Researchers and experts aren’t sure what the future holds for UN-led efforts at creating rules about how countries should behave in cyberspace, even though ransomware attacks continue to increase.
U.N. members in a cyber conversation group reached an agreement on March 1 on so-called norms or nonbinding principle that includes a ban on attacking other countries’ critical infrastructure. France and Russia proposed competing groups to replace the forum. It was scheduled for end in this year.
” “There is a complete confusion about where the next steps are and what this process will lead us to,” stated Stefan Soesanto a senior researcher from the Center for Security Studies of the ETH Zurich University.
There isn’t a formal process for U.N. member states to implement nonbinding principles, and it will take time to create one, Moliehi Makumane said at Thursday’s online conference, hosted by Foreign Policy magazine. She said that she didn’t believe U.N. members would cede such power.
While there is momentum for the U.S. and its allies to cooperate more closely on cybersecurity, governments around the world are struggling to protect their own infrastructure and companies from the growing number of attacks, said Heli Tiirmaa-Klaar, Estonia’s ambassador-at-large for cyber issues. It’s almost like there is a pandemic, and not enough doctors. In an interview, she stated that cyberspace is a problem.
High-profile ransomware attacks this year on Colonial Pipeline, meat processor JBS SA and Ireland’s public healthcare system brought public attention to disruptions such incidents can cause. The Biden administration issued a directive to federal agencies and suppliers of software to establish baseline security standards, such as encryption and multifactor authentication. It also launched a variety of initiatives to protect critical infrastructure against hacks. Last week, the U.S. sanctioned a Russian cryptocurrency exchange for processing payments linked to at least eight types of ransomware.
Last week, President Biden informed the U.N. General Assembly that the U.S. was “hardening [our critical infrastructure] against cyberattacks and disrupting ransomware network and working to establish clear roads for all nations in cyberspace .”
After Mr. Biden’s June meeting with the Group of Seven, the European Union, and the North Atlantic Treat Organization, statements were issued by the three groups reaffirming their resolve to fight ransomware. On Friday, the EU’s highest foreign policy officer blamed Russia for attacks on politicians and governments in several of its member countries. Moscow denies any involvement in the cyberattacks.
Ransomware attacks could be illegal under international law, according to Dapo Akande (a professor of international public law at Oxford). In the next weeks, Mr. Akande and other legal professionals from various countries will release a statement outlining how ransomware is against international law.
Coordinating responses across borders to cybercrime can prove difficult. According to Ms. Tiirma Klaar, law enforcement agencies need to work together to prosecute and investigate hackers that are outside of their borders.
Cyber experts from every country are overworked and their workload is growing,” she stated.
Write to Catherine Stupp at Catherine.Stupp@wsj.com
Copyright (c)2021 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8