Last week, the UN Open-Ended Working Group (OEWG) on the security of the use of information and communications technologies in 2021–2025 held its tenth substantive session, the penultimate session of the group before its mandate concludes in July of this year.
Tensions ran high since the first day, with attributions of cyberattacks and rights of reply denouncing those attributions taking centre stage. The states held tightly to their positions, largely unchanged since the last session in December 2024. The Chair pointed out that direct dialogue was lacking, with participants instead opting for a virtual town hall approach—circulating their positions and posting them on the portal, and reminded delegates that whatever decisions to be made would be made by consensus, urging them to demonstrate flexibility.
Ransomware, AI, and threats to critical infrastructure remain the biggest concerns of countries regarding the threat landscape. Even as countries don’t agree on an exhaustive list of threats or their sources, there is a strong emphasis on collective and cooperative responses such as capacity development and knowledge sharing to reduce the risk of these threats, as well as mitigate and manage them.
The long-standing debate between implementing existing norms and developing new ones continued. However, this session saw ASEAN countries take a more pragmatic approach, emphasising concrete steps toward implementing agreed norms while maintaining openness to discussing new ones in parallel. At the same time, the call from developing countries for greater capacity development gained momentum, underscoring the challenge of implementing norms without sufficient resources and support.
The discussions on international law have shown little progress in drawing closer between the positions states hold — there is still no consensus on the necessity of new legally binding regulations for cyberspace. There is also discord on how to proceed with discussing international law in the future permanent UN mechanism on cybersecurity.
Discussions on confidence-building measures (CBMs) were largely subdued, as few new CBMs were introduced, and states didn’t overly detail their POC Directory experience. Many states shared their CBM implementation, which is often linked to regional initiatives and best practices, showing eagerness to operationalise CBMs. It seems states now anticipate the future permanent mechanism to serve as the forum for detailed CBM discussions.
The Voluntary Fund and the Capacity-Building Portal have increasingly been regarded as key deliverables of the OEWG process. However, states remain cautious about the risk of duplicating existing global and regional initiatives, and a clear consensus has yet to emerge regarding the objectives of these deliverables.
States are still grappling with thematic groups and non-state stakeholder engagement questions in the future permanent mechanism. The Chair’s upcoming reflections and town halls will likely get the ball rolling on finding elements for the future permanent mechanism acceptable to all delegations.
Delegations have much to agree upon and exceedingly little time to do so. While this has been the mantra for the last two years, negotiations are now truly entering the eleventh hour, and consensus remains elusive. This spells trouble not just for the group’s final report, but also uncertainty for the future of UN cybersecurity discussions that the report will chart.
For more information on cybersecurity, digital policies, AI governance and other related topics, visit diplomacy.edu.
The Open-Ended Working Group (OEWG) on the security of and in the use of information and communications technologies in 2021–2025 will hold its seventh substantive session on 17-21 February 2025 in New York, the USA.
In other news:
Trump’s team considers tighter semiconductor trade restrictions on China with international cooperation
Donald Trump’s team is considering stronger semiconductor restrictions on China, expanding on measures introduced during Joe Biden’s presidency.
EU Commission proposes enhanced cyber crisis management framework
The EU Commission introduced a proposal aimed at strengthening the EU’s response to large-scale cyber attacks.
The EU Commission’s proposal seeks to boost cybersecurity cooperation among Member States through collaborative clusters, a common crisis management taxonomy, ongoing exercises, improved DNS strategies, and enhanced information sharing.
A new wave of competition is emerging against Elon Musk’s Starlink, with rivals like China’s SpaceSail and Jeff Bezos’s Project Kuiper entering the satellite internet market.
Despite being one of the world’s most influential platforms, YouTube remains shrouded in mystery. A team of researchers has devised an unconventional way to uncover hidden statistics, challenging the carefully…
Known for its cost-effective and innovative strategies, DeepSeek is challenging more expensive Western AI models by using efficient Nvidia hardware and advanced techniques like Mixture-of-Experts (MoE).
The OEWG’s tenth session in February 2025 saw states emphasise collective action against cyber threats, address divisions on norms implementation and binding regulations, highlight the Voluntary Fund and Capacity-Building Portal,…
These approaches illustrate a global shift towards embracing AI’s transformative potential while considering the ethical and societal implications, fostering international cooperation to future-proof technological advancements.
Augmented reality features like ‘Tabletop’ allow NBA fans to view matches from multiple angles, analyse performances in real time, and simulate alternative outcomes.
UNESCO’s Recommendation on the Ethics of Artificial Intelligence sets a global standard for AI governance. It provides a framework for policymakers to ensure AI development aligns with ethical and inclusive principles.
The closure of USAID marks an important shift in U.S. foreign policy, potentially weakening American soft power and leaving a vacuum that rivals like China may exploit. As global diplomacy evolves, questions arise about the future of influence, public diplomacy, and the role of digital networks in shaping international relations.
How ready are countries for the metaverse? Nations are taking different approaches – state-led, industry-driven, or hybrid models. Where does your country stand? Dr Anita Lamprecht explores.
Once, diplomacy was a game of kings, queens, and marriages. Now, it’s a world of sub-federal actors, corporations, NGOs, and diasporas. The ambassador is no longer the sole conduit of statecraft – just one node in a growing network. Aldo Matteucci writes.
The primary goal of this webinar is to provide a platform for dialogue, knowledge sharing, and collaboration among policymakers, tourism stakeholders, and digital technology experts.
A US federal judge has warned key members of the judiciary to remain vigilant against potential cyberattacks by foreign actors that could target election-related litigation. Judge Michael Scudder, who chairs the judiciary’s IT committee, highlighted the risks during a US Judicial Conference meeting, stressing the need for heightened security during the election season to guard against misinformation and interference attempts.
Scudder referenced recent warnings from United States intelligence agencies, which pointed to foreign adversaries using the upcoming elections as an opportunity to undermine trust in the government. He mentioned that while no current cyber threats targeting the judiciary have been identified, the courts could be at risk, especially with the possibility of election-related cases emerging in the near future.
The federal judiciary has faced cyberattacks before, with three foreign actors breaching the document-filing system in 2020. The incident led to changes in how sensitive documents are handled in lower courts. Scudder urged his colleagues to remain cautious, given that election-related litigation may again come before the courts in the upcoming election cycle.
Cybersecurity remains a concern across all branches of government, as both political campaigns and judicial systems are seen as targets for potential foreign interference. Intelligence agencies have reported recent cyber operations by foreign countries, including Iran, aimed at disrupting US elections.
The Australian gold mining company has confirmed it was targeted by a cyberattack last week, joining a growing list of domestic firms hit by similar breaches. The incident comes as Australia continues to grapple with a wave of cyber attacks that have exposed vulnerabilities in the country’s cyber security infrastructure. Although Evolution Mining has stated that the security breach has been contained, it has not provided further details about the extent of the damage or the nature of the attack.
The company has reported the incident to the Australian Cyber Security Centre, which has acknowledged the report but noted that Evolution Mining did not supply much information on the breach. Despite the attack, Evolution Mining assured that its operations would not be materially impacted. The Australian government has recently strengthened its cyber defences by increasing law enforcement funding and mandating the reporting of cyber attacks as part of a broader security overhaul.
Cyber crime has been on the rise in Australia, with reports increasing by nearly 25% in the year leading up to June 2023. The average cost to victims has also surged by 14%. Experts have pointed out that the country’s cyber security industry is under-resourced and may not be fully equipped to handle the growing threat. The increased collaboration between Australia, the US, and Britain under a new defence agreement has also made Australia a more prominent target for cyber attacks.
The attack on Evolution Mining echoes a series of breaches that have affected major Australian companies in recent years, including Optus, Woolworths, Medibank, DP World Australia and the Australian unit of Shell. These incidents have brought attention to the urgent need for stronger cyber defences as Australia continues to face significant digital security challenges.
Cybersecurity analysts are warning of escalating cyber threats targeting the Paris 2024 Olympics. FortiGuard Labs reports a significant surge in dark web activity targeting France, with an 80-90% increase from late 2023 to mid-2024. These threats are becoming more sophisticated, posing risks to attendees and organisers.
A significant concern is the proliferation of phishing kits designed for the Olympics in France, enabling cybercriminals to deceive users into divulging personal information or downloading malware. Fake ticketing platforms and fraudulent merchandise websites also present financial risks.
Hacktivist groups, particularly from Russia and Belarus, are exploiting the event’s international prominence to disrupt the Olympics for political purposes. Experts warn that these attacks could provoke real-world violence or disrupt the Games and democratic processes in France.
As the Olympics approach, experts emphasise the importance of robust cybersecurity measures. Organisations should implement advanced encryption, stringent access controls, regular security audits, end point protection, caution with public Wi-Fi, and multi-factor authentication (MFA).
The Centres for Medicare and Medicaid Services have announced the discontinuation of a program designed to assist Medicare providers and suppliers impacted by disruptions at UnitedHealth’s technology division, Change Healthcare.
Initiated in response to a hack at Change Healthcare on February 21st by threat actor ‘BlackCat’, the program will now cease accepting new applications as of July 12. It has distributed over $2.55 billion in expedited payments to 4,200 providers such as hospitals and $717.18 million to suppliers including doctors, non-physician practitioners and durable medical equipment suppliers, with a significant portion of these funds already recovered. Providers are now able to effectively submit claims to Medicare.
The cyber incident in February affected a key player in processing medical claims. The US Change Healthcare handles approximately half of all medical claims in the United States, serving about 900,000 physicians, 33,000 pharmacies, 5,500 hospitals, and 600 laboratories, adding to the growing cyber threat posed to the healthcare industry.
Denmark has raised its threat level for destructive cyber attacks from ‘low’ to ‘middle’ due to growing threats from Russia, the Danish Centre for Cyber Security (CFCS) announced on Tuesday. The new level, three on a five-level scale, indicates that while there are actors with the intention and capacity to carry out attacks, there are no specific indications of planned activity.
Defense Minister Troels Lund Poulsen highlighted the increased willingness of Russia to challenge NATO countries through various means, including sabotage and cyber attacks. Despite the heightened cyber threat, Poulsen emphasised that there is no direct military threat to Denmark, based on Danish Defence Intelligence Service assessments.
We’ve reported before that US authorities have been warning against imminent cyberattacks from Russia. This time, it’s the cybersecurity authorities from the Five Eyes – Australia, Canada, New Zealand, the UK, plus the USA – who are warning of the risk that cyberattacks are being planned against critical infrastructures in Ukraine and beyond.
The warning comes in a joint cybersecurity advisory, which refers to US intelligence that the Russian government may be exploring options for potential cyberattacks.
The advisory also notes that cybercrime groups that have recently publicly pledged support for the Russian government ‘have threatened to conduct cyber operations in retaliation for perceived cyber offensives against the Russian government or the Russian people.’ The same threat exists for countries and organisations helping Ukraine.
Several government websites in Israel – including the websites of the ministries of interior, defence, and justice – were unavailable for over an hour on 14 March. The incident was caused by a distributed denial of service (DDoS) attack against a communications provider, according to the country’s National Cyber Directorate. Access to the affected websites was restored later in the day.
No statements were made regarding attribution of the attack, although some media sources pointed to a possible Iranian involvement.
