While key developments such as the conclusion of the Ad Hoc Committee on cybercrime are expected to take place in 2023, other trends are likely to emerge in the debates around cyber issues in the coming months. Four of our Directions Blog contributing editors explain which global and regional trends – namely in Africa, the Indo-Pacific, and Latin America – might challenge cyber diplomacy and cooperation in 2023. If the security of critical information infrastructures will remain crucial on the global stage, ransomware, South-South cooperation, and cybersecurity appear as some of the main emerging issues that require further attention from the international community.
Camino Kavanagh, Senior Fellow at King’s College London, Non-resident Scholar at the Carnegie Endowment of International Peace
In the March 2022 session of the current United Nations Open-Ended Working Group on ICTs and International Security, two member States referenced subsea cables in their interventions on existing and emerging threats. These curt, yet important references to subsea cables, the vulnerability of the systems and related infrastructure to malicious physical and cyber activity, and related resiliency and capacity issues during a session of the UN OEWG were a small indication of growing state interest in, and the threats emerging around this most critical of information infrastructures. Yet, they went largely unheeded by the majority of States participating in the meeting. Fast-forward several months. Overnight, the Nord Stream explosions shifted the collective attention of States downwards, to the seabed and the different cable systems that lie therein, and to the enormity of our collective dependency on them.
Given current geopolitical currents, attention to subsea communications cables will only continue to increase in the coming months alongside growing efforts to ensure greater trust and security in the ICT ecosystem and greater insistence on information sharing between relevant industry and government actors. Are cyber diplomats prepared to engage on the issues?
Nnenna Ifeanyi-Ajufo, Senior Lecturer of Law and Technology at Swansea University
Africa has become a prime target of ransomware attacks, with huge adverse impacts on Africa’s digital economy. In September, the EU Cyber Direct hosted a dialogue on ‘Investigating Ransomware: Lessons from International Cooperation against Cybercrime’ alongside the third session of the Ad Hoc Committee to Elaborate a Comprehensive International Convention on Countering the Use of Information and Communications Technologies for Criminal Purposes. With African representatives present, the conversation unanimously emphasised that the very nature of ransomware calls for cooperation across regions to build legal and technical capacity to effectively tackle it.
Africa is vulnerable without extant national and regional legislations that encompass the criminalisation of elements of ransomware. The Council of Europe recently adopted a ‘guidance note on ransomware’ which provides guidance on how the Budapest Convention can be used to criminalise, investigate and prosecute ransomware-related offences and importantly, enhance international cooperation for policing ransomware. With the reluctance to ratify the Budapest Convention, it is uncertain, if the surge in ransomware attacks in the region will finally force an alignment of the Region’s cybersecurity priorities.
Cooperation with the region can focus more on creating dialogues aimed at bringing legal certainty to tackling ransomware, and African States should consider creating the much-needed opportunities for policing ransomware through the framework that the Budapest Convention provides for international cooperation.
Arindrajit Basu, Non-Resident Research Fellow at the Centre for Internet and Society
2021 and 2022 saw several western powers, including the European Union, United States, and Canada, recognise the strategic significance of the Indo-Pacific for their own individual security and prosperity, as well as for global stability. Given the perceived adversarial role played by China in the region, regional powers like India have been endorsed as key to shoring up security and stability in the region.
Cyber diplomacy has emerged as a key policy priority for Indo-Pacific diplomacy. Minilaterals like the Quadrilateral Security Dialogue have taken several initial steps on supply chain diversification, ransomware, cybersecurity partnership, and technical standards. With countries in the Indo-Pacific region continuing to be victims of state-sponsored cyber-attacks, cooperation among countries that share interests in the region is likely to continue. One such shared interest is mitigating the continued cyber threat from an increasingly adversarial China.
At the same time, the United States has sought to re-enter the digital trade and economic space in the region through the Indo-Pacific Economic Framework. Such efforts will continue as the trade pillar of the IPEF gathers steam. However, deepening security cooperation in the cyber domain will not necessarily foster domestic policy convergence on the digital economy or greater trade cooperation with the United States or any other western power.
Most countries in the region are differently placed on several policy questions and take geopolitical decisions based on a context-specific assessment of strategic interests, including developmental costs and opportunities. This is why the influence of the Chinese private sector will likely continue in the region in 2023 with western powers like the US and regional alternatives like India looking to dislodge such influence through capacity-building, investment, and infrastructure creation.
The future of cybersecurity and digital economic cooperation in the Indo-Pacific will not be an alliance by default but partnerships hinged upon carefully calibrated security and developmental interests.
Louise Marie Hurel, PhD Researcher at the London School of Economics, Cyber Research Fellow at the Royal United Services Institute
The year 2022 was not shy of threats and challenges for countries in Latin America on the cybersecurity front. The year was both a wake-up call and a reminder that the region is not exempt from high-profile cyber threats. The Conti Ransomware attack that disrupted the operations of more than 27 government agencies in Costa Rica was the first cyber incident to lead to a formal declaration of a state of emergency by a country. Facing similar challenges, countries throughout the region have been engaging in international dialogues to combat ransomware. One such dialogue they engaged in was the International Counter Ransomware Initiative which issued its second annual joint statement in November.
However, other threats are not new. The use of surveillance technologies directly or via proxies to conduct government hacking has been a major concern for the region as governments are historically more focused on domestic security threats rather than external ones. This has often led to the disproportionate use of surveillance tools to track political opponents and/or civil society groups. Back in 2015, WikiLeaks published a series of correspondence that showed how countries in the region had acquired tools from Hacking Team. In 2021, the NSO group tried to sell Pegasus to the Brazilian government, and it had already been reported that Mexico’s army had been using it. In 2022, the Guacamaya Leaks further highlighted the scale and overreach of some intelligence operations conducted by Chile, Mexico, Peru, Colombia, and El Salvador.
In 2023, countries in the region have the opportunity to advance on a more detailed discussion on how their current surveillance activities and responses to cyber threats link to their commitments to being responsible players in cyberspace. The notoriety of cyber threats in 2022 also provides a space to expand on international and South-South cooperation avenues in the coming year – be it through existing mechanisms such as the OAS Cyber Confidence Building Measures Working Group or other bilateral, regional and technical channels.