The COVID-19 pandemic has highlighted the world’s dependence on information and communication technologies which were essential in keeping us informed and connected to one another, even as we remained physically apart.
Over the course of the last eighteen months, we have witnessed an increased trend in malicious cyber operations targeting medical facilities, including organizations dedicated to research and vaccine development to combat COVID-19. We live in a volatile region, and the Middle East is not immune to the risk posed by malicious cyber activity—it is often the target of major cyber operations and espionage. In the last few years, our region has witnessed severe incidents affecting the telecommunications, banking, and public sectors. Oil and natural gas installations have also been targeted, causing hundreds of millions in damages. Such malicious cyber activity on the region’s critical infrastructure has the potential to spark a conflict in an already tense environment, and pose a threat to international peace and security.
The UAE is committed to creating the necessary infrastructure and mechanisms to enhance its cybersecurity capabilities, both to protect itself against cyber threats and better work with others to address shared challenges. In November 2020, we established the UAE Cybersecurity Council, which will develop a comprehensive national cybersecurity strategy and a national cyber incident response plan. We host the largest cybersecurity and digital transformation conferences including GITEX, GISEC and Cybertech to build domestic capacity, and we have developed a platform for public-private partnership to facilitate information sharing. We also collaborate with States, international organizations, and private sector entities to share information both at a policy and technical level. For example, the UAE contributes to the work of regional organizations, such as the Gulf Cooperation Council’s new joint malware analysis platform, and is an active member of the Organization for Islamic Cooperation’s Computer Emergency Response Team (OIC-CERT). These cooperative and transparency confidence building measures are some of the ways that the UAE is doing its part to reduce cyber risks to international peace and security.
The UAE welcomes the recommendations in the reports of both the Open-Ended Working Group on ICTs and the Group of Governmental Experts. They underline the importance of supporting efforts to further the implementation of the voluntary norms of responsible State behavior in cyberspace as well as the need to develop common understandings on the applicability of international law to online activity. More, however, needs to be done, both to encourage and support States in carrying out the recommendations as well as to provide further guidance in a rapidly evolving environment. The Programme of Action for responsible state behavior in cyberspace provides an ideal roadmap for future work, and will contribute to addressing cyber risks to international peace and security.
Minimizing cyber risk to international peace and security will remain a challenge. The UAE proposes two recommendations that can assist with this task.
First, States should provide training and capacity building at the bilateral, regional and international levels, including through training programmes and the development of guidance to assist with implementing the norms for responsible state behavior. These actions can act as confidence-building measures, responding to the mistrust and misunderstandings between States in cyberspace that can pose a risk to international peace and security.
Second, States should continue to share their views and assessments with the Secretary-General and actively participate in cyber-related international fora and cross-regional formats. The sharing of best practice and exchanges of experience can help States adapt to evolving norms and become responsible actors in cyberspace.
All States have a responsibility of promoting international peace and security, both online and offline. Abiding by norms of responsible state behavior in tandem with obligations under international law is the best place to start.