UN Security Council Arria Meeting on Cybersecurity

5 April 2024
UN Security Council Arria Meeting on Cybersecurity

On 4 April, Robin Geiss, Director of UNIDIR, alongside Adedeji Ebo, Director of the UN Office of Disarmament Affairs (UNODA), and Valeria Kennedy, Director of Intelligence Solutions for Investigations and Special Programs at Chainalysis Inc. briefed the UN Security Council members on the evolving cyber threat landscape and its implications for international peace and security. This Arria-formula meeting, convened by the Permanent Missions of the Republic of Korea, the United States and Japan, heard interventions from over 60 states, many of whom underscored the increasing severity of cyberattacks as well as the important role the UN Security Council can play in deescalating tensions and promoting accountability for responsible state behavior in cyberspace. 

From proliferation of malware, use of decoy ransomware to deploy wipers to disrupt diverse sectors including critical infrastructure, to the theft of cryptocurrency and other sensitive information, the event underscored the evolving nature and impact of cyberthreats that can negatively affect the Security Council’s efforts to maintain international peace and security. 

What happens in the cyber world can no longer be separated from what happens in the real world,” warned US Ambassador Linda Thomas-Greenfield in her opening remarks as a co-chair of the meeting. Co-chairing the meeting on behalf of the Republic of Korea, Ambassador Joonkook Hwang highlighted that while digital technologies bring immense benefits, the more connected we are, the more vulnerable we become to illicit cyber activities. Recognizing the interdependence of the digital world, Ambassador Yamazaki Kazuyuki, co-chairing for Japan, remarked that to address cyber threats effectively, “international cooperation is not an option but an absolute necessity for all of us.” 

In his briefing, UNIDIR Director Geiss emphasized the interconnections between cyber threats, the evolving nature of technology, and international security. He cited not only the destabilizing effects of cyberattacks on critical infrastructure, such as hospitals and water systems, but also the potential for malicious actors to misuse emerging technologies, including Artificial Intelligence, for cyberattacks and cryptocurrency theft. These activities can fuel and finance terrorism, armed conflicts, and programme weapons of mass destruction in contravention to existing Security Council resolutions. Similarly, UNODA Director Ebo warned that when cyber risks pose a threat to international peace and security, whether due to impacts on critical infrastructure, humanitarian organizations, or political or electoral processes, the implications are serious and can escalate tensions. 

In response to these challenges, Dr. Geiss proposed the Security Council could meet regularly to assess the evolving cyberthreat landscape and integrate considerations of cyber threats into its existing resolutions and workstreams, including those on protecting civilians, critical infrastructure, and humanitarian activities. He also called on the UN Member States to make cybersecurity capacity building an integral part of digital transformation efforts to ensure a cyber-resilient future for all. “Cyber threats are here to stay and will continue to evolve. UNIDIR stands ready to assist States, whether through our research or the delivery of training and capacity-building programs on ICT security”, said Director Geiss. 

Building on the UNODA and UNIDIR briefings, Valeria Kennedy from Chainalysis Inc. spoke of the emergence of global cybercrime-as-a-service phenomenon with a complex web of actors, sophisticated division of labor, and organizational structures. She also cautioned that “beyond being a tool for opportunistic cyber criminals and hacktivists, cyberattacks are also deployed by highly capable state and state sponsored threat actors.” Citing the latest findings, she warned that a single nation-state actor may have been responsible for stealing over 1 billion USD in cryptocurrencies to fuel the development of its weapons programmes. 

In their subsequent interventions, many states highlighted their concerns over cyberthreats targeting critical infrastructure, including space assets, the healthcare sector, financial systems and other infrastructure delivering essential public services. Several states warned about the gendered impacts of cyberattacks and many expressed concerns over cyber interference with electoral systems that can undermine trust in democratic processes. Some also recalled recent expert findings, highlighting cryptocurrency theft as a tactic to finance weapons programmes in violation of UN sanctions. 

During the session, states recalled that international law, including the UN Charter, was fully applicable in cyberspace and highlighted the need to adhere to the rules, norms, and principles of responsible state behavior in cyberspace. States also underscored the need to increase cyber-resilience of digital infrastructure through international cooperation and capacity building. Many participants expressed support for establishing a permanent UN body on cybersecurity to address the evolving cyber threats holistically at the international level. 

More information: