for developing post-quantum cryptographic solutions. This is crucial to safeguard sensitive data against the potential threat posed by quantum computing to current encryption standards.

Major Discussion Point

Addressing Threats through Policy and Regulation

The Chair emphasizes the importance of finding common ground and building consensus among delegations, rather than just stating positions. This is crucial for making progress and achieving the goals of the OEWG.

Evidence

The Chair states: ‘As we engage in this discussion, I’d like you to keep a few things in mind. First, we are trying to see how we can find common ground. Even as you say what you think you need to say, the goal is not just to say what you need to say, but to find common ground.’

Major Discussion Point

Process and Approach

Importance of collective and collaborative action

Explanation

The Chair highlights that no country is invulnerable to cyber threats, underlining the need for collective and collaborative action. This emphasizes the importance of international cooperation in addressing cybersecurity challenges.

Evidence

The Chair states: ‘It is very clear that no one is invulnerable to the threats that are emerging and the threats which are existing. That just underlines the need for collective and collaborative action.’

Major Discussion Point

International Cooperation

USG HR Disarmament Izumi Nakamitsu

Speech speed

109 words per minute

Speech length

945 words

Speech time

517 seconds

Increasing cyber threats to international peace and security

Explanation

Nakamitsu highlights the growing challenges to international peace and security arising from state use of ICTs. This includes malicious use of ICTs by both state and non-state actors, impacting critical infrastructure and essential services.

Evidence

Nakamitsu states: ‘Challenges to international peace and security arising from state use of ICT continues to grow. Incidents of malicious use of ICTs by both state and non-state actors remain well-documented, including those with impacts on infrastructure providing essential services to the public, like healthcare, banking, and government services.’

Major Discussion Point

Existing and Potential Cyber Threats

Need for a permanent single-track mechanism on ICT security

Explanation

Nakamitsu emphasizes the importance of creating a permanent single-track mechanism on ICT security matters under UN auspices. This would set the stage for long-term progress in addressing cybersecurity challenges.

Evidence

Nakamitsu states: ‘This working group has the unique opportunity to create a permanent single-track mechanism on ICT security matters under United Nations auspices, thus setting the stage for long-term progress in the years to come.’

Major Discussion Point

Future Permanent Mechanism

Nigeria

Speech speed

140 words per minute

Speech length

609 words

Speech time

260 seconds

Importance of collaborative framework for cyber threat mitigation

Explanation

Nigeria emphasizes the need for a comprehensive international framework to harmonize existing and potential cyber threats. This framework would involve collaboration among state computer emergency response teams to enhance threat detection and mitigation.

Evidence

Nigeria states: ‘To forestall the vulnerabilities of the cyberspace, Nigeria believes a comprehensive international framework on harmonizing existing and potential cyber threats through collaboration among state computer emergency response teams is essential.’

Major Discussion Point

International Cooperation and Capacity Building

Need for indigenous technology development

Explanation

Nigeria recommends the development of indigenous technology among emerging economies to reinforce local knowledge in protecting their cyber domains. This approach aims to enhance self-reliance and reduce technological dependencies.

Evidence

Nigeria states: ‘Nigeria recommended development of indigenous technology among emerging economies to reinforce local knowledge in protecting their cyber domain against malicious activities.’

Major Discussion Point

Capacity Building and Technological Development

Mexico

Speech speed

91 words per minute

Speech length

282 words

Speech time

184 seconds

Importance of harmonizing cybersecurity standards

Explanation

Mexico emphasizes the need to make progress in harmonizing cybersecurity standards to enable interoperable protection of critical infrastructure across different jurisdictions. This approach aims to enhance overall cybersecurity effectiveness.

Evidence

Mexico states: ‘It’s crucial to make headway in harmonising cyber security standards to enable us to protect in an interoperable way critical infrastructure between different jurisdictions.’

Major Discussion Point

International Cooperation and Standards

Need for comprehensive risk assessments

Explanation

Mexico stresses the importance of implementing cybersecurity standards based on comprehensive risk assessments. These assessments should cover both common cyber threats and those specific to different regional and national contexts.

Evidence

Mexico states: ‘The implementation of these standards must be based on comprehensive risk assessments that would cover both common cyber threats as well as those that are specific to different regional and national contexts.’

Major Discussion Point

Risk Assessment and Management

Agreements

Agreement Points

Increasing threat of cyberattacks on critical infrastructure

Attacks on critical infrastructure pose significant risks

Ransomware attacks are a growing concern, especially in healthcare

Attacks on operational technology in critical sectors are increasing

Threats to undersea cables and telecommunications networks are increasing

Attacks targeting energy systems or transportation have proved to include capabilities to remotely control operations, including supply and internal management of processes

Multiple speakers highlighted the growing threat of cyberattacks on critical infrastructure, including healthcare, energy, transportation, and telecommunications sectors. These attacks can disrupt essential services and have widespread consequences for society and the economy.

Emerging threats from AI and quantum computing

AI and quantum computing introduce new cybersecurity challenges

Need for AI governance and ethical guidelines

Need for post-quantum cryptographic solutions

Several speakers emphasized the emerging threats posed by artificial intelligence and quantum computing, including the potential for advanced cyberattacks and the need to develop new cryptographic solutions to address these challenges.

Importance of international cooperation and capacity building

Need for technical assistance and resource support for developing nations

Importance of CERT collaboration and information sharing

Call for establishment of a voluntary cybersecurity capacity fund

Importance of public-private partnerships in addressing cyber threats

Need for cooperation in protecting critical information infrastructure

Importance of regional and international frameworks for cybersecurity

Multiple speakers stressed the importance of international cooperation, capacity building, and resource sharing to address cybersecurity challenges, particularly for developing nations.

Similar Viewpoints

These speakers advocated for a structured, action-oriented approach in the future permanent mechanism, emphasizing the need for dedicated thematic groups and cross-cutting strategies to address cyber threats effectively.

Support for dedicated thematic groups on cooperation, resilience, and stability

Need for action-oriented recommendations in the future mechanism

Need for cross-cutting approach to cyber threats in future mechanism

Both speakers emphasized the need for strong international frameworks to govern state behavior in cyberspace, though they differed on the specific approach (implementing existing framework vs. creating a new legally binding instrument).

Importance of implementing the UN Framework for Responsible State Behavior

Call for legally binding international instrument on cybersecurity

Unexpected Consensus

Importance of addressing cryptocurrency-related cybercrimes

Cryptocurrency-related cybercrimes are an emerging threat

Threats to undersea cables and telecommunications networks are increasing

While not directly related, both Malawi and Kazakhstan highlighted emerging threats that are not typically at the forefront of cybersecurity discussions. This unexpected focus on newer, evolving threats suggests a growing awareness of the diverse and rapidly changing nature of cybersecurity challenges.

Overall Assessment

Summary

The main areas of agreement included the increasing threats to critical infrastructure, the challenges posed by emerging technologies like AI and quantum computing, and the need for international cooperation and capacity building. There was also broad support for establishing a structured, action-oriented approach in the future permanent mechanism.

Consensus level

There appears to be a moderate to high level of consensus on the major cybersecurity challenges and the need for collaborative action. This level of agreement suggests that there is a strong foundation for developing concrete strategies and policies to address these issues. However, there are still some differences in approach, particularly regarding the specific mechanisms for international cooperation and regulation.

Differences

Different Viewpoints

Approach to addressing cyber threats

Call for legally binding international instrument on cybersecurity

Importance of implementing the UN Framework for Responsible State Behavior

Cuba advocates for a legally binding international instrument, while the Netherlands emphasizes implementing the existing UN Framework for Responsible State Behavior.

Focus of international cooperation

Need for technical assistance and resource support for developing nations

Attacks on critical infrastructure pose significant risks

The African group emphasizes the need for technical assistance to developing nations, while the EU focuses on addressing threats to critical infrastructure in developed countries.

Unexpected Differences

Visa barriers to participation

Call for addressing emerging threats in the permanent mechanism

The Russian Federation unexpectedly raised the issue of visa barriers preventing participation in the OEWG, which was not a focus of other speakers and diverged from the main cybersecurity discussion.

Overall Assessment

summary

The main areas of disagreement revolve around the approach to addressing cyber threats (legally binding vs. voluntary frameworks), the focus of international cooperation (developing vs. developed nations), and the structure of the future permanent mechanism.

difference level

The level of disagreement is moderate. While there is general consensus on the importance of addressing cyber threats and the need for international cooperation, significant differences exist in the specific approaches and priorities. These differences could potentially impact the effectiveness of future cybersecurity efforts and the development of a unified global approach to cyber threats.

Partial Agreements

All speakers agree on the need for an effective future permanent mechanism, but differ on the specific approach and structure it should take.

Support for dedicated thematic groups on cooperation, resilience, and stability

Need for action-oriented recommendations in the future mechanism

Need for cross-cutting approach to cyber threats in future mechanism

These speakers agree on the need for international cooperation and capacity building, but propose different methods to achieve this goal.

Call for establishment of a voluntary cybersecurity capacity fund

Importance of CERT collaboration and information sharing

Importance of public-private partnerships in addressing cyber threats

Similar Viewpoints

These speakers advocated for a structured, action-oriented approach in the future permanent mechanism, emphasizing the need for dedicated thematic groups and cross-cutting strategies to address cyber threats effectively.

Support for dedicated thematic groups on cooperation, resilience, and stability

Need for action-oriented recommendations in the future mechanism

Need for cross-cutting approach to cyber threats in future mechanism

Both speakers emphasized the need for strong international frameworks to govern state behavior in cyberspace, though they differed on the specific approach (implementing existing framework vs. creating a new legally binding instrument).

Importance of implementing the UN Framework for Responsible State Behavior

Call for legally binding international instrument on cybersecurity

Takeaways

Key Takeaways

Cyber threats are becoming increasingly complex and sophisticated, with attacks on critical infrastructure, ransomware, and AI-enabled threats being major concerns.

There is a growing need for international cooperation and capacity building, especially to support developing nations in addressing cybersecurity challenges.

Many countries emphasized the importance of implementing the UN Framework for Responsible State Behavior in cyberspace.

There is broad support for establishing a future permanent mechanism to address cybersecurity issues, with dedicated thematic groups on cooperation, resilience, and stability.

Data protection, privacy regulations, and addressing emerging technologies like AI and quantum computing are seen as crucial areas for policy development.

Resolutions and Action Items

Continue work towards establishing a future permanent mechanism for addressing cybersecurity issues

Consider the creation of dedicated thematic groups within the future mechanism

Further develop the Global Intergovernmental Points of Contact Directory

Explore the establishment of a voluntary cybersecurity capacity fund for developing nations

Prepare for the final progress report of the Open-Ended Working Group in July 2025

Unresolved Issues

Specific structure and modalities of the future permanent mechanism

Exact nature and scope of stakeholder involvement in the future mechanism

How to address the technological divide between developed and developing nations

Approach to regulating emerging technologies like AI in the context of cybersecurity

Whether to pursue a legally binding international instrument on cybersecurity

Suggested Compromises

Balancing the intergovernmental nature of the process with inclusive stakeholder engagement

Rationalizing the number of thematic groups in the future mechanism to accommodate resource constraints of some delegations

Allowing for the creation of ad hoc thematic groups to provide flexibility in addressing emerging issues

This comment provided an important perspective on shared vulnerability and the need for collective action.

impact

It helped refocus the discussion on cooperation rather than accusation, and emphasized the importance of the group’s work.

Overall Assessment

explanation

Kazakhstan highlighted the vulnerability of undersea cables to cyber attacks, suggesting a need for advanced security measures.

Disclaimer: This is not an official session record. DiploAI generates these resources from audiovisual recordings, and they are presented as-is, including potential errors. Due to logistical challenges, such as discrepancies in audio/video or transcripts, names may be misspelled. We strive for accuracy to the best of our ability.