Sergey Lavrov’s article "Global Cybersecurity and Russia’s International Initiatives on Combating Cybercrime"
External Economic Relations Magazine, Moscow, September 28, 2020
The situation in this sphere is far from ideal. Moreover, the international community is facing a real cyber pandemic, which can be seen not just in the invasion of the privacy of ordinary people throughout the world. We are deeply concerned about acts of cyber terrorism, that is, the increased number of hacking attacks on healthcare, fiscal and education establishments and international organisations recorded during the pandemic. Cyberattacks, which have been identified by the World Economic Forum (WEF) as one of top five global risks, are threatening the successful operation and very existence of entire industries. The figures are self-explanatory. According to the WEF, in 2019 alone the cost to the economy of cyberattacks was $2.5 trillion and the figure could reach $8 trillion by 2022.
Information and communication technology (ICT) is being widely used to interfere in the internal affairs of sovereign states. Some countries are openly discussing their alleged right to deliver preemptive cyber strikes on their potential adversaries, including their critical infrastructure.
The absence of a universal international code of conduct in the cyber sphere is jeopardising the sustainable socioeconomic, scientific and technical development of absolutely all states without exception. Humankind risks being drawn into a dangerous large-scale cyber confrontation, which could not be limited to any local area due to the cross-border nature of modern communications and the interdependence of national economies.
It is high time the international community drew the necessary conclusions about the use of ICT for regulating state cyber activities in a civilised manner, without hindering progress or infringing on fundamental human rights and freedoms.
Russia’s guidelines for supporting IIS take into account all aspects of this problem. We distinguish three groups of threats: military-political, terrorist and criminal ones.
It bears repeating that more than 20 years ago, in 1998, speaking at the United Nations, Russia was the first to warn the world about the risks posed by cyberspace, then in its early development, and to propose specific solutions for countering those risks. Our stance remains unchanged today and is as follows:
– All states without exception must be involved in resolving and discussing this global problem. It is also important to consider the opinions of other stakeholders (businesses, civil society and the scientific community);
– It is only possible to find a universal solution through talks under the auspices of the United Nations;
– The main objective of these negotiating efforts is to prevent conflict in the information space and to ensure that information and communications technologies are used solely for peaceful purposes. In this context, it becomes increasingly important to promptly reach agreement on rules of responsible conduct for countries to secure, in the digital environment, the principles of respect for sovereignty, non-interference in domestic affairs, non-use of force or threat of force, the right to individual and collective self-defence, respect for the primary human rights and freedoms, and equal rights for all states to participate in internet governance.
Unfortunately, a number of countries oppose this inclusive course with a different logic that substitutes fighting for equal and indivisible cybersecurity with a barely disguised intention to impose its own rules. In this way, they wish to preserve their technological advantages and continue taking unilateral coercive measures when it comes to ICT, and to ultimately arrogate the right to assign responsible parties in cyber incidents. Eventually, all this could turn the global information space into a new battleground.
For example, some are strongly against developing international legal instruments that would prevent the use of information technologies for strictly military and political purposes and would clarify which cyberattacks could be qualified as an armed assault and, therefore, be subject to Article 51 of the UN Charter on countries’ right to self-defence. They do not support the idea of strengthening the role of this world organisation in regulating political issues related to the use of information and communication technologies, including the establishment of international cyber arbitration or another permanent body dealing with international information security under its aegis. They deny the importance of involving the UN Security Council in analysing and settling international incidents and conflicts related to the use of ICT. They dispute the right of countries to sovereignty in ensuring national information security and over the information and communication infrastructure located on their territory.
With this in mind, it is particularly telling that Russia’s principled approaches are the ones being most widely supported in the world. The 73rd session of the UN General Assembly in 2018 adopted our resolution by an overwhelming majority of votes. The resolution not only outlined an initial list of rules of conduct for countries in the information space but also created an effective negotiation mechanism under the auspices of the UN in the form of an ad hoc working group with an open composition to find practical solutions to the international information security issue.
Acting on a parallel track, Russia initiated the drafting of a comprehensive international convention to counter the use of information and communication technology for criminal purposes within the UN framework. In this context, a draft resolution Countering the Use of Information and Communication Technologies for Criminal Purposes was submitted to the 74th session of the UN General Assembly. In all, 47 states co-sponsored the document. Approved by most Asian, African and Latin American countries, the resolution called for the establishment of an ad hoc intergovernmental expert committee with an open composition to draft the above-mentioned convention, with due consideration for existing international documents, as well as national and regional efforts to fight cybercrime.
The international community’s receptivity to the Russian initiative shows that the conclusion of such an agreement is a demand of the times, an awareness of a new reality linked with the rapidly increasing role of the information and communication technology and the challenges arising in this connection.
Russia will continue working to expand bilateral and multilateral cooperation on the entire range of topical matters of international information security, including in the interests of countering threats that arise during the large-scale use of the information and communication technology for military and political purposes. Our priorities include efforts to help draft and approve international acts regulating the use of the principles and norms of international humanitarian law in this area, the creation of favourable conditions for establishing an international law regime for the non-proliferation of information weapons, the drafting and implementation of multilateral programmes helping overcome information inequality between industrial and developing countries.
We are urging our partners to borrow the best aspects of the relevant experience for uniting the international community against the coronavirus pandemic and to creatively use this know-how in the cybersphere. It is important not to shelve pressing matters, not to engage in a political tug-of-war, but to focus on practical work and to pool efforts.
We are convinced that the 75th anniversary session of the UN General Assembly, opening in September, is called on to become a good opportunity for creating the foundations of an effective system of international information security. We hope that its participants will contribute to this work while developing solutions aimed at ensuring a stable post-COVID future for humankind.