As world leaders gather for the World Economic Forum (WEF) Annual Meeting 2023 in Davos, Switzerland, under the theme of Cooperation in a Fragmented World, it is imperative that there is a focus on the importance of cybersecurity for our collective security, safety, and the respect of rights and freedoms.
Cyberattacks and cybercrime are exploiting the interconnectedness and digitalization of our societies and blur the boundaries between perceptions of peace and conflict. The security of cyberspace is essential for a stable global system, thus action must be taken now to strengthen this security with approaches that enhance trust, the rights of people and resilience.
The unique nature of cyberspace requires a collective responsibility from all sectors of society to ensure the protection of people and society. This year’s Forum meeting theme of Cooperation is key to addressing cyber threats as they require concerted, collective, coordinated and multistakeholder collaboration. As WEF’s Global Risk Report 2023 highlights, both in the short term (2 years) and long term (10 years) widespread cybercrime and cyber insecurity rank in the top 10 of global risks ranked by severity. We call on world leaders to focus on the following domains:
- Protection of Non Governmental Organizations (NGOs) from cyberattacks
Cyberattacks against NGOs threaten the most vulnerable individuals and communities already devastated by armed conflicts, disasters and other complex emergencies. NGOs provide emergency and essential assistance and protection to people in need and yet they are increasingly victims of cyberattacks.
We call on world leaders to make every effort to respect and ensure the respect of NGOs and to put an end to cyberattacks against these organizations, their operations and data, staff and volunteers, as well as beneficiaries of their activities.
The CyberPeace Institute assists over 100 NGOs to build their resilience to cyberattacks through its CyberPeace Builders program developed to assist NGOs with free expert threat analysis and cybersecurity support. We also announced in December 2022 the forthcoming launch of the Humanitarian Cybersecurity Center (HCC). This Center provides expert support and practical free cyber assistance to NGOs, tailored to their needs and located anywhere in the world. It is built on a foundation of collaboration and cooperation.
- Protect critical infrastructure
Critical infrastructure is increasingly being targeted for malicious cyber activities. All efforts must be made to ensure that state and non-state actors do not cause damage or disrupt the functioning of critical infrastructure. Critical infrastructure facilities including water plants, power stations and pipelines, and healthcare facilities must be a key focus as they provide essential services to a country’s population and ultimately the safety and wellbeing of people.
It is vital that there is an increase in the capacity and ability to improve resilience to cyber threats by critical sectors. Capacity-building should be aimed at enabling States to identify and protect national critical infrastructure and to cooperatively safeguard its operation. This includes capacity building, implementation of norms of responsible behavior, and confidence building measures. We must seek to strengthen the norms protecting critical infrastructure.
Cyberattacks during the ongoing armed conflict in Ukraine, since the 2022 military invasion by Russia, have heavily disrupted critical infrastructure and services. The CyberPeace Institute has monitored more than 850 cyberattacks and operations in relation to this armed conflict affecting 22 different sectors and in 36 countries. Attacks on critical infrastructure affect people as they imperil the services vital for the survival of the civilian population.
- Ensure human centric focus as key for our humanity
The maintenance of international peace and security needs to ensure the protection and enablement of individuals to enjoy in cyberspace their fundamental rights and freedoms as well as their rights to economic and social advancement. To preserve what is humanly important in cyberspace and the trust in technology it is essential to focus on the impact on people and society of cyberattacks, and not only on the economic cost or technical remediation needs.
We call on world leaders to increase understanding of how cyberattacks impact and harm individuals and society, and that this informs and influences decision making. For example, the Cyber Incident Tracer (CIT) #Health documents cyberattacks against the Healthcare sector. This repository of data on cyberattacks over a two year period is being used to inform the development of a harm methodology to measure the impact of cyberattacks on individuals, and society as a whole. This is vital to inform technology, regulatory, and standards initiatives that will reach their ultimate goals – the protection of individuals and safe enjoyment of technology and connectivity.
- Preserve the universal character of the Internet
Heightened geo-political tensions, increasing vulnerabilities linked to food and energy crises, armed conflicts and climate crisis, as well as challenges to global systems are also the backdrop to exacerbating tensions in cyberspace and risks to the universality of the Internet. The fragmentation of the Internet creates boundaries in cyberspace, increases the risk of an information vacuum and the spread of misinformation and disinformation, and undermines the Internet as a motor of global trade. The Internet’s strength is its distributed nature but this also makes it fragile. The Internet’s openness depends on trust and this trust is undermined when access to the Internet is blocked in times of war or other crisis.
We call on world leaders to take all efforts to preserve the universal character of the internet, and to prevent activity that intentionally damages the availability and/or integrity of the public core of the internet.
It is critical to promote acceptance and implementation of international norms of responsible behavior in cyberspace, and to to focus on confidence building measures in cyberspace.
Ultimately, the peace and security of cyberspace is a collective goal that requires collective action, and requires capacity building to protect the universal character of the Internet. The responsible behavior of states in cyberspace is vital to achieving this goal.
We commend the World Economic Forum for its focus on dialogue, cooperation and leadership and call on participants to recognize that today the world needs decisive action to be taken and a true multistakeholder and collaborative engagement.