Tenth substantive session of the Open-ended Working Group on security of and in the use of information and communications technologies 2021-2025 on issues related to information security in the context of international security.
Agenda item 5: discussions on substantive issues contained in paragraph 1 of General Assembly resolution 75/240[1] Continue to study, with a view to promoting common understandings, existing and potential threats in the sphere of information security, inter alia, data security, and possible cooperative measures to prevent and counter such threats In 2020, the General Assembly through resolution 75/240, established a new five-year open-ended working group on security of and in the use of information and communications technologies 2021-2025. The group is mandated to further develop the rules, norms and principles of responsible behaviour of States; to consider initiatives of States aimed at ensuring security in the use of information and communications technologies; to establish, under the auspices of the United Nations, regular institutional dialogue with the broad participation of States; to continue to study, with a view to promoting common understandings, existing and potential threats in the sphere of information security, inter alia, data security, and possible cooperative measures to prevent and counter such threats, and how international law applies to the use of information and communications technologies by States, as well as confidence-building measures and capacity-building.
Machine-readable formats: Plain text · JSON
Transcripts available through this tool are created by using automatic speech recognition and are not official records nor official documents of the United Nations. Official records and official documents are available on the Official Document System of the United Nations. Learn more
Second meeting of the 10th substantive session of the Open-Ended Working Group on Security of and in the Use of ICTs is now called to order. Distinguished delegates, we'll continue our discussion on the topic of existing and potential threats under Agenda Item 5 of our Agenda is adopted. We have a list of speakers and we will continue with the speakers list starting with— we have about 35 speakers. As I said, this is of course a welcome indication of the interest and seriousness you attach to the topic, but I would invite you to be as succinct as possible and make available your full statement. And we'll start with Japan, to be followed by Australia. Japan, please.
Thank you, Mr. Chair. First, I would like to express Japan's appreciation to you and your team for your leadership and efforts to encourage productive discussions in the OEWG. In cyber domain, the risks that impede free access to and utilization of this area are becoming increasingly serious.
Sorry.
In particular, the threat of cyber attacks in which the risk of exposure is relatively low and attackers have an advantage is growing rapidly, and the growing threats posed by cyberattacks against the foundation of our society are also becoming ever more apparent. In particular, as the boundaries between contingency and peace and military and non-military operations become blur, we are concerned that cyberattacks aimed at disrupting critical infrastructure and governments and stealing sensitive information are becoming more common, even state-sponsored. In addition, the malicious use of commercial cyber intrusion tools, tools such as commercial spyware, ransomware, which can be also used to disrupt the operations of essential services, including hospitals, and cryptocurrency theft, are emerging threats to the entire international community. Mr. Chair, to reduce these risks and to address actual problems each country faces in cyberspace, it is imperative that we, the international community, work together using various types of tools available, that is rules, norms, capacity building, dialogues, and partnerships in the best way to combine them. Therefore, Japan believes that we should focus more on action-oriented, practical, scenario-based discussions. Thank you, Mr.
Chair.
Thank you very much, Japan. Australia, to be followed by Argentina.
Thank you very much, Chair. I'd like to express Australia's appreciation for your efforts and the efforts of your team in the Secretariat. Over many years to bring us to this point. Perhaps it's just me, but I think you may have tapped into several delegations in a teacher's pet this morning when you began by telling us that you are proud of all the progress we have made. Australia is also very proud of the concrete and tangible outcomes that this group has achieved, and we are looking to the future on two respects: our final report and our next mechanism. Regarding our final report, we have made significant progress in our 3 annual progress reports to date, recognizing several new threats since 2021, and Australia hopes that we're going to see these reflected in our final report. These include things like threats of new and emerging technology that can be exploited for malicious cyber activity, including the safety and security of AI systems, data aggregation, and IoT. Uh, we've also acknowledged the threat of increasing malicious cyber activity targeting critical infrastructure, uh, cyber threats targeting international and humanitarian organizations, ransomware, uh, and malicious software, uh, commercially available spyware and intrusion capabilities. And we've also recognized the need to consider gender perspectives in addressing cyber threats and, and the link between cyber threats and their detrimental impacts upon progress towards sustainable development. Australia hopes, uh, that we can continue our ambition and build upon this work in our final report to also acknowledge, uh, threats of malicious cyber activity on the resilience and integrity of electoral systems and processes, threats to telecommunications infrastructure in the face of climate change, uh, the prepositioning of cyber capabilities on civilian critical infrastructure, such as industrial control systems, where there is no justifiable reason for cyber intrusions, has the potential to cause disruptive and cascading effects. And finally, acknowledgement of the ongoing work across the UN to uplift sustainable digital development, several of which were referred to by Under-Secretary-General Nakamitsu this morning, including the Global Digital Compact, uh, the World Summit of Information Society, uh, 20-year review as some examples. Because we all know that cyber threats are multifaceted and they continue to evolve. Uh, for example, cybercrime threats, particularly those targeting critical infrastructure, government, industry, our communities, can rise to a threshold that does impact international peace and stability because of scope, severity, impact, and the potential to escalate tensions. And Australia has heard several compelling examples of this threat this morning and in our previous, uh, meetings. We've heard about banking fraud, data breaches, and ransomware on education and healthcare services. And on this point, I just want to note that last week Australia imposed targeted financial sanctions on an enabler of cybercrime, the hosting provider Zscaler, and 7 individuals who owned and operated that Zscaler hosting entity. We imposed these sanctions for their roles in providing the infrastructure used to host and disseminates sensitive health and medical data of over 9 million individuals that was stolen from Australia's largest health insurance provider in 2022. We see cyber sanctions as important work to disrupt and deter cybercrime because they help protect communities by exposing the malicious activities and identities of cybercriminals operating across jurisdictions, and they impose costs and consequences on criminals for their malicious cyber activity. This is why we consider response as key. As these cyber threats evolve, we must be agile in our ability to respond as an international community, and we should be building this agility and our flexibility into the future mechanism, including considering things like a risk-based approach, um, to cyber threats. The cyber threats that are set out in our APRs and that have been been described by colleagues here today and in our past sessions, provide the context against which the following discussions under our mandate and under our future permanent mechanism flow, and the context through which the work of this group and our future process becomes meaningful. Australia emphasises the value in creating a clear link between the existing and emerging threats we identify and the remainder of our work discussing recommendations and proposals for responsible— conduct of states in cyberspace for the way that we design our future mechanism. It's through the application of international law, including international human rights law and international humanitarian law, the application of our agreed norms and our confidence-building measures that we combat these threats. And effectively responding to these threats is only possible when we build fundamental capacity to ensure all countries are in a position to implement recommendations on law, norms, and CBMs, and therefore also in a position to combat these threats that we have identified in our processes. Australia looks forward to constructive discussions ahead this week and a successful conclusion of our work in July. Thank you.
Thank you very much, Australia, for your statement. Argentina, to be followed by Zimbabwe.
Eh, Senor President, Mr.
Chairman, first and foremost, we wish to thank the Chair, His the team and the Secretariat for their tireless efforts and for the tangible progress that we've made throughout this process. The ecosystem of vulnerabilities besetting critical infrastructure has extended considerably in recent years, and this is a shared concern both for states and for the private sector and civil society. With this in mind, under this agenda item, my delegation wishes to underscore the importance of bolstering and increasing cooperation with myriad stakeholders, primarily public-private cooperation to continue analyzing and identifying threats, promoting actions at a global level, and exchanging experiences, including a future permanent mechanism. In these endeavors, it's important to promote prudent interpretations regarding what type of activities related to ICTs can be interpreted by states as a threat.— the authority of each and every sovereign state within the framework of their national strategy for cybersecurity to define what is and what is not a threat. Moreover, it's up to them to determine existing and potential threats and measures that states might take to prevent them. These cannot, however, undermine essential principles of international law enshrined in the UN Charter. Threats do not arise from technologies themselves, but rather the how they are used. It is important to analyze advantages and challenges to the stability of cyberspace arising from new technologies, including AI and quantum computing. It is particularly concerning to note that the— note the increasingly frequent interpretations— operations, rather, we're seeing with malware, ransomware, and phishing, and the effects they're having on critical infrastructure. In terms of AI and the threat of intelligence It's normally the private sector that has the capacity and resources to explore the— Malaysia's software operations. As such, in our future permanent mechanism, we must strengthen international cooperation and cooperation with the private sector in this field. Thank you.
Thank you, Argentina, for your statement. Zimbabwe, to be followed by Canada.
Zimbabwe.
We can come back to Zimbabwe. Canada, to be followed by the Islamic Republic of Iran. Canada, please.
Thank you, Mr.
Chair.
Allow me to thank you and your team for your able and ongoing leadership of this body and your patience as as we move into the final phase of our work. This week at the OEWG, we are privileged to welcome again 44 of the Women in Cyber Fellows from a total of 37 states spanning the Americas, Europe, Africa, Asia, and Oceania. The presence of these women delegates is an important contribution to gender equity and a vital component of our debate. We take good note of the presence of the multistakeholder community at this session. And welcome, as you did, the ongoing growth of stakeholder engagement within this group. Engagement with stakeholders is essential to better understand the threats, as well as how we can best prevent, mitigate, and respond to them. Nevertheless, we strongly regret that 9 stakeholders who could also provide significant and substantive contributions on threats have been excluded from our discussions, a choice made by a few to the detriment of all others. Mr. Chair, Canada notes with concern that state-sponsored cyber threat actors are targeting critical infrastructure networks in Canada and allied countries, very likely to preposition for possible future disruptive or destructive cyber operations. This behavior runs contrary to the objectives of this body to create confidence between states and creates risks of misinterpretation that could be perceived as as escalatory. We remain deeply concerned by the threat of ransomware, the most disruptive threat currently for Canada. It is important to note that some states are very likely acting as cybercrime havens from which cybercriminals based within their borders can operate against targets. States sometimes work with non-state cyber groups as a force multiplier to enhance their capabilities to avoid— and to avoid direct attribution. We note that this week will mark the 3rd anniversary of Russia's invasion of Ukraine and the unacceptable ongoing use of cyber in its war of aggression and targeting of Ukrainian critical infrastructure. In the spirit of sharing information with the— within the OEWG, we'd like to note the publication by cyber agencies from Australia, Canada, New Zealand, the United Kingdom, and the United States regarding threats to edge technologies such as VPNs, firewalls, and routers. Our agencies have noticed that targeting edge devices has now become a tactic of choice for many malicious actors, including state-sponsored actors. The joint publication notably includes guidance for both executives and practitioners for mitigation strategies for the security of edge devices. Mr. Chair, last year's APR invited papers that addressed threats. One issue that has been raised prominently, both within this OEWG and elsewhere in the UN, is artificial intelligence. Canada is pleased to have circulated on the OEWG website a non-paper entitled Identifying the Scope for Discussions on Cybersecurity and AI at the UN. It is meant to contribute to focusing our discussions within the OEWG on what is really related to cybersecurity. The paper also recognizes that it is essential to cooperate between UN bodies to avoid duplication, while also ensuring the OEWG is able to stay up to date on discussions that are related but that happen within other parts of the UN. Finally, Mr. Chair, we would note that while our plenary discussions enable us to engage on threats in general, this format does not allow for interactive discussion or to engage in a deep dive on specific threats. This is why Canada believes it is essential to create cross-cutting thematic groups within a future POA, which would enable us to dig deeper. For example, on how to cooperate and share information with one another when there are threats with impacts beyond borders. I noted earlier, for example, threats to edge devices. Yet there is no time or space in this current body for detailed discussion of this threat and to allow other states to to better understand its implications for their national security, how this threat applies to norms, to international law, to gender, or to capacity building. Getting deeper requires a dedicated time and theme. More in-depth discussions with governmental and non-governmental experts, including legal practitioners, capacity building implementers, and the technical community, would lead to greater understanding not only of the threat threat, but of how different elements of the existing framework can be applied to address this threat. This type of deep dive discussion enabled by dedicated thematic groups would lead to greater confidence, to focused capacity building, and could have a real effect on national and international cybersecurity. Thank you, Mr.
Chair.
Thank you very much, Canada. Islamic Republic of Iran, to be followed by Italy.
Mr. Chair, at the outset, my delegation wishes to express its deep appreciation for the efforts that have been put into this process under your able leadership. We also thank Mrs. Nakamitsu for her opening remarks. Mr. Chair, we value States' continuous efforts to foster a shared understanding of ICT environments' current and emerging threats. Accurately mapping out the threat landscape is vital to devising policies and mechanisms that can achieve our vision of an ICT environment that is open, secure, stable, accessible, and peaceful for everyone. Since 2021, my delegation has used opportunities under this agenda item to prioritize the existing threats from its perspective. In this regard, we propose that the final report include the following threats highlighted by my delegation as well as by others during both the previous and current OEWG sessions. First, as we approach the final stage of our work, we would like to highlight the threats posed by the monopoly in ICT governance, which are significant and multifaceted and prioritize profit over the public good. Such concentration of power increases the risk of biased or discriminatory policies. It also undermines global collaboration and trust, as decision— decisions made by a monopolistic governance structure cannot reflect the diverse needs and interests of the international community. Second, the monopoly in internet governance exacerbates the most challenging threats faced by member states. In particular, it is interlinked with the ambiguity surrounding the responsibility vulnerabilities of the private sector and platforms and their activities with extraterritorial impact. Private sector companies and platforms operating across borders don't adhere to local regulations or align with the security and privacy standards of various countries. This uncertainty hampers effective international cooperation, undermines trust in the digital ecosystem, and leaves member states vulnerable to ICT threats, misinformation, and the erosion of digital sovereignty. Third, as highlighted by our delegation during the last meeting in December 2024, ensuring the integrity of the ICT supply chain and the security of ICT products are increasingly critical in designing, operating, and safeguarding the ICT-linked ecosystem. In this regard, we agree with China and Russia that the availability of secure supply chains for a state is a critical component in preventing the use of hidden malicious functions in ICT goods, especially mitigating the threats posed by the deliberate poisoning of ICT supply chains for criminal purposes. Fourth, we emphasize that unilateral coercive measures undermine state resilience and capacity to address and recover from ICT threats effectively, a topic that cuts across all the pillars of the work of ICT security. In conclusion, dealing with these challenges, in addition to mapping out the threat landscape, requires a careful examination of its technical and legal dimensions and the regulation of activities in this environment, which must be achieved through binding legal instruments. We see this matter as our accumulating task that should continue through our deliberated discussions, including in the context of the future permanent mechanism. Mr. Chair and distinguished delegates, I would like to take this opportunity to respond to unfounded and politically motivated accusation made by the representative of the United States and to bring the following to your attention. First, we categorically reject any politicized and unsubstantiated attribution raised by the representative of the United cyberspace against my country. Second, given the nature and technical characteristics of cyberspace and the challenges of attribution in information and technology environment, Iran warns of the negative consequences of falsified and forged attribution to the states. We need to observe the principles enshrined in the UNGA Resolution 73/27, which states that all accusations brought against states in organizing and committing wrongful acts should be substantiated. Paradoxically, this principle is being ignored by those states that advocate implementing the norms of responsible state behavior in ICT environment and at the same time make groundless accusations that contradict these norms. Public attribution of responsibility for incidents in information space to a specific state without any technical evidence is unacceptable. Third, the Islamic Republic of Iran has long been the primary target and the main victim of cyberattacks against its vital infrastructure, which have disrupted the delivery of public services and government— governmental functions. Attacks by Stuxnet on Iran's peaceful nuclear facilities and recent attacks on industrial infrastructure such as steel and petrochemical industries, gas stations, as well as municipal public services systems are a few examples of these cyberattacks. These malicious activities have been facilitated by and received unwavering support from the United States. United States must be held accountable for their— for its roles in these violations. I thank you, Mr.
Chair.
Thank you, Islamic Republic of Iran. Italy, to be followed by Israel.
Thank you, Mr. Chair. I would like to express our sincere appreciation for your leadership and extend our gratitude as well to the Secretariat for its invaluable support in our work. Italy fully aligns with the statement delivered by the European Union and would like to highlight the following key elements at national level regarding, uh, four issues: ransomware, spyware, AI, and quantum. We remain firmly committed to global cybersecurity resilience and recognize the importance of international cooperation in addressing cyber threats. Among those, ransomware remains a major global challenge. In 2024, in Italy, our national authority detected around 198 ransomware cases. However, it should be noted that these figures represent, represent only a small fraction of the total number of ransomware attacks that have actually occurred, as numerous attacks do not emerge publicly are not, not even reported to the authorities. This derives from the tendency on the part of the many victims not to report incidents, and on the other hand, from the choice of some criminal actors not to claim on their sites the operations to request the ransom. These factors contribute to reducing the visibility of this phenomenon, preventing not only an adequate understanding of its scope, but also the adoption of effective monitoring and contrast measures. Tackling this issue requires coordinated global efforts, and we fully support initiatives like the Counter Ransomware Initiative, which promotes a comprehensive and collaborative approach. We also support the Paul Moll process launched by France and the United Kingdom in 2024, which aims to tackle the proliferation and responsible use of commercial cyber intrusion capabilities. Mr. Chair, the rapid advancement of AI-based tools, including generative artificial intelligence, presents both important opportunities and significant risks. As highlighted by the UN Security Council meeting in November— in December 2019, AI has the potential to drive progress in fields such as medicine, disaster prediction, and sustainable technologies. However, its misuse could threaten global security, enabling cyberattacks, mass surveillance, violational human rights, and the development of autonomous weapons. With this regard, Italy is fully committed to providing its contribution to implement the Global Digital Compact. In this context, we also wish to highlight the Joint High-Level Risk Analysis on AI report recently drafted by the French Cybersecurity Agency, ANSSI, and co-signed by the Italian Cybersecurity Agency. This document, we believe, provides a concise analysis of AI-related cybersecurity risks, and it offers key recommendations for policymakers, developers, researchers to ensure that AI systems and their supply chains remain secure. In a similar vein, quantum computing offers great potential for scientific and technological advancements, but it also introduces significant cybersecurity challenges. In alignment with the UN designation of 2025 as the International Year of Quantum Science and Technology, We are actively supporting responsible quantum research, and we develop national and international research programs to address the security implications of this technology. To further this discussion, tomorrow we will co-host together with Ghana a side event at Lansheim on quantum technology and cybersecurity, where we will explore key challenges and strategies to address them. In conclusion, We strongly encourage the active engagement of all relevant stakeholders in these discussions. We believe that inclusive dialogue is essential to addressing the growing complexities of the cyber threat landscape, and we remain committed to working together to build a more secure and resilient digital future. Thank you, Mr.
Chair.
Thank you very much, Italy, for your statement. I give the floor now to Israel, to be followed by Croatia.
Thank you, Chair, for giving us the floor. As it's the first time my delegation takes the floor during the 10th substantive session of the Open-Ended Working Group, we wish to thank you and your team, as well as the UNODA, for the continued tireless efforts and dedication leading us through this process all the way to this final part of our collaborative endeavor. Mr. Chair, Today we mark 500 days since the October 7th, 2023 heinous murderous terror attack against Israeli citizens. In this period of time, the number of cyber terror attacks, attacking groups operating against Israel's cyberspace have tripled. They are attributed to Iran and its terror proxies, Hezbollah, Hamas, and others. In addition, the number of significant attacks carried against our economy and citizens have risen to 4 times compared to the number prior to October 7th, and their intensity is continuing to grow as we speak, even during the ceasefire that is currently in effect. An analysis of the sectors that experienced a significant increase in attacks are academia, with academic institutions, including some very senior professors and researchers, that have been targeted. We note also an increase in attacks against tech companies and internet hosting service providers, as well as few of our public hospitals—entities that are by all means, that they're first and foremost are dedicated to save lives. We underscore here that these hospitals did not serve as military installations. Rather, they are civilian facilities providing critical medical services to the public, and they were brutally attacked in which can only be described as a complete disregard for the norms of responsible state behavior. The attacks have been attributed without surprise to Iran and its malicious terror proxy, Hezbollah. Other sectors that suffered from an increase of attacks were our local municipalities, small and medium businesses, and our private citizens. Even some operations of our burial services— service providers were compromised. Iran is going after children as well, trying to attack safety systems in our public kindergartens, trying to harm the basic sense of security among our citizens. Mr. Chair, these actions should be condemned uniformly, especially in this forum. These ongoing malicious acts contradict basic principles of responsible state behavior in cyberspace. Nations that are advocating and call for the implementation and adherence to those principles should all stand together today with Israel and condemn them. An additional sphere which— sorry. An additional threat is the one posed by malicious actors in cybersphere which conduct influence operations through the extensive uses of botnets. And sometimes using real individuals recruited using some notorious al-Qaeda methods. They are all used to spread misinformation and fake news. Perhaps more severely, they are being used to polarize our democratic society and toxify our open public debate, harnessing freedom of speech to undermine our democracy. We have seen cases where bots overtook sometimes as far as 30% of all social media conversations in certain issues and debates. Let us be clear: bots have no right for freedom of expression. An individual affiliated with terror groups acting maliciously and in highly coordinated fashion should not get free pass under the guise of free speech, as well as orchestrated social campaigns that incite physical attacks on individual or groups. This phenomenon of cyberterrorism is particularly serious as it can directly threaten global and national security. Cyberterrorism is an issue that we hold must not be ignored. Mr. Chair, another emerging threat we should take into consideration is the cooperation between rogue states and non-state actors, like organized criminal actors and terrorist organizations acting as proxies. The boundaries between cybercrime as a service, criminal groups and rogue states, or terror organizations is blurring. The availability of advanced cyber tools in the hands of non-state actors and unauthorized private actors constitutes a serious threat. The malicious use of these sophisticated intrusive cyber capabilities by non-state actors and unauthorized private entities carries serious implications to national security and to the stability of cyberspace as a whole. In many cases, these malicious actors are also receiving safe havens by states, which enable them to pursue their harmful activities with impunity. In this context, offering hacking as a service and the illicit financing of cyberattacks by using cryptocurrency is a growing threat. This is an area where countries could collaborate in blocking funding and disrupting these malicious cyber activities. We believe that if we could develop an efficient mechanism to track, freeze, and seize cryptocurrencies on a global scale, we could drastically prevent many of these cyberattacks as well as ransomware operations. To conclude, Mr. Chair, Israel stands ready to cooperate with other states on the prevention and mitigation of such existing and emerging risks and threats in the cyberspace, aiming at building together a stronger global resilience. Thank you, Chair.
Thank you, Israel, for your statement. Croatia, to be followed by Estonia.
Before sharing some of Croatia's views, let me first start by reminding that Croatia aligns itself with interventions made by the European Union. Croatia appreciates the recent chain of online and town hall meetings you have organized, which provided us with an added opportunity to recognize potential conjectures and positions between different groups and help build needed consensus. This was a wise way of time, resources, and workload management. Now, let me quickly turn to malicious cyber activities that Croatia has faced directly, not just as potential threats, but real-time events. We have been subjected to a series of cyber attacks against our critical infrastructure, including healthcare facilities and transportation hubs, airport, amongst others. Many of those have been part of serious ransomware campaigns, while others may have been result of singular cyber attacks. On the basis of our own experience, we can attest the need to raise awareness and the sense of responsibility among states for them not to allow their territories and infrastructure to be misused in similar aggressive and criminal behavior. Moreover, the know-how and availability of hardware and software tools, or even of hiring specific illegal services in order to commit cyberattacks, is increasingly worrying. In addition, certain emerging technologies have the potential to be implemented in a manner that goes well beyond their intended purposes, becoming a tool in what is becoming more known as hybrid threats. This calls for deeper understanding and stronger cooperation with private sector and software developers, and if needed, clearer regulations to mitigate security risks and dual use concerns. As the landscape of cyber threats continues to evolve, it is vital that all stakeholders remain agile and proactive in developing strategies to counter these emerging risks. Moreover, our recent experience attests that a prompt and effective reaction often relies, if not entirely depends, on strong and responsive international cooperation. The exchange of best practices in this regard is becoming increasingly palatable, and it is likely that all states will find it of interest in the years to come. And what better place to do so than in this setting, or better yet, in its future format? Chair, with all this set in mind, Croatia looks forward to the ransomware and new emerging technology being acknowledged properly in the OEWG's output, but also in establishing a productive way forward for the work on cyber resilience and protection of critical infrastructure. Let's remember that at the end of the day, the most of the weight of cyber attacks falls on the shoulders of our citizens. And in attacks against infrastructure, the weight is the hardest. Finally, one of the least obvious yet systematic and significant threat lies in our inability or ability to identify our own weaknesses.— especially due to exaggerated and lingering stereotypes. In this regard, we call for bridging the usual digital, but also cybersecurity gaps in gender and age domains. We need to recognize the specific malicious gaps before they become threats by targeting these exact groups. We also need to recognize the untapped, or not enough used potential to increase our resilience, as well as our cybersecurity responses by involving more of our women and young. There should be no room for ageism as well. I thank you.
Thank you, Croatia, for your statement. Estonia, to be followed by the Republic of Korea, please.
Thank you, Mr. Chair, for giving me the floor, and I appreciate a lot your and the Secretariat's efforts in this Working Group. Estonia aligns itself with the statement of the European Union and adds The following: the global cybersecurity landscape remains deeply concerning. On the 3rd of February, uh, 2025, Estonian Information System Authority published the Yearbook of 2024, which is also publicly available and soon will be available in English. It indicates that a record number of 6,000 4,415 incidents with impact were registered last year, compared to, um, 3,314 incidents in 2023. The most common category of cyber incidents remains phishing and online fraud, targeting individuals, businesses, and institutions alike. This is followed by distributed denial of service attacks, financial fraud, and other cyber-enabled crimes, all of which have been on the rise. Adding to this alarming picture, uh, 40,287 security vulnerabilities were identified globally last year, each one a potential entry point for cyberattacks. Furthermore, in the context of cyberspace, the protection of the critical infrastructure infrastructure has become more crucial as hybrid threats continue to grow. Attacks against critical infrastructure are rising, for instance, in the Baltic Sea, and GPS interference reflecting broader geopolitical tensions. Recent incidents of damage to undersea communication cables in the Baltic Sea highlight the need to address these threats to critical undersea infrastructure. Next week, on February 24th, Ukraine marks the third anniversary of Russia's military aggression, with cyber warfare remaining a critical front in the conflict. Ukraine has faced persistent cyberattacks, also targeting its critical infrastructure. Despite these threats, Ukraine has significantly bolstered cyber resilience. Estonia, along with other like-minded countries, has been providing cybersecurity assistance to Ukraine, and we remain committed doing so through Tallinn Mechanism, which is focusing on civilian cyber capacity building and other initiatives. Today and also in the future. Last week, Australia imposed cybersecurity-related sanctions. In 2022, Australia experienced its largest cyber incident when Medibank Private was compromised. Estonia stands in solidarity with Australia and supports in attributing this attack to the hosting provider state scaler, and Russian individuals. Our goal is to promote responsible behavior in cyberspace, as such kind of attacks cannot be tolerated. Mr. Chair, we have consistently, openly, and transparently talked about the threats that concern us. And looking at how more and more countries have also described their threats, in the open-ended working group sessions shows that it is important to continue these discussions and there is a clear need for a future permanent mechanism. We support and promote an action-oriented and cross-cutting approach to address concrete challenges that states are facing in upholding international security and effectively responding to cyber threats. Thank you.
Thank you, Estonia, for your statement. Republic of Korea, to be followed by Switzerland.
Thank you, Chair. I would like to join previous speakers in extending appreciation to the Chair and the Secretariat for their hard work in preparing for this meeting. At the outset, we welcome the first mention of undersea cable protection in the third annual progress report. Malicious actions against such critical infrastructure pose a serious threat that paralyzed the international community's communication networks and international technology infrastructure, and this should be clearly reflected in the final report. Incidents of undersea cable damage continue to occur, and cyber threats to critical infrastructure, including pipelines, water facilities, and satellite communication networks, are also on the rise. It is important to note that cyber attacks on critical infrastructure has the potential to escalate into cyber kinetic threats, leading to physical damage such as power outage, water contamination, and transport failure. In case of our country, since the major nuclear power plant hacking incident in 2014, we've been continuously experiencing cyber threats to, uh, critical infrastructure. In particular, ransomware emerged as a key tool for attacks on critical infrastructure within last 5 years. For example, in October 2023, a ransomware attack by the No Escape Group encrypted and stole internal data from a domestic petroleum manufacturer. Additionally, a ransomware-related personal information breach occurred at a domestic medical facility. As seen in the previous cases, ransomware attacks and cryptocurrency theft go beyond a mere cybercrime and pose a definite threat to international peace and security. As previously mentioned in the 7th, 8th, and 9th substantive sessions, we once again emphasize the need to reflect this point in the final report. It is regrettable that in the adoption of third annual progress report, cryptocurrency theft was the only threat categorized as affecting international security rather than international peace and security. According to statistics from Korea Fiscal Information Service, North Korea recorded the largest amount of damage in 2024. Stealing a total of $1.34 billion worth of cryptocurrency through 47 cyberattacks. North Korea's state-sponsored cryptocurrency theft is a strategic move to evade international sanctions and finance its military activities, such as development of WMD and nuclear programs. This is clearly stated in the 2023 report of the Fenolab efforts, which it has established pursuant to UNSC Resolution 1874. As the international society has collectively acknowledged that such illegally acquired funds can be used for malicious activities that impact international peace and security, our final report must clearly reflect this. Lastly, we would like to draw your attention to one of the major emerging cyber threats Hactivists, they are actively leveraging ransomware and cryptocurrency theft for political and ideological purposes. In particular, state-sponsored hacktivist groups target cryptocurrency exchanges and financial institutions using the stolen funds to fuel their further cybersecurity threats. States should refrain from using ICTs in ways that violate their obligation under the framework of responsible safe behavior in the use of ICTs. Furthermore, it is worth discussing the need to address the growing cybersecurity threats posed by hacktivists' malicious use of AI. Dear colleagues, we would like to emphasize that our conversations on norms, international law, confidence-building measures, and capacity building all serve a single purpose: to collectively address cyber threats to international community. In this regard, even consensus would be meaningless if we fail to accurately reflect the realities of these actual threats. Thank you.
Thank you, Republic of Korea, for your statement. Switzerland, to be followed by Germany.
Thank you, Mr. Chair. First, Mr. Chair, I would like to Thank you and your team for all the hard work you put into the work of this group. We agree that this group has made a lot of progress in recent years, and you have given many examples in your opening speech. In the chapter on threats in the third APR, Switzerland particularly welcomes the paragraphs expressing concern about the increase in attacks against international and humanitarian organizations or critical infrastructures, the use of malicious software, especially ransomware, the need to secure undersea cables, the increase in cryptocurrency theft, the growing market for commercial intrusion capabilities, and the safety and security of AI systems. These are all issues that we need to continue to address. The third APR highlighted with concern that increasing The increasing frequency, scale, and severity of ransomware attacks cause harm, disrupt essential services to the public, may have an impact on international peace and security. Unfortunately, this trend is continuing as the very disturbing trend of blurring the lines between state-sponsored and criminal activities. According to report by Mandiant Consultants, they responded to almost 4 times as many intrusions conducted by financially motivated actors than state-backed intrusions in 2024. But the expert found that state-backed groups were leveraging expansion of the criminal— the cybercriminal ecosystem for their own benefit. State-backed activity can no longer be evaluated in isolation from financially motivated intrusion. The vast cybercriminal ecosystem acts as an accelerant for state-sponsored operation, providing malware, vulnerabilities, and in some cases, full spectrum operations to states. Such cooperation raises serious security concerns, as this could lead to more widespread and damaging attacks on a global scale. It's key that all member states do their utmost in avoiding their territory or infrastructure being used for such attacks. In our view, 3 points are important to effectively combat the scourge of ransomware: respect of international— for international law, including the principle of due diligence; the repression of criminal groups while simultaneously preventing and strengthening resilience; and international cooperation. The fact that international cooperation can be successful was demonstrated last week Such international cooperation, in which Swiss Federal Police were also involved, led to the arrest of several European members of a criminal group in Thailand. This group attacked over 30 companies, including 17 in Switzerland, with ransomware. Mr. Chair, in recent months, we have also seen continuing state-sponsored campaigns to breach telecommunication companies and compromise network devices globally. Several of these devices were also connected to universities. The exploitation, the breach of the telecommunication infrastructure is contrary to the framework of responsible state behavior, may pose a strategic threat to national security, and highlights the risk of unpatched devices. Mr. Chair, we also continue to observe the worrisome development of non-state actors being— involved in offensive actions against ICTs within the framework of armed conflict between member states. The direct or indirect tolerating, respectively incentivizing, of such actors raises the threat of direct or indirect attacks on third parties, as well as uncontrolled spillover effects. Mr. Chair, it is key to first and foremost establishing an exchange of each member state's perception of the identified threats. This can happen through bilateral, regional, or multilateral fora. The future permanent mechanism should also serve this purpose. A common understanding of the threats will enable states and non-state actors to discuss together how to apply existing international law, how to implement the norms and confidence-building measures, and what, what capacities— sorry, are needed to do so. With regard to capacity building, the focus should be on identifying the specific needs of member states and regions to build and establish the necessary capacities to respond to the identified threats. The Programme of Action is the blueprint for such a mechanism. I thank you.
Thank you, Switzerland, for your statement. Germany, to be followed by Zimbabwe.
Thank you, Chair. Germany aligns itself with the statement of the European Union and wishes to deliver the following remarks in a national capacity. Chair, we are convening this week under heightened geopolitical tensions, which also affect the stability of cyberspace. Earlier this afternoon, and building on two days in previous discussions, Australia has provided a compelling list of cyber threats that warrant consideration in the final report.. I won't repeat them, but rather highlight 3 key trends coming out of the recently published annual security report of Germany's National Cyber Security Agency, which are ransomware, which has been mentioned by a number of colleagues, the security of IoT devices, and the cybersecurity of aspects of large language models. Ransomware continues to pose one of the most significant threats to our economies and our societies. Attacks on critical infrastructure and government services such as hospitals, public utilities, and schools undermine trust in public authorities and may have a destabilizing effect on our societies. Earlier this year, 50 schools in one of our federal states were targeted by a global ransomware group, temporarily disrupting a safe learning environment for children. Germany remains concerned about increasingly professionalization of these ransomware criminals. With division of labor between ransomware as a service, access as a service, and malware as a service further increasing. The lines between state-sponsored actors or APTs and cybercriminal groups continue to blur with a potential destabilizing effect on cyberspace. We also continue to be faced with severe incidents in the context of the Russian war of aggression against Ukraine that also had direct impact on us In response to the statement by one delegation, Germany would like to reaffirm that our allies and Germany are cooperating with President Zelenskyy as the legitimate head of government of Ukraine. In particular, the Tallinn Mechanism is a vehicle to strengthen Ukraine's civil cyber resilience against deliberate malicious cyber activities directed at civilian critical infrastructures. Secondly, Germany's annual cybersecurity report highlights the growing threat of vulnerabilities in IoT devices. Overall, we observed an average of over 300,000 new wormware variants per day, an increase of 26% over the previous year. In one particular case of IoT vulnerabilities, we observed the selling of compromised IoT devices such as digital picture frames via online shopping platforms. The IoT devices contained pre-installed malware that were then used to create bot networks. These networks were exploited by malicious actors to commit crimes such as fraud and to spread disinformation on social media platforms. They were also used to undertake malicious cyber activities such as breaching the computer systems of third parties or to obfuscate origin of malicious cyber activities. Thirdly, one key trend, as inter alia indicated by El Salvador in Italy, is the use of artificial intelligence and large language models— by both criminal and state-sponsored actors for malicious cyber activities. Malicious actors use AI to create messages, websites, and social media content for phishing and information manipulation operations. With regard to the future mechanism, we believe that a cross-cutting, concrete, and action-oriented approach to our future work, such as, for example, focusing on enhancing resilience and effectively responding to cyber threats, is best suited to address the concrete challenges presented today and faced by states in addressing cyber threats and maintaining international security. Before I conclude, I would like to underline that Germany is committed to building more inclusive debates on cyber issues at a global level. During today's lunch break, we hosted a side event for African diplomats at the German House that features a scenario-based discussion on critical infrastructures. It is part of Germany's cooperation with the African Union's Commission on a 4-week training in Addis Al-Baba and here in New York. And as this is my first time taking the floor at a meeting of the Open-Ended Working Group, I would like to thank you, Mr. Chair, and your team for your continued engagement. My delegation looks forward to continuing the good work. Thank you.
Thank you very much, Germany, for your statement. Zimbabwe, to be followed by Algeria.
African Group. Zimbabwe aligns itself with the statements delivered by the African Group. I will make the following remarks in a national capacity. At the outset, Mr. Chair, my delegation welcomes the progress made since this critical process began in 2021. The consensual adoption of the third annual progress report by the General Assembly and the productive discussions at the 9th Substantive OEWG session in December 2024 reflect our shared commitment to a secure ICT environment and enhanced global cybersecurity cooperation. Zimbabwe remains dedicated to advancing these discussions as we transition to a permanent mechanism. We acknowledge the chair's non-paper and its recommendations. Stressing that the transition must be seamless, equitable, and beneficial to all. This is especially crucial for developing nations where cyber vulnerabilities heighten risks and deepen digital divides. A just and inclusive approach is essential to ensure all countries help shape the future of cyberspace. The involve— the evolving IC3 ICT threat landscape is deeply concerning. Supply chain attacks, AI weaponization, misinformation campaigns, social engineering, and ransomware not only disrupt systems but also erode trust, weaken governance, and threaten democracy. Their impact can be as destructive as direct cyberattacks. Moreover, attribution remains a global challenge as cyberattacks are difficult to trace and often politically manipulated. To uphold accountability, attribution efforts must be transparent, evidence-based, and supported by international cooperation. Chair, as cyber threats continue to evolve, no nation can afford to stand alone. We must collaborate to ensure our digital future, ensuring that all states, regardless of their economic, or technological capacity can contribute to and benefit from a safe and stable cyber environment. In conclusion, the transition to a future permanent mechanism presents us with an opportunity to build a truly global, equitable, and resilient cybersecurity framework, one that is responsive to the needs of all nations and adaptive to the fast-changing digital landscape. Escape.
I thank you.
Thank you, Zimbabwe, for your statement. Algeria, to be followed by Kuwait.
Shukran, Sayyid al-Rais.
Thank you, Chair. At the outset, allow me to express to you our thanks and appreciation for your outstanding efforts over the last 4 years as chair of this working group. We hope that this 10th session, which is the last, as we hope, in this cycle, will allow us to develop a mechanism that would establish an open, safe, stable, peaceful cyber environment. We align ourselves with the statement of Nigeria on behalf of the African Group, as well as the statement that will be delivered by the delegation of Kuwait on behalf of the Arab Group. Chair the international community for more than 20 years under the aegis of the United United Nations has striven to strengthen the concept and understanding of dangers in the cybersphere. Many U.N. reports and other reports have put forth the idea that we cannot address these challenges except through concerted international action. There is a possibility for the use by states of new technologies, that is ICT, for non-peaceful purposes. And there's a possibility that terrorist groups can also access these technologies, a growing risk indeed. There's also a growing danger of cyberattacks of increasing complexity, and this jeopardizes not only state infrastructure but also international peace and security. Thus, my delegation would like to highlight the following threats. First of all, cyberattacks that use hacking or spying programs which are targeting public sectors or sensitive economic sectors. Secondly, targeting infrastructure, including vital information infrastructure, through Various types of software, ransomware, that can even paralyze essential services in areas such as energy, water, transport, healthcare, etc., which threatens the lives of citizens as well as public safety and well-being. Thirdly, disinformation campaigns conducted by govern— governments with malicious intent. These may make use of social media in order to destabilize societies. Mr. Chair, these threats reflect the risks associated with the use of modern technology for non-peaceful purposes. And this entirely runs counter to the UN's principles and purposes, as well as international law, especially the principle of respecting national sovereignty and non-interference in the internal affairs of states. Given the recent developments in cyberspace, as well as the ICTs, in addition to the rapid development of AI. This is creating many opportunities, but at the same time giving rise to security gaps. Therefore, my country believes it is critical to continue researching these threats and and regularly examining them. We must intensify our efforts to build capacity to ensure that developing countries can address these threats. We also believe that it is crucial to develop voluntary criteria for responsible conduct of states, and we must also emphasize the need to establish or adopt binding instruments that would establish a robust foundation for oversight and cooperation in a general and transparent manner in cyberspace. Thank you.
Thank you very much, Algeria, for your statement. Kuwait, to be followed by South Africa. Please. Mr.
Chair, the State of Kuwait, on behalf of the Arab Group, delivers the following statement. At the outset, the Arab Group expresses its support to the Open-Ended Working Group under your chairmanship, Your Excellency Ambassador Borhanawor. The meetings under the umbrella of this group and for 4 years was the most important platform to consult and discuss related topics to cybersecurity. In this regard, we commend the adoption by consensus to the report of the 8th session of the Open-Ended Working Group and the success of the 9th session in December 2024. We look forward to ongoing discussions and consensus on the points under review during this session and the upcoming one in order to move smoothly to the permanent mechanism for the institutional dialogue in July of 2025. The Arab countries attach great importance to the cybersecurity issues and to have a safe and secure and sustainable cyberspace, one that supports the achievement of sustainable Sustainable Development Goals. The Arab Group emphasizes the importance of guaranteeing use of ICT technologies perfectly aligned with the purposes of the Charter of the United Nations and international law, especially sovereignty and principles of non-interference, and to also guarantee the peaceful coexistence between states. And we note the establishment of the Ministerial Council for Cybersecurity under the auspices of the Arab League, and we are taking steps in order to operationalize this fully as a specialized regional platform. On the list of the threats related to cybersecurity, we state the following. The rapid increase of the use of ICT and the increased use of digital systems within the international plans for digital transformation sheds highlight on the pivotal role of this, especially for developing countries, in order to build their capacities relevantly in order to provide digital access to all with no discrimination and to provide the needed capacities for those countries in order to face the increasing threats in the cyberspace, whether those related to defining the nature of the threats, which includes, in addition to targeted attacks to strategic vital infrastructure, the large-scale, non-discriminatory attacks attacks against civilians and spread terror, especially if those were made by state actors. And other threats that are not— of no less importance, including targeting supply chains, misinformation campaigns and disinformation campaigns, the ransomware or attacks against the electronic systems of national and regional institutions in a way that impedes the sustainability of the work in these institutions. That requires developing tools in order to face those threats, taking into account the transboundary nature of those threats. Thank you, Chair.
Thank you very much, Kuwait, for the statement on behalf of the Arab Group. South Africa, to be followed by Indonesia.
Thank you, Chairperson.
We wish to thank you, Chair, and your team for your stewardship and dedication in steering this process forward. We also wish to align with the statement delivered by Nigeria on behalf of the Africa Group.
The open-ended working group has provided member states with a platform to express their intention to continue cooperation on identifying and addressing threats to the security of information and communications technologies. The threats to critical infrastructure and critical information infrastructure are evolving as the technologies develop over time. We believe that the growing and evolving threats should continue to form a focal point of discussion in one of the dedicated thematic groups in the new permanent mechanism. We are called upon as the international community to enhance cooperation, to cultivate a culture of awareness. South Africa holds the view that collaboration among different communities such as technical, legal, academia, and diplomats, and encouraging open dialogue could assist in addressing emerging threats as discussed in the third APR. South Africa believes that the regular exchanges of information among member states and briefings by civil society, academia, and business should be encouraged in the permanent mechanism. Through the Global POC Directory and other forums, we could share information and experiences on how technology such as AI can be used for prevention and automated responses to reducing the rising trend of cyber threats. The Global Cybersecurity Cooperation and Capacity Building Portal would be a critical tool in assisting member states to develop their knowledge of emerging threats to ICT security. We believe that regular exchange of information between member states, in person and virtual, would allow a faster transmission of trends in the area of new and emerging technologies. I thank you.
Thank you, South Africa, for your statement. Indonesia, to be followed by France.
Thank you, Mr. Chair. Allow me to extend our most appreciation to you, your dedicated team, and the Secretariat for your great work for facilitating this OEWG session. As we are nearing the conclusion of this forum mandate, it is crucial for us to continue our work to amplify the foundation of trust, confidence, and convergences on ICT security matters. Strengthened cooperation among member states becomes very crucial, and we have to also aim towards establishing a future permanent mechanism. Mr. Chair, distinguished delegates, Indonesia has identified key cyber threats expected to emerge in 2025 that pose operational risks to national and global security. These threats include website defacement targeting critical services, AI-powered cyber threats, phishing and malware that exploit systems' vulnerabilities, advanced persistent threats, and distributed denial of service, as well as stolen credentials. These challenges are not unique to any single nation. Indonesia therefore sees the importance of stronger global collaboration to to ensure equitable capacities, including with the private sectors, to prevent, detect, and respond to malicious ICT activities. Efforts to raise awareness, knowledge sharing, and technical cooperation will benefit us in facing these common threats together. Mr. Chair, in line with our belief, we therefore welcome the proposal and ideas of a dedicated global ICT security cooperation and capacity building portal proposed in the Secretariat's paper. The portal will immensely support our collective needs of a global platform dedicated to sharing information of existing and emerging ICT threats. We hope that this portal will be based on mutual trust and commitment and serve as a safe communication channel to provide reliable, timely, and accurate information of ICT threats through this information repository. This portal can also aid in building trust and transparency among member states by sharing incident data, mitigation, mitigation strategies, and effective response frameworks. Also facilitating discussions on threats to specific critical infrastructures, including health, energy, and financial sectors, as well as strengthening collective efforts to anticipate and coordinate response to such threats. In conclusion, Mr. Chair, Indonesia has high hopes and confidence in this OIWG as an essential platform for fostering trust, building capacity, and enhancing cooperation. We believe OIWG will always play a crucial— a crucial role in shaping a secure and stable cyberspace, ensuring global peace and security. Thank you, Mr. Chair.
Thank you, Indonesia, for your statement. France, to be followed by Albania.
Mr. President. Mr. Chairman, the delegation aligns itself with the statement delivered by the European Union and would like to make the following remarks in its national capacity. I will focus, due to time constraints, on the nexus between cybersecurity and artificial intelligence. Following the AI summits organized by the UK and South Korea last year, France in turn organized the Summit for Action on Artificial Intelligence in February 2025. At the heart of the summit's work was the need to build a safe and secure AI. A trustworthy AI that remains at the service of the public interest. This summit took a multi-stakeholder approach, which was very fruitful because civil society actors and the private sector made significant contributions. I'd like to particularly underline the importance of academia during the two scientific days prior to the high-level segment. Indeed, it is impossible to imagine regulating a new technology without objective data, including data on the risks associated with such a technology. I'd like to present two results of this summit on the nexus between cybersecurity and AI. AI. Firstly, as mentioned by our Italian colleague, a joint risk analysis was co-signed by 19 national cybersecurity agencies. It puts forward concrete recommendations for users, suppliers, and developers of AI systems to develop trust in AI through a cyber risk risk-based approach. Three main conclusions can be drawn from this collective work. First of all, cybersecurity agencies have a crucial role to play in the safety of AI systems. It is therefore essential to define the responsibilities and parameters of their roles. Secondly, AI systems face the same generic cyber risks as any other information system. Consequently, most of the usual cybersecurity recommendations apply, especially when it comes to hosting on cloud infrastructure. Third, particular attention must be paid to the use cases of AI systems to reduce their exposure to cyber risks. I now invite delegations to consult this risk analysis translated into English and available on the website of the French national agency, ANSSI. These are the kinds of action-oriented recommendations that a working group dedicated to resilience could help to disseminate widely as part of the work of the future POA. The second deliverable of this summit was a crisis simulation exercise that brought together almost 200 players from the AI and cyber fields to solve a simulated practical case. This exercise showed the need for cooperation to anticipate and integrate cyber risks right from the design phase of AI systems. The discussions from the exercise will be transcribed will be described in a post-action evaluation report to be published in the coming weeks. This report will enable us to capitalize collectively on this experience. Mr. Chair, allow me to conclude by saying a word on addressing threats within the future mechanism. We must seize this opportunity to develop new modalities for a more action-oriented discussion of threats. What is the point of listing threats exhaustively if we don't ask ourselves how to deal with them collectively? What regulations apply? How can we cooperate to reduce these new threats? How can we build the capacity of our cyber ecosystems to deal with them? That's why we're proposing that when the subject warrants it, meetings of the Resilience Cooperation— and Stability Working Groups are to begin with an expert briefing on the threats before we look at the challenges and then needs, especially when it comes to capacity building. In this way, the group's technical discussions will be rooted in real challenges and will feed into the discussions of the future plenary on the threats pillar. Thank you.
Thank you, France, for your statement and also for your update on the AI summit that was hosted by your country. Albania, to be followed by Ghana.
Dear Chair, distinguished delegates and state representatives, Albania fully aligns to the statement of European Union. Albania reaffirms— its strong commitment to advance international cooperation in cybersecurity. We recognize the growing significance of promotion of common understanding of both existing and emerging threats in the sphere of information security. The increasing reliance on information and communication technologies has amplified the risk associated with cyber threats. Threats. Cyber domain for decades has been considered as the fifth domain of war together with land, water, air, and space. Due to the effectiveness of a weapon targeting the interconnected digital world, this domain of war offers a unique ability: anonymity. Malicious activities in the international cybersphere pose serious challenges to the national and global stability. Part of the organization— of international organizations, Albania has signed a series of strategic cooperation agreements with historical and key partners, including the United States, European Union, Israel, and other like-minded nations, focusing on cybersecurity defense, intelligence sharing, and the promotion of shared democratic values. As an inspiring member of the European Union, Albania is actively working on opening very soon accession chapters that include digitalization, cybersecurity, and data protection. Cyber resilience is at the core of our national digital agenda, ensuring secure information management and protection against evolving threats. Threats. As part of the Western Balkan region, Albania understands the critical role of cooperation in the countering together cyber threats. No country is immune to sophisticated cyber attacks, and only through strong partnerships, joint policies, and ambitious cybersecurity strategies we can build resilience against external destabilizing factors. As part of the EU Growth Plan, Albania has undertaken major initiatives in digital security and e-governance, including electronic identification and trusted digital services, ensuring secure transactions and authentication alignment with EU regulation eIDAS 2.0, facilitating seamless and secure digital trade across borders. Furthermore, Albania has strengthened its cybersecurity framework by actively sharing intelligence on cyber threats with both regional and international partners. This underscores our firm commitment to proactive collaboration in tackling cybersecurity challenges at all levels. Additionally, Albania has identified 17 critical sectors requiring advanced cybersecurity measures. To address this, Albania is implementing the CIM3 standards to establish a three-layered cybersecurity architecture for organizational protection, developing sectorial computer security incident response teams aligned with European Cybersecurity Framework. We remain committed to sharing our experience with both regional and global partners. We strongly recommend that European institutions such as European Union Agency for Cybersecurity actively include Albania and the entire Western Balkan region in the strengthening Europe's digital security landscape. Furthermore, Albania contributed to the development of the Cyber Defence detection in the NATO's white paper by analyzing the use of generative AI in defense systems, offering valuable insights into its potential application. This contribution to the Data and Artificial Intelligence Review Board of NATO emphasized strengthening threat detection, prevention, and response through AI, offering early identification of cyber threats. Improving decision-making, and creating realistic simulations for military preparedness. These efforts align closely with NATO's objectives, ensuring that the Alliance remains agile and robust against the possible threats. In addition, Albania has recently published its AI use methodology grounded in the principles of OECD and aligned with the EU AI Act.. This methodology ensures the ethical and responsible application of AI across all systems within the country, encompassing both the public and private sectors. Countering potential threats in the sphere of information security in the government of Albania cyberspace, we implemented Zero Trust principle, which is the latest international security best practice. Assuming no one is trusted in the interconnected digital world, and today is a must, we combined this solution with a multi-layer approach strategy such as defense in depth, and Albania maintained resilience against sophisticated and nation-state actors. With more than 95% of the public services online only, we are aware that digitalization becomes malicious actors' favorite target. And this was clearly proven 2 years ago during the sophisticated state-sponsored attack that attempted to disrupt all Albania's digital systems. Cooperative approaches to incident management and malicious activities has been imperative. Cyberattacks can escalate tensions, disrupt critical infrastructure, and even lead to conflicts if they are misattributed. Strengthening diplomatic dialogue through communication between computer emergency response teams, between point of contacts directorate members, threat intelligence sharing, and regional or bilateral agreements are the mechanism that every state in the dynamic cyberspace domain must follow. The National Cyber Emergency Response Team and the government CERT in Albania are leading regional efforts to foster cooperation on sharing information and accelerating diplomatic traditional pace by leveraging cyber diplomacy. Albania reaffirms its unwavering commitment to collaborating with the United Nations member states to advance international dialogue, reinforce multilateral cybersecurity cooperation, and build a resilient and secure digital future. Albania will actively engage in diplomatic initiatives aimed at fostering mutual trust, promoting responsible state behaviors in cyberspace, and enhancing collective cybersecurity resilience. The digital space cannot be turned into another theater for conflict. Conflicts. Let us use it as a tool to ensure peace, sustainable development, and human rights for all. Albanian delegation would like to thank your chair and your team for the excellent work for preparing this meeting. I would like also to thank, uh, the program, the great program, uh, Women in Cyber, for making possible for Albanian delegation and all these wonderful women to to be with us in this room today. I thank you for the attention.
Thank you, Albania, for your statement. Ghana, to be followed by New Zealand.
I thank you for giving me the floor, Mr. Chair. As the digital landscape continues to evolve, so do the threats that undermine the security and stability of information and communication technology. Between January and December 2024, Ghana Cybersecurity Authority recorded a total of 15,279 interactions through the National Cybercrime Cybersecurity Incident Reporting Point of Contact portal. Of this total, 207— 2,752, which constitutes 18% of the reports, were actual cyber-related incidents. While 12,395, which constitutes 82% of the reports, were advisories to the public aimed at helping them avoid becoming potential victims of cybercrimes. The top 5 incidents recorded during this period included online fraud, unauthorized access such as WhatsApp account takeovers, phishing, etc., online blackmail, cyberbullying, and information disclosure, such as posting nude images, videos, and videos of non-consenting individuals. Cyber threats are becoming increasingly sophisticated, transnational, and disruptive, posing significant risks to national security, economic stability, and societal well-being. Attacks on the critical information infrastructure additionally continue to affect socioeconomic development. To this end, building a robust and resilient cybersecurity architecture must remain a key priority. My delegation further acknowledges that addressing existing and potential threats require a coordinated and multi-stakeholder approach. In this regard, proactive cybersecurity initiatives like the Global POC mechanism play a crucial role in incident response by facilitating voluntary information sharing, including during urgent cyber incidents. Mr. Chair, regional and international cooperation is especially crucial in addressing both existing and potential cybercrime threats and ensuring resilient ecosystems. A notable example of such regional collaboration is through networks like the Association of Southeast Asian Nations Regional Computer Emergency Response Team,, as well as the Africa CERT, of which Ghana is a member. Regional initiatives like these further boost CERT-to-CERT cooperation and continue to remain crucial in addressing existing and emerging threats. Furthermore, Ghana is currently the chair of the African Network for Cybersecurity Authorities, ANCA, a platform designed to enable African nations collaborate in tackling the growing challenges posed by cyber threats. With the recent launch of the ANCA 5-year strategy and establishment of its constitution earlier this month, it is anticipated that a more robust approach to cybersecurity resilience and regional cooperation will be achieved across the African continent. By leveraging such networks, member states are provided with invaluable opportunities to enhance their collective preparedness and response capabilities. Furthermore, recognizing the ever-changing nature of cyber threats, Ghana believes There is a pressing need for increased investments in research and innovation to strengthen cybersecurity capabilities. Emerging technologies such as artificial intelligence, machine learning, and quantum computing present both opportunities and challenges that require careful consideration. In particular, understanding the potential risk and the potential and the risk associated with technologies like quantum technology is crucial. That is why Ghana and Italy are working to host a side event on quantum technology and cybersecurity tomorrow at the Permanent Mission of Italy to the United Nations, as already mentioned by our colleagues from Italy earlier this afternoon. My delegation would like to reiterate the need to have extensive conversations on this topic and trust that it will be a useful opportunity to discuss the opportunities and challenges of quantum technology. Technologies. It is essential that as member states we work together with stakeholders to develop cutting-edge cybersecurity solutions, especially in the areas of threat detection and incident response. I thank you, Mr.
Chair. Thank you very much, Ghana, for your statement. New Zealand, to be followed by Poland.
Thank you, Chair. Last week, the New Zealand Cyber Security Centre published its annual threat landscape report. This report highlights, in line with global trends, that we face a threat environment where the impacts of malicious cyber activity are causing ever greater harm from an ever increasing number of sources. New Zealand faced over 7,000 cyber incidents in the last year. Of these, 343 were incidents of potential national significance. An incident of potential national significance includes those that affects the systems and data of New Zealand organisations in key sectors, such as government, key economic generators, niche exporters, research institutions, or institutions that are otherwise important for New Zealand's health and safety, economic wellbeing, international reputation, and democracy. Around one-third of these incidents have been linked to state-sponsored actors, which is an increase on the previous year. Ransomware has remained a persistent threat to a wide range of organizations in New Zealand, including nationally significant organizations, smaller businesses, and even schools. On the positive side, disruption efforts such as arresting actors and taking down infrastructure has resulted in a decrease in financially motivated cyber incidents in New Zealand over the last year. However, given global trends, it is expected that this will be a temporary reprieve as those groups diversify and rebuild. The increasing frequency, scale, and severity of ransomware attacks causes harm, disrupts essential services to the public, all of which has the potential to undermine international peace and security. We've heard this highlighted in numerous statements today. And given the global prevalence of ransomware, we welcomed the references in last year's annual, annual progress report, um, and would encourage strengthening those references relating to the threat of ransomware in this year's report. Chair, New Zealand continues to support international efforts to counter malicious cyber activity, including efforts to disrupt cyber criminals and the ecosystem that enables their operations. We welcome the recent announcement from the Australian government, which was noted by my Australian colleague earlier in her intervention, regarding additional measures in response to the 2020 cyberattack against an Australian health insurance provider, which also likely affected many New Zealand citizens residing in Australia. Finally, Chair, as we consider the form of a future mechanism, we believe there are opportunities to build on the platform that has been been set by the OEWG, including by developing specific cross-cutting themes to complement our future plenary discussions. We thank you, Chair, for your proposal, uh, intercessionally, which sets out what such dedicated thematic groups could look like. We believe there are options to streamline the structure, for example, by taking the elements of the proposed groups on rules, norms, and international law, and the group on— capacity building and weaving these into the other 3 groups. This could be done in a way that ensures these issues, and indeed all the pillars of the current OEWG, are given their due prominence, while at the same time situating them within a practical context, which would foster action-orientated discussions as necessary. Streamlining in this way would also helpfully reduce the number of working groups to ensure we have a manageable workload under the future mechanism. We look forward to discussing these options further when we address regular institutional dialogue later in the session, Chair. Thank you very much.
Thank you, New Zealand, for your statement. Poland, to be followed by Czechia.
Mr. Chair, distinguished delegates, Poland aligns with the statement made by the European Union and would like to make some remarks in order— our national capacity. Poland faces an unpredictable rise of the number of cyberattacks and threats for our cybersecurity. In 2024, Cybepolska recorded more than 100,000 cybersecurity incidents. Comparing those data with the pandemic period, in example 2020, From the Polish perspective, the number of recorded incidents increased fivefold. Computer fraud incidents are still the most numerous group, and we have noticed a huge increase since the COVID-19 pandemic and the war in Ukraine, along with the other phenomena such as ransomware attacks on health sector, uh, institutions, but also on private sector companies. Or DDoS attacks and the huge amount of disinformation that flooded first in connection with the pandemic and then in connection with the war in Ukraine and the Ukrainian refugees who stays in Poland. In Poland were 57 significant incidents in 2024. The majority, 44 in finance and banking sector, 11 in health sector, and in transport sector. This shows which sectors in Poland are most vulnerable to cybercriminals. At the same time, more than 3,000 incidents were recorded in 2024 in public institutions, mostly in local public administration. Phishing or disinformation campaigns are the order of the day, some attempting to defraud users' data, others to influence and confuse public opinion. That is why we are preparing for the upcoming presidential elections and have launched the Election Umbrella Program, which aims to detect disinformation, analyze what appears on the social media platforms, report incidents, and handle reports submitted by citizens. But not only banking and health sectors suffer from cyber cyberattacks. I would like also to mention one of the incidents in the beginning of 2024 connected with the control system settings of the city's sewage treatment plants. In January 2024, there was interference with the control system settings of the city's sewage treatment plants. Then in March, we obtained a record from the Telegram Messenger where on a Telegram, one of the Russian language channels, a hacktivist group was posting about their activities. They were demonstrating the possibility of modifying the process parameters, changing the operation mode from automatic to manual, and showing the possibility of controlling the instrumentation. In example, pumps, mixers, or blowers. Fortunately, the attack had limited consequences and remote, uh, remote access was disconnected. Later, as part of the routine search for public, uh, unsecured system, we found two further instance based on the same system. We recognized them by the graphic design of the panels and the connect details posted on them. Poland stays committed to the coordination and international cooperation concerning the global discussion on the threats for our cybersecurity. The cyber threats issues should be discussed in a cross-cutting matter with the way we should address them. That is why I strongly support dedicated thematic group on enhancing cyber resilience and protecting critical infrastructure of the the future permanent mechanism. We are in favour of comprehensive and inclusive discussion and common analysis which take into consideration, on one hand, the identification of the threat, and on the other hand, how should we respond, how capacities we need to develop in order to do so, and which norms as well as national and regional policies and legislative framework we should build. Mr. Chair, Poland continues its commitment for the significant and comprehensive dialogue on the threats in the cyberspace and considers that our common discussion should be action-oriented in order to respond actively to the existing and new challenges we are facing. Thank you.
Thank you very much, Poland, for your statement. Czechia, to be followed by Republic of Moldova.
Thank you for giving me the floor. Czechia aligns itself with the statement delivered by the European Union and would like to add a few remarks in its national capacity. And as this is my first time speaking in this open-ended working group, I would also like to thank you, Chair, and your team for preparing this meeting. Czechia welcomes the constructive dialogue and the consensus achieved within the OEWG on existing and potential threats as reflected in the past three annual progress reports. Reaching consensus on this topic demonstrates our shared commitment to to a secure, stable, and peaceful cyberspace. However, cyber threats continue to evolve, growing more sophisticated and widespread. Like many in this room, uh, we believe that, uh, effective cybersecurity is impossible without, uh, close cooperation— uh, collaboration with the private sector, academia, and the expert community. Uh, their expertise and threat intelligence are essential for understanding emerging risks and strengthening global defenses. Uh, excluding them, uh, from the international discussions, uh, limits our ability to develop practical, effective, and forward-looking cybersecurity policies. In this context, uh, Czechia is proud to co-sponsor the proposal on stakeholders' engagement in future permanent mechanism. It was initiated by Canada and Chile. Uh, we also appreciate, uh, that, uh, chair discussions paper of 27 January tries to find a consensual way forward from the current OEWG practice, uh, that, uh, in our view is unsustainable and outdated, uh, in the field of cybersecurity. However, we are of the opinion that, uh, the inclusion or exclusion of non-governmental stakeholders should be subject to a vote in the event that there is no consensus. At home, the Czech National Cyber and Information Security Agency has reported a rise in cyber incidents in 2024, underscoring the urgent need to address threats such as ransomware and DDoS attacks. Uh, Czechia fully supports a strong emphasis on ransomware in OEWG discussions and reporting. Uh, tackling this growing threat requires coordinated international action and Czechia supports global efforts including those within the UN to combat it. Speaking about international cooperation on ransomware, Uh, Czechia recently took part in a law enforcement operation that led to the arrest of 4 Russian, uh, nationals linked to the Phobos ransomware group, helping to disrupt, uh, their criminal activities. As mentioned in our December statement, uh, quantum technologies present a key, uh, a key emerging challenge. It is crucial to assess their risk and take preventive measures as soon as possible. In this regard, Czechia has joined the joint statement, uh, securing tomorrow today, uh, transitioning, uh, to post-quantum cryptography. While not legally binding, uh, the statement reflects, uh, the common position of 18 EU member states and calls on governments, critical infrastructure providers, and the private sector to prioritize the transition to post-quantum, uh, cryptography. I would also like to echo what El Salvador said earlier today about quantum computing and the importance of including this issue in the final OEWG report. Looking ahead, we believe that the future permanent mechanism with its cross-cutting thematic groups can enhance international cooperation within the UN. A more structured approach can better integrate discussions on cyber threats, norms for responsible state behavior, and capacity building efforts. Mr. Chair, Czechia remains strongly committed to maintaining an open, secure, stable, and peaceful cyberspace. We value cooperation within the OEWG and look forward to to continued collaboration. I thank you.
Thank you, Czechia, for your statement. Republic of Moldova, to be followed by Brazil, please.
Thank you, Mr. Chair, esteemed colleagues. Moldova aligns with the European Union's declaration this morning and its call for continued study of existing and potential threats while emphasizing the importance of cooperative measures such as capacity building and knowledge sharing to enhance resilience and protect against cybercriminals and state-sponsored cyber activities. Not long ago, our National Information Technology and Cybersecurity Service has issued warnings again, this time regarding malicious cyber activities such as phishing schemes targeting citizens and government, government email systems, which often involve deceptive messages designed to steal personal and financial data. These types of threats not only disrupt national security, but also jeopardize the integrity of digital services and the protection of fundamental rights. In light of the increasing frequency of cyber threats, including ransomware, which remains one of the most pervasive and financially devastating threat, but also of disinformation campaigns, phishing attacks, and sophisticated hybrid cyber attacks, Moldova recognizes the urgent need for global dialogue and collective action to counter such threats. Therefore, we strongly support the inclusion of robust references to these threats in the final OEWG report and call for urgent international cooperation to enhance resilience, response mechanisms, and global accountability. Building on these important considerations, I would like to underline that we recognize the value of advancing international cooperation in understanding and addressing the growing threats in the field of information security, with a particular focus on data security, cyber resilience, and the protection of critical infrastructure. In this regard, we appreciate the perspectives shared on the need for a dedicated approach within the Future Permanent Mechanism and emphasize the importance of continued discussions on concrete actions to strengthen international cooperation in this domain. This aligns with the proposal to establish the cross-cutting dedicated technical groups, including one focused on building the resilience of cyber ecosystems and critical infrastructures, which could serve as a valuable platform for addressing shared cyber challenges in a comprehensive coordinated manner. Finally, Mr. Chair, allow me to express our gratitude and reaffirm my country's full support for the IWG process until its end, which you are leading with professionalism and dedication. Moldova is fully committed to upholding the principles of responsible state behavior in cyberspace as outlined in the UN framework and to promoting collaborative efforts to ensure secure and stable digital environment for all. Thank you very much.
Thank you very much, Republic of Moldova, for your statement. Brazil, to be followed by Mozambique.
Thank you, Mr. Chair. The Brazilian delegation would like to thank you for convening this 10th Substantive Session of the OEWG and express its appreciation for your work and that of your team throughout this process. In challenging geopolitical times, when the effectiveness of the multilateral system has been often questioned, the work of this group, where all delegations have for the past 3 years worked together to achieve consensus, is cause for celebration. As many colleagues have already mentioned, we are now at the final stretch of the Working Group's mandate. We must use this time efficiently and ensure that it delivers a seamless transition to a new permanent mechanism. In this regard, we would reiterate our proposal to continue focusing our discussions on regular institutional dialogue to allow a greater focus. And we'll focus— and my delegation will focus our statements this week on how we believe each agenda item should be addressed in the future mechanism. The pervasive use of ICTs and the exponential increase they have brought to our vulnerability to malicious cyber operations continue to be one of the most complex challenges to international peace and security. Rapidly evolving technologies continue to bring new threats to critical infrastructure and other essential services, which has been reflected in the threat sections of the OEWG's APRs. While our work should strive to be as technology-neutral as possible, meaning that our agreed recommendations should be structured in a way that does not limit them to specific technologies, We must also recognize that some specific technologies or acts can have particularly strong implications to national and international security. In this regard, my delegation mentioned in previous statements under this pillar our concern with the impacts of artificial intelligence and quantum computing, particularly post-quantum cryptography, and echo the delegations that have argued for the inclusion of a reference to them in the OAWG's final report. The future mechanism must allow room for, through one or more of its working groups, in-depth discussions with a view to reaching consensus recommendations on how to collectively address these new threats and challenges. Discussions currently underway in ad hoc processes outside the UN on issues such as ransomware, military applications of AI, and its implications to cybersecurity, or use of intrusive tools must be integrated to the new mechanism. Their borderless nature means that we need the engagement of all nations to adequately tackle them. Keeping discussions within the echo chambers of our like-minded groups will reduce their reach, effectiveness, and legitimacy. We welcome the efforts to ensure that the future mechanism integrates the POC directory and makes efficient use of this valuable tool to have action-oriented discussions on threats. We look forward to the simulation and debrief scheduled for later this year, as they will contribute to us having a more operational POC directory in place for the new mechanism. Mr. Chair, cooperation and capacity building, which has been rightfully recognized by the OEWG as a cross-cutting element to all issues under its mandate, will continue to play a key role in countering threats. Narrowing the digital divide is essential to promoting cybersecurity. Furthermore, we must not forget that the ultimate objective of our efforts in countering threats is to build resilience, to ensure the maximum benefit from digital technologies, to promote the development of societies. In this regard, we continue to support discussion in the future mechanism of proposals that can help us build that resilience, such as the creation of a threat repository, the adoption of common terminology, and the sharing of good practices in threat mitigation. I thank you.
Thank you very much, Brazil, for your statement. I give the floor now to Mozambique, to be followed by Fiji. Mozambique? Yes.
You have the floor, please. Mr.
Chair, at the outset, Mozambique delegation would like to commend you, Mr. Chair, and your dedicated team for your tireless effort in facilitating this important process. We align ourselves with the statement delivered by Nigeria on behalf of African Group, and in our national capacity, My delegation would like to highlight the following points. As Mozambique continues to expand its digital infrastructure across key sectors such as energy, telecommunication, health, education, agriculture, and transportation, protecting critical systems has become national priority. Recent events, including post-election violence and cyclones in the north of the country, have severely damaged public digital infrastructure, disrupting essential services and exposing the country's vulnerability to both human-made and natural In response, on January 16th, uh, this year, the government of Mozambique established the Ministry of Communication and Digital Transformation to strengthen cybersecurity and enhance digital infrastructure to coordinate strategic initiatives. This new ministry underscored the government's commitment to digital resilience resilience, ensuring that Mozambique is better equipped to prevent, mitigate, and respond to the emerging threats, including cyberattacks and the impact of recurring natural disasters. To address the threats to critical infrastructure, my delegation encouraged regional partnership to facilitate knowledge sharing, and cross-border cooperation. Strengthening incident response to threat intelligence collaboration is essential alongside its establishment of global mechanisms on real-time information sharing on cyber threats affecting critical infrastructure. Additional, we advocate for public-private collaboration to ensure that both governments and industry stakeholders actively engage in cybersecurity efforts. Finally, integrating climate resilience into cybersecurity strategies will be key to protecting digital infrastructure from the increasing risk posed by natural disasters. We take this opportunity to express our profound gratitude to the government of United Kingdom through GFC for facilitating Mozambique participation in this session. We thank you, Mr. Chair, for your attention.
Thank you very much, Mozambique, for your contribution. I give the floor now to Fiji, to be followed by Ukraine.
Bula vinaka, Chair, dear colleagues and dear friends. Chair, like fellow states, Fiji commends you on your decisive leadership and thanks your team and the Secretariat for your tireless efforts. As recalled in the opening statements that we heard this morning, we have made steady, consistent progress, and Fiji notes that in our collective journey, we must be laser-focused. In putting into practice the cumulative and evolving framework for responsible state behavior in the use of ICTs as we are deepening our common understanding. Fiji continues to be deeply concerned with the surge in malware, ransomware, phishing attacks, online scams, DDoS attacks, the malicious use of artificial intelligence, and misinformation and disinformation. Fiji notes that the Global Risks Report of this year stated that out of the top 10 risks within a 2-year projection, disinformation and misinformation continues to be the number one global risk. This has also been identified in the Pacific Security Outlook report for this year, particularly in the lead-up to national elections or in relation to the implementation of key pieces of legislation or policy. As an example, social media platforms are an important source of information for Fijians. Whereby 95% of the population has access to digital technologies. Therefore, Fiji finds immense value in fact-checking tools on such platforms and welcomes strategies raising awareness on misinformation and disinformation as more of our people are going online. These existing and potential threats aggravate existing vulnerabilities that are inherent in small, isolated economies of the Blue Pacific continent, who are dealing with compounded crises and are also on the frontline of climate change. It is for this reason that international cooperation is a necessity, and Fiji looks to this group to facilitate this in a tangible manner. Therefore, Chair, to promote common and deepened understanding and to enable all states to be on an equal footing, Fiji recognizes the following to be embedded in our permanent mechanism. First, we welcome prioritizing SIDS cooperation and capacity building for SIDS to enable states to detect, defend against, and respond to cyber threats. And this has also been mentioned by a number of states. In our region, through the Pacific Cybersecurity Operational Network, there is an annual capture-the-flag exercise, which we've found very useful. And we look forward to more of these types of activities. Second, we welcome the proposal of a dedicated working group with focused discussions and briefings for our experts experts on these threats, including on building the resilience of ICT infrastructure ecosystems, including satellite technologies, networks, subsea cables, and cloud infrastructure, supply chain and critical infrastructure, and critical information infrastructure as well. And we echo the contributions by other delegations in this regard. Fiji also recommends that the dedicated working group also look at providing support for the voluntary designation of critical infrastructure and critical information infrastructure as highlighted in our third annual progress report. And we also note the need to support climate— the discussions on climate-resilient ICT infrastructure, and we support and note Mozambique's intervention regarding this as well in terms of their experience. Third, Fiji advocates for and welcomes further discussions on the security-by-design approach embedding data protection and data security as smaller states are rapidly undertaking our digitalization efforts. This was also raised by a number of states earlier. Finally, Fiji also underscores the need for gender lens in addressing these threats, as women and girls are disproportionately affected. And I'd like to reference the cross-regional paper on gender and the permanent mechanism by 24 member states, including Fiji, which speaks to this as well. Fiji also appreciates the side event that was organized by UNIDIR and the OAS at lunchtime today, looking at gender and cyber norms, and Fiji awaits the UNIDERO report regarding this. Chair, we look forward to embedding this cross-cutting theme across the dedicated working groups and support and look forward to further discussions on New Zealand's proposal for streamlining the work of the dedicated working groups.
Vinaka vakalevu and thank you. Thank you very much, Fiji. Ukraine, to be followed by Vietnam.
Mr. Chair, the delegation of Ukraine aligns itself with the statement delivered by the EU. We would also like to make some additional remarks in our national capacity. Ukraine is attaching great value to the agreed UN framework of responsible state behavior in cyberspace. We stress the importance for all states to uphold these principles and refrain from cyberattacks. As of today, cyber threats are growing in number, speed, and sophistication, often with devastating consequences for both private and public sectors. A number of states are systematically using ICTs contrary to their obligations under the framework of responsible state behavior. In this regard, we are gravely concerned by reports, including from our key partners, of an increased number of malicious cyber activities affecting political and electoral processes, public institutions, as well as critical infrastructure. Including health facilities. Ukraine has been facing constant cyberattacks by the Russian Federation. Russian cyber operations aimed to support kinetic operations damage Ukraine's digital ecosystem and cyber capabilities, as well as destabilize Ukraine's allies and partners in cyber domain. The most common targets of Russia's attacks against Ukraine's targets are local authorities, government organizations, the security and defense sector, and critical infrastructure, in particular the energy sector. Taking this opportunity, we reject allegations made by the Russian Federation against our country and its partners during the OEWG plenary meeting earlier today. Regarding a reference made by the Russian delegation on alleged Ukraine's involvement in a cyberattack against a Slovakian insurance company. It should be noted that in its statement dated 24 January of this year, the Ministry of Foreign Affairs of Ukraine categorically rejected all allegations in this regard. Mr. Chair, in order to jointly coordinate and facilitate our support related to civilian cybersecurity together with our partners, we have established the Tallinn Mechanism. This initiative is intended to engage world-class cyber digital expertise from both the private and public sector with relevant resources to protect critical national infrastructure and vital services through strengthening cyber resilience capabilities of Ukraine, which serves as a good example of digital solidarity between countries in the ICT sphere. Mr. Chair, as we are approaching the end of the mandate of the OEWG, we would like to suggest some elements— to be considered during the negotiation of the final report relates to threats in cyberspace. Underscored the need for continuing discussion of measures that states can undertake in line with the UN Framework for Responsible State Behavior in Cyberspace to reduce the threats posed by ICT, further reflecting best practices and collective initiatives such as the Tallinn Mechanism. This would allow us to see how we can promote international cooperation enhance resilience as well as strengthen partnerships in cyberspace; addressing ransomware attacks and threats posed to human rights by malicious cyber activity; stressing the need for further strengthening capacity building and collaboration to better understand the risks posed by artificial intelligence and quantum technologies; recognizing the critical role of most— multistakeholder community in our cooperation on issues related to ICT security. Thank you, Mr. Chair.
Thank you, Ukraine, for your contribution. I give the floor now to Vietnam, to be followed by the Democratic Republic of the Congo. Mr.
Chair, in our first intervention this week, we would like to extend our appreciation for the leadership and the team's dedication throughout the OEWG sessions. Cyberattacks targeting critical infrastructure are on the rise, with sectors such as finance, healthcare, and energy remaining the primary targets. In Vietnam, the most prevalent cyber threats remain advanced persistent threat attacks, spyware, and ransomware, spreading through the multiple factors, including phishing emails, malicious websites, and trojanized software. We also recognize the rise of emerging cyber threats, including attacks on the edge device, evolving strains of mobile banking trojans, attacks with user post-exploitation techniques, and advanced, uh, and advanced obfuscation tactics like domain fronting and green resource. In, in a season domain where we primarily target businesses and individuals, we also observe the emergence of malware specifically aimed at military agencies and defense-related entities. Cybercrime criminals often exploit 4 primary types of vulnerabilities to launch attacks, which are software vulnerabilities, supply chain vulnerabilities, human factor vulnerabilities, and weaknesses in management processes, system configuration, and asset controls. Looking ahead, we anticipate that the cybercriminals will increasingly target the industrial control system such as autonomous vehicles and unmanned aerial vehicles, posing serious risks to critical infrastructure. Emerging technologies, including AI and quantum computing, present both opportunities and challenges. While they drive innovation and advancement, they also enhance the ability to detect and exploit vulnerabilities. Mr. Chair, international cooperation and capacity building are critical to increase the resilience and cybersecurity, particularly for developing countries. Many countries lack the expertise, infrastructure, and resources required to both prevent and rebuild from cyberattacks. Thus, enhancing Strengthening the technical support, knowledge sharing, and regional cooperation is vital to detect, defend against, and/or respond to malicious ICT activities. We also call for the efficient operation of existing mechanisms, such as the Global Points of Contact directory, to enhance real-time communication and response to cyber incidents. At national level, to raise the awareness of threat landscape, in last January, Vietnam has established the National Cybersecurity Incident Response and Recovery Alliance, the alliance between the government and ICT experts to respond properly to cybersecurity incidents. Furthermore, collaboration with private enterprises, technology companies, ICT experts, and specialized UN agencies to exchange ideas and share the best practices will play a crucial role in identifying the technical and policy solutions to address this threat effectively. I thank you for your kind attention.
Thank you very much, Vietnam. The DRC is not ready at this point, so we'll go to Ireland, please.
Go raibh míle maith agat, Mr. Chair. Thank you. Ireland aligns itself with the statement delivered on behalf of the European Union, and I will now proceed with some additional remarks in my national capacity. Let me begin, Chair, by thanking you for convening us again in New York and for your continued commitment to leading a consensus approach to our work. Chair, at our discussions in December, you noted the progress we have made in developing a common understanding on the existing and potential threats posed in cyberspace. This progress is fundamental to the success of our deliberations. It is only through an accurate and shared picture of the complex threat landscape we face that we can hope to build consensus on countermeasures and a future permanent mechanism that is fit for purpose. In that regard, Ireland welcomes the progress states have made under the threats pillar, particularly in recognizing the devastating impact of ransomware and spyware on a global level. As we gain a clearer picture of the threat landscape in this forum, experienced by states all across regions of the world, we must acknowledge the proliferation of state and non-state actors using cyber capabilities for disruptive and offensive means. As an open society with a highly interconnected digitalized economy, Ireland is acutely conscious of the deteriorating international security environment, particularly with regard to critical infrastructure. Today's cyber criminals are better organized, have more developed capabilities, and are more sophisticated in their approach than ever before. Furthermore, technological advances are reducing the barrier for conducting cybercrime, and this allows for a proliferation of actors to engage in attacks. Critical infrastructure, including in the healthcare sector, has regrettably become an acceptable target for unscrupulous hackers seeking to cause maximum damage with minimum effort at great cost to patients and societies. Regretfully, much of this malicious activity is made possible by some state actors who, contrary to the norms of responsible state behavior and in particularly the responsibility for due diligence, allow criminal groups to further destabilize cyberspace to the detriment of us all. Indeed, it is becoming increasingly difficult to identify where criminal activity ends and state action begins for certain cyber attacks. Threats to critical infrastructure exist equally in the physical realm. Hardware such as data centers and undersea cables are vulnerable to attacks that can cripple entire sectors of the economy. As we consider how best to frame our future discussions in a permanent mechanism, it is vital that we create truly thematic groups, such as the proposal for a resilience group as set out in the latest explanatory paper for the proposed Programme of Action approach. This group could continue our work to build a common picture of the threats to critical infrastructure, the existing international law and normative framework that protects it, and how capacity building initiatives can build resilience for all and close the digital divide. Therefore, we welcome your inclusion of a resilience group in the Chair's discussion paper on regular institutional dialogue and recall both the broad-based demand and the critical need for a distinct and specific group on this topic. Chair, as part of this week's discussions, you have asked us to consider the role stakeholders can play in a state-led discussion. Ireland believes that a wide variety of stakeholders are well placed to enhance our understanding, our knowledge, and information of the cybersecurity challenges related to new and emerging technologies such as quantum and artificial intelligence. Thematic groups that allow a focused discussion integrating all the pillars of the OEWG, as well as meaningful stakeholder participation, are key to us continuing the progress we have made during this process. Go raibh míle maith agat a cáthair leat. Thank you, Chair.
Thank you very much, Ireland, for your statement. Just to wish delegates— I've received a request from 3 delegations to exercise their right of reply, and it's therefore my intention to hear those rights of reply. And in accordance with the rules of procedure under which we are operating, I give the floor now to Slovakia to be followed by China and then the DPRK. Slovakia, please, you have the floor.
I would like to use my right to reply.
The Russian delegate at the end of his intervention—
her intervention—
gave us an example of massive attack on the National Insurance Company in Slovakia.
We did not have such an attack in Slovakia, and this doesn't—
because we do not have any organization called National Insurance Company. But we did have a medium-sized phishing campaign against the General Health Insurance Company, which our Prime Minister spoke about, which was conducted by Russian side, from Russian servers, from which the attacker regularly carries out phishing attacks against various entities in Slovakia, for example, customers of different Slovak banks, but also, for example, Netflix users. Thank you for opportunity to clarify the situation.
I give the floor now to the delegation of China.
I thank you, Mr. Chairman. I would like to exercise the right of reply to the statement made by the U.S. delegate in the morning. First, China rejects the unjustified accusations without any evidence made by the United States against China. We condemn the irresponsible way in which the U.S. has blatantly spread false information at the United Nations. Secondly, with respect to cybersecurity, China finds that the U.S. has carried out prolonged, systematic, and large-scale cyberattacks against China, which include cyber espionage and cyberattacks that jeopardize the security of China's telecommunication, financial, and transportation infrastructure. Over the past 2 years, China's cybersecurity agencies have submitted reports which stated that the U.S. government has carried out these attacks against China through 2 APT organizations, APT39 and APT40. As President Xi Jinping has pointed out, that we have concerns about the U.S. on the issue of cybersecurity. Thirdly, in her statement, the U.S. representative claimed that China thinks that it is imminent that the U.S. and China will have a conflict. This is a malicious misinterpretation of Chinese policy. I would like to take this opportunity to ask the representative of the U.S. to make clarifications whether this statement implies that the U.S. is prepared to intervene in the situation in the Taiwan Straits by force. We have a stern message for the US. Taiwan is China's Taiwan. China firmly opposes the use of cyber issues by the US to interfere in China's internal affairs. On the question of Taiwan, no matter what cards the US plays, it will be futile. Fourthly, the US is not only seriously jeopardizing China's cybersecurity, but is also the most significant cyber threat facing the entire world. The Snowden incident reveals that the U.S. has carried out indiscriminate cyber threat— theft against the whole world, including its own allies. At this meeting, all parties are much concerned about the issue of the security of critical infrastructure. But I would like to remind everybody that the Stuxnet incident in 2008 was the first well-known case of an attack on another state's critical infrastructure. In my statement this morning, I made reference to a certain country's claim that other countries' CI is a legitimate cyberattack target. This is precisely a notorious quote from the U.S. Cyber Force Command. In the U.S. statement, they claim that China did the prepositioning of the U.S. infrastructure. This is totally baseless accusations. At the same time, I would like to ask the U.S., could you please make a commitment to the world that the U.S. Has never launched any prepositioning of critical infrastructure of the entire world. Given the above-mentioned facts, I suggest that the U.S. representative, before making any statement next time to make unjustified accusations against other countries, ask herself the question of whether She has done what she has asked of others. Finally, although we have had serious concerns for many years about the malicious cyber conduct of the US, however, China has always exercised restraint when it comes to publicly naming it at the UN. Since the US first made the provocation, China feels compelled to reciprocate since the U.S. started it first. In the future, China will respond sternly at the first opportunity to every U.S. malicious provocation at any opportunity we believe to be feasible or desirable, so that the irresponsible conduct of the U.S. will be known to the entire international community. I thank you, Chair.
I give the floor now to the Democratic People's Republic of Korea. You have the floor, please.
Mr. Chair, my delegation would like to exercise its right of reply in response to the provocative statement made by the ROK today. We categorically reject the absurd and groundless accusation of the ROK against my country, which has nothing to do with us, in fact. It is the inveterate evil habit of the ROK to spread false and unsubstantiated rumors about the DPRK in pursuit of sinister political purposes. It is no more than a sheer attempt to demonize the DPRK and politicize this forum. The DPRK has been consistent in its position against all sorts of cyber attacks. The DPRK has enacted relevant law and regulations and strictly implemented them to counter cyber crimes. The DPRK remains committed to joining the efforts of the international community to ensure the secure involvement in the use of information and communication technology. ROK's reckless remark clearly shows that it is only interested in pursuing confrontational approach. The OEWG will never tolerate such reckless moves against the DPRK and will do whatever to counter it. We urge the ROK not to bring up impertinent and malign argument, but rather focus on the substantive topics of the group for the successful conclusion of this session. Thank you, Mr. Chair.
I have received further requests from the Islamic Republic of Iran to exercise its right of reply. You have the floor, please.
Thank you, Mr. Chair. My delegation feels compelled to take the floor to exercise its right of reply in response to the unsubstantiated accusation made by the representative of the Israeli regime. While we categorically reject these baseless and politically motivated allegations, we would like to bring the following to your attention. First, the Islamic Republic of Iran has long been the primary target and the main victim of cyberattacks attacks against its critical infrastructure by the Israeli regime. Attacks by Stuxnet, Stuxnet, on Iran's peaceful nuclear facilities and attacks on industrial infrastructures such as steel and petrochemical industries, gas stations, as well as municipal public service systems are a few examples of these cyberattacks. The Israeli regime has repeatedly acknowledged its involvement in these internationally wrongful acts within the ICT environment and must be held accountable for its roles in these violations. Second, the Israeli regime, in its attacks on Lebanon on 17th and 18th September 2025, by detonating thousands of booby-trapped mobile and wireless communication devices, once again crossed all red lines and set a new troubling precedent. Until now, discussions on arms control and disarmament have focused on dual-use technologies. However, in this instance, the Israeli regime has employed technologies that are entirely peaceful and civilian for terrorist and military purposes. These attacks, amounting to war crimes, constitute a dangerous precedent that threatens regional and international peace and security. We would like to use this opportunity to condemn once again this terrorist act which resulted in the loss of life and injury of dozens of civilians. The incident has raised an important alarm for the global community against the malicious use of ICT-related tools and the use of ICT to cause physical damage, which is a gross violation of international law. Third, It is deeply disturbing and utterly hypocritical that Israel, a regime famous for its persistent and blatant violation of international law, the Charter of the United Nations, and Security Council resolutions, would dare to accuse Iran of baseless allegations. This is the very regime whose representative, in full view of international community, tore up the Charter of the United Nations on the podium of General Assembly, whose foreign minister declared the Secretary-General persona non grata, and whose military forces during their genocidal war in Gaza have deliberately targeted civilians and destroyed vital civilian infrastructure, including humanitarian and medical facilities, schools, and education centers. Israeli bombs have spared no one, not journalists, students, scholars, doctors, nurses, infants, pregnant women, persons with disabilities, civil servants, people seeking food and safety, or human humanitarian workers, including UN staff. Over 45,000 innocent Palestinian men, women, and children have been massacred. More than 100,000 others have been injured, and approximately 1.9 2 million people, around 90% of the population, have been displaced over the past year. Such a regime utterly lacks the moral authority to accuse any other nation of violating international rules and norms. I thank you, Mr. Chair.
I give the floor now to the Republic of Korea, which has also asked for the floor in exercise of its right of reply. You have the floor, please.
Thank you, Chair, for giving me the floor again. I would like to emphasize that not only our country but also multiple countries and international organizations have independently analyzed and reported on North Korea's illegal cyber activities. All of these reports have confirmed that North Korea is responsible for for a significant number of recent cryptocurrency thefts. Chair, I would like to clarify one thing. Actually, our intention is not to shame or call out any specific country when we reiterate the correlation between the cryptocurrency theft and international peace and security. Rather, we wish to emphasize that cryptocurrency theft is as serious as, or even more serious than, other threats to international peace and security. Furthermore, as noted in the 9th substantive session, authoritative entities such as Chainalysis and ISO confirmed that blockchain, as a public ledger, transparently records all transactions. Once a transaction is recorded and revealed, it cannot be altered or manipulated in any way. Therefore, contrary to the DPRK's claims, there is no possibility of error in the attribution of identified actions. Additionally, cyberspace is transboundary, highly anonymous, and allows attacks to spread rapidly. Given these characteristics, international cooperation is crucial for effectively addressing cyber threats. We all share this awareness. Which is precisely why we continue our discussions within the OEWG. Thank you.
I see that the Democratic People's Republic of Korea has asked for the floor again in exercise of its second right of reply. You have the floor, please.
Thank you, Mr. Chair. My delegation feels compelled to exercise its second right of reply just briefly. We again categorically reject the absurd accusation of the ROK. As I said earlier in my first intervention, it has nothing to do with the DPRK. It is the rumor fabricated by the— by ROK. That is why It is their story spread and amplified by them and through the hack media against my country in pursuit of sinister political purposes, as we stated repeatedly. That's why, since it is their story, I urge the ROK to address or tackle this issue by themselves or within themselves. Thank you, Mr. Chair.
I see no further requests from delegations in exercise of their right of reply. It's therefore my intention at this point, given the fact that we have some minutes left before we conclude at 6 PM, to give the floor to the last two remaining speakers under this particular topic of existing and potential threats before I make some remarks and before we conclude for the evening. So I give the floor now to Vanuatu, to be followed by the ICRC. Vanuatu, please.
Thank you, Mr. Chair. Mr. Jeff, first of all, the Government of Vanuatu expresses its solidarity with Australia following its— the recent sanctions imposed in response to the Medibank private cyber attack. This decisive action underscores the growing threat posed by ransomware attacks globally. In November 2022, Vanuatu experienced a significant ransomware attack that severely disrupted government operations. The attack incapacitated state-run computers, computer systems, leading to delay in public services and highlighting the vulnerabilities faced by small island developing states. These incidents illustrate the pervasive and evolving nature of cyber threats that transcend national borders. They also highlight the importance of international cooperation and the need of robust cybersecurity measures. We commend Australia's proactive stance in imposing targeted sanctions against entities facilitating ransomware activities. Such measures are crucial in deterring malicious actors and reinforcing the international community's commitment to upholding a secure and resilient cyberspace. Vanuatu remains deeply concerned about the growing range of cyber threats that pose risks not only to national security, but also to economic stability, public safety, and sustainable, sustainable development. As the Pacific Islands Forum 2024 statement emphasized, the increasing frequency and sophistication of cyber incidents threaten critical infrastructure, government services, and the digital trust on which our societies dependent. For small island developing states, these threats are particularly acute. Limited technical resources, geographic isolation, and dependence on external digital infrastructure make us highly vulnerable to cyberattacks, data breaches, and malicious cyber operations. The devastating December 2024 earthquake in Vanuatu illustrated how real-world crisis can quickly exacerbate cybersecurity vulnerabilities. As emergency response efforts were underway, disruptions to digital infrastructure left key government systems offline, hampering coordination and the delivery of critical services. Cybercriminals and malicious actors often exploit— moments of crisis, targeting weakened networks and spreading disinformation. This experience underscores the urgent need for greater investment in cyber resilience, redundancy planning, and regional cooperation to ensure that disasters, natural or man-made, do not lead to cascading digital security failures. We urge the international community to recognize that cybersecurity is not just a technical issue, but a fundamental element of national and regional security. The threats we face are evolving, and so must our collective response. Strengthening public-private partnerships, enhancing real-time threat intelligence sharing and expanding technical support for vulnerable states are essential steps. Vanuatu calls on this body to continue prioritizing a coordinated approach to addressing cyber threats, one that is inclusive, responsive, and rooted in international solidarity. Thank you.
Thank you, Vanuatu, for your statement. Last statement for the day from the ICRC, please.
Ambassador Ghafour, Excellencies, dear colleagues. The International Committee of the Red Cross is grateful for the opportunity to participate in this 10th meeting of the Open-Ended Working Group. We would like to commend this Working Group for having established a balanced set of common understandings on existing and potential ICT threats. The ICRC is providing humanitarian services in over 90 countries, many of which are affected by armed conflict. We share the Working Group's finding that ICTs have already been used in conflicts in different regions and that their use in future conflicts is becoming more likely. For people affected by armed conflict, military ICT activity or a militarization of ICTs creates an additional risk of harm. We are deeply concerned about the increase in malicious ICT activities impacting critical civilian infrastructure. While the situation is worrying at all times, the potential human cost of such activities is even more concerning in times of armed conflict. When electricity networks, water treatment facilities, and hospitals— are at the brink of collapse because of ongoing hostilities, a cyber operation risks pushing systems over the edge. Likewise, the multiplication of COVID information campaigns can undermine trust, fuel conflict, contribute to an escalation of hostilities, and incite acts of violence. The ICRC also shares the Group's finding that an increasing number of malicious ICT activities are carried out by states and non-state actors. For instance, we are concerned that ransomware attacks are not only carried out by criminal groups, but also becoming a tool or service used by parties to armed conflicts. The ICRC and many other humanitarian and international organizations have been the target of malicious ICT activities. From cyber operations disrupting our operations to disinformation campaigns. We appreciate the shared concern among delegations recognizing that malicious ICT activities risk disrupting the ability of humanitarian organizations to conduct their work in a safe, secure, and independent manner and undermine trust in their work. Mr. Chair, establishing common understandings of existing and potential threats is an important step towards collectively addressing them. In our view, this group has made significant progress in jointly describing today's threats. We encourage you to also build further agreement on how to collectively prevent and mitigate them. Thank you.
Thank you very much, ICRC, for your statement. Friends, we have We have come to the end of this particular agenda item, which is existing and potential threats, and I must say that it is a very substantive and rich discussion, and it is very clear from all your statements that the threat landscape continues to evolve with many new potential trends that are of concern to many of you. In fact, all of you who have spoken have identified as to how you are increasing or seeing increasing levels of threat individually in your own countries and in your own systems. It is also clear that the perception The perception as to the sources of the threats differs depending on your national perspective. But if we look at the threats themselves and the existing and potential threats, there are many areas of commonalities in terms of the kind of threats threats that we are facing, even if we may not all agree all the time as to the sources of these threats. Secondly, the discussion in this Working Group today— in fact, the entire day— has been about the existing and potential threats, and this discussion This type of discussion occurs nowhere else but at the United Nations and in this Working Group because this is the only universal body that we have as the open-ended Working Groups that allows for a discussion on ICT security in an inclusive, universal transparent platform. And therefore, the fact that you have had a rich discussion is in fact a dialogue that you are having as nations of the world. And if in presenting your views there is a response or a robust reaction, that too is part of enriching that dialogue and understanding, which is what happens in a universal body like the United Nations, that there is a to and fro, and we did hear a number of to and fro in the form of rights of replies. But that too is how a discussion and dialogue at the UN is structured to allow for an exchange of views and to allow for the dialogue to continue even if or especially if there are deep differences of views and perspectives, which therefore underlines the value of this universal mechanism that we have in the form of this Working Group. To have precisely that dialogue and debate as to the nature of the threat landscape, the existing and potential and emerging threats. So I hope that even as you listen to the discussions, and you would have no doubt seen the underlying political and geopolitical tensions and challenges, the larger thing to keep in mind is that here we are at the United Nations talking about these emerging and existing threats, and having such a discussion and a robust dialogue is in itself valuable because we can't have that dialogue anywhere else, and having that dialogue is the first step in trying to decide what should be the next step, which is how do we respond to the threat landscape as we see it. And even if we do not completely agree with every single aspect of the threat landscape, are there not sufficient commonalities in terms of the emerging threats that requires a collective response? And so the other thing that this discussion today has underlined is that even if we do not always agree as to the types of threats or the sources of these threats, what we can all agree is that we need to work together to reduce the risk of these threats, mitigate and manage these threats, help each other have the capacity and know-how to respond to these threats. And all of this, of course, requires greater international cooperation. And the other point that struck me was that precisely because the threat landscape is evolving, and if we look at the— at at the last 3 annual progress reports, the section on existing and potential threats has become longer and longer, partly because we have been able to agree on more and more things, but also partly because the threat landscape is evolving. It's like a snapshot that we offer at a given point in time, but the threat landscape continues to evolve, and therefore the snapshot we provide has to needs to be updated and made more elaborate in terms of how we all collectively look at the threat landscape, which provides the foundation for a lot of our cooperative action. But what this also underlines is the fact that we need a seamless transition to the Future Permanent Mechanism. If the threat landscape is evolving and we are not able agree on a smooth transition to a future permanent mechanism, then what we have done over the last few years will come to an abrupt end, and that will be disastrous because the threats are not going to wait for us to resolve our institutional discussions. And therefore, it just underlines the absence the absolute critical importance of making this seamless transition to the future permanent mechanism and that comes back to the point I made right at the beginning about reaching consensus in July because to get to a seamless transition to the future permanent mechanism we have to agree to the final report by consensus in July and that means also agreeing by consensus the existing and potential threats. Now, I won't go into the range or list of threats, but obviously a greater depth of discussion in terms of AI, quantum computing, quantum cryptography, Internet of Things, OT—operating technologies—supply chain, data security, so many other specific issues— ransomware, critical infrastructure, critical information infrastructure, and the usual malicious use, malicious softwares. So the whole range of the threats with greater emphasis on the changing nature of technology. So even while we are technology-neutral, we have to be aware that the evolving nature of technology could amplify or accelerate or expand the threat vectors over which we have to be very vigilant. Otherwise, each one of us individually, especially the smaller countries, the developing countries who do not have the capacity and knowledge to respond to these threats and of course underlying all of that is the gap in technology, gap in knowledge, the digital gap, as many of you have pointed out, which in turn underlines the importance of capacity building and the need to discuss the issue of threats in a more holistic way by drawing the linkages between the issue of existing and potential threats international law capacity building. So, my friends, this is an excellent start to the discussions. Now, in order to end on a happy note, or I should say a happier note, I want to remind all delegations to the invitation that I had extended to all of you In my letter dated, I think, in January, invite all of you to a reception this evening at 6:30 PM at the Permanent Mission of Singapore to the UN. So all representatives are invited, including representatives of the stakeholder community. Please simply show your UN pass at the mission and you'll be most welcome to attend this reception. It is often said that the Open-Ended Working Group is in itself an exercise in building confidence and a CBM measure. If that is the case, the reception this evening is an opportunity for each one of you to meet and mingle and have informal conversations without or I should say with the possibility of having immediate and gentle rights of replies over a glass of drink. So you're most welcome to attend the reception this evening at 6:30 PM at the Singapore Mission. The meeting is adjourned. We will see you tomorrow at 10 AM. Thank you.