Authors: Elena Zinovieva and Alexander Zinchenko*
The first committee of the 76th session of the UN General Assembly has adopted a draft resolution on international information security sponsored by Russia and the United States by consensus. The document has a record number of co-sponsors, with 107 countries putting their name to the document, although it is Russia and the United States that promote the document as its main sponsors. While the draft resolution still needs to go through a vote at the UN General Assembly this December, we can assume the vote will go more as less the same way it did in the committee.
The very fact that Russia and the United States came up with a joint draft resolution is a significant step forward in the bilateral cooperation in the field of international information security, especially given the fact that the United Nations hosted two competing platforms operating between 2019 and 2021, the Open‑Ended Working Group (the OEWG) established at Russia’s initiative and the Group of Governmental Experts (the GGE) led by the United States.
The joint draft resolution and a step towards an institutionalization of the dialogue came as a result of the agreements reached at the summit between President Vladimir Putin of Russia and President Joe Biden of the United States on June 16, 2021. Four rounds of expert consultations have already taken place under the auspices of the security councils of the two countries, says Anatoly Antonov, Russia’s Ambassador Extraordinary and Plenipotentiary to the United States.
Besides, the Russian diplomat pointed to the successes in suppressing hacker activity and combating the criminal use of ICTs. The fight against cybercrime is one the main concerns voiced by the U.S. in this area, especially after the high-profile ransomware attacks on the energy and food industries in 2021. Subsequent dialogue led to a restoration of interaction in this area, which is occurring within the framework of the 1999 bilateral agreement on mutual legal assistance in criminal matters, a document that allows the parties to exchange information on cybercriminals in pretrial detention, including in matters when it comes to collecting evidence of the person’s guilt. Cooperation between the two countries has involved the United States transferring materials for the legal suppression of the activities of such international cybergroups as Evil Corp, TrickBot and REvil. In turn, Russia has informed the American colleagues that Moscow has managed to thwart the activities of a criminal group using the Dyre/TrickBot malware and prosecute those responsible.
Additionally, there has now been greater interaction between Russian and U.S. centers for responding to computer incidents, the Federal Security Service’s National Computer Incident Response and Coordination Center (the NCIRCC) and the Department of Homeland Security’s US–CERT. However, the sides still harbor their concerns, pointing to the fact that there is room for cooperation to be fostered and enhanced. For example, most attacks on Russian infrastructure in 2020, the NCIRCC suggests, were carried out from the United States, Germany and the Netherlands. By the same token, the Western media continues to level mostly unsubstantiated accusations against Russia for its supposed involvement in cyberattacks, while cyber defence activities have become overly politicized.
Meaningful interaction, once it produces positive results, facilitates an atmosphere of trust between the parties, opening the door for closer cooperation to establish a universal international regime for information security, including with respect to the issues that are more global and complex in their scope. Russia’s agenda in bilateral negotiations is not limited to combating cybercrime—Sergey Ryabkov, First Deputy Minister of Foreign Affairs, has stressed—as it includes a broad range of issues relating to international information security, including military and political use of ICT, which is the major threat to international stability today. Moreover, since 1998, Russia has been calling for a global regulation of international interaction in information security and for rules to be formulated under the auspices of the United Nations to guide responsible behaviour of states in this area.
The dialogue and the joint work in this area have been reflected in the draft resolution, and it takes Russia’s priorities into account. Specifically, the document sets out the important principles and rules of the responsible behaviour of states in the information space, which Russia has been advocating for since 1998: encouraging the use of ICTs for peaceful purposes, preventing conflicts arising in its use, preventing the use of ICTs for terrorist and criminal purposes. The document places a particular emphasis on the importance of preventing cyberattacks targeting critical infrastructure.
The draft resolution also welcomes the 2021 report adopted by the Open‑Ended Working Group on developments in the field of information and telecommunications in the context of international security, making special note of how important the renewed group’s proceedings will be for 2021–2025. At the same time, the resolution suggests that the OEWG’s activities may well result in a binding UN document on international information security to be adopted.
It would seem the United States and Russia have sent a positive signal to the international community, recognizing the threats to international information security and acknowledging the importance of norms to be devised that would guide responsible behaviour of states in the information space. These norms would underpin the international regime for information security, as is envisioned by the Principles of State Policy of the Russian Federation on International Information Security adopted by the Russian President on April 12, 2021. The document aims to strengthen peace and international security, which are increasingly dependent on the advances in information and communications technologies. “The international community has proven in practice that it is capable of negotiating and working out acceptable solutions when it comes to resolving fundamental issues of national and international security,” noted Andrey Belousov, Deputy Permanent Representative of the Russian Federation to the United Nations Office in Geneva.
First published in our partner RIAC
*Alexander Zinchenko, Ph.D. in History, Lead Expert at the Centre for International Information Security, Science and Technology Policy at MGIMO University