The UN Security Council on Tuesday held its first formal public meeting on cybersecurity, addressing the growing threat of hacks to countries' key infrastructure — an issue U.S. President Joe Biden recently raised with Russia's Vladimir Putin.
While the U.S. envoy to the world body asked that member states respect a framework already in place, her Russian counterpart called for a new treaty to be drafted.
"The risk is clear. Cooperation is essential" to combat such attacks, U.S. ambassador Linda Thomas-Greenfield said, without mentioning Russia, which is often accused by Western countries of hosting hackers or directly engaging in cyberwarfare.
"The framework that UN member states have worked so hard to develop now provide the rules of the road. We have all committed to this framework. Now, it is time to put it into practice."
At their summit earlier this month in Geneva, the U.S. president set out red lines for Russia — 16 "untouchable" entities, ranging from the energy sector to water distribution.
"This is the generic list of critical infrastructure which every country has," said one European ambassador who specializes in cybersecurity and spoke to AFP under condition of anonymity.
Already in 2015, agreement had been reached on "refraining from malicious cyber activities against each other's critical infrastructures as UN member states," the envoy said.
Russia's UN envoy Vassily Nebenzia said Moscow would play a proactive role in the global fight on cybercrime, calling for the adoption of "new norms" through a legally binding treaty convention by 2023.
"If the threats posed to global cybersecurity have made us all equal, then we must ensure that debate takes place with all UN member states, and not within a tight circle of technologically developed states," the Russian diplomat said.
Tuesday's meeting — which was called by Estonia, the Council leader for the month of June — was held virtually.
The Security Council has addressed the subject in the past, but only informally, both in public or behind closed doors.
"It is not the usual arms control topic where you can sign a treaty and then just verify. You have to have a more innovative approach," the European ambassador said.
Western nations suspect Russia, backed by China, wants a new treaty so it can limit free expression on the internet, and hence limit political opposition.
"Estonia holds the strong view that existing international law, including the UN Charter in its entirety, international humanitarian law and international human rights law, applies in cyberspace," Prime Minister Kaja Kallas told the meeting.
France's trade minister Franck Riester proposed an action plan to ensure the norms in place are respected, saying: "We don't want a digital Wild West, nor do we want cyberspace to be partitioned off."
Several Security Council members acknowledged the grave dangers posed by cybercrime, notably ransomware attacks on key installations and companies.
Several U.S. companies, including the computer group SolarWinds, the Colonial oil pipeline and the global meat giant JBS, have recently been targeted by ransomware attacks, where a program encrypts computer systems and demands a ransom to unlock them.
The FBI has blamed the attacks on hackers based in Russian territory.
UN Undersecretary General for Disarmament Izumi Nakamitsu opened the debate by saying the world body had noted the "dramatic increase in the frequency of malicious incidents in recent years... from disinformation to the disruption of computer networks."
"Such acts are contributing to a diminishing trust and confidence among states," Nakamitsu said.
She said that as of January 2021, the internet had more than 4.6 billion active users, and that by 2022, there will be an estimated 28.5 billion devices connected to the internet — up significantly from 18 billion in 2017.