Issue Brief

Cyber Security in the UN Security Council Project

Strengthening Global Cyber Resilience Through UN Security Council Initiatives

Paving the way for the United Nations Security Council to uphold global cyber peace and security

By Allison Pytlak Lead Author • Shreya Lad Co-Author, Research

Emerging Technology

August 8, 2024

The misuse of digital technologies in modern conflicts and foreign policies presents a spectrum of international security risks, with potential to escalate tensions, erode trust, and undermine peacekeeping efforts. Aligned with its mandate and primary responsibility for the maintenance of international peace and security, there is a role for the United Nations Security Council (UNSC) in addressing the cyber and digital security implications to international peace and security.

This issue brief is based on several months of desk research and consultations to better understand the options, possibilities, and sensitivities of UNSC involvement in ICT and digital security, to understand the role of the UNSC in this digital landscape and how it can complement actions undertaken elsewhere in the United Nations system.

Introduction

From cyber operations targeting critical infrastructure to the spread of cybercrime and the use of social media to incite violence, the growing use of information and communication technologies (ICTs) in modern conflicts, military strategies, and as a component of foreign policies presents a spectrum of international security risks. The malicious use of ICTs has the potential to escalate tensions, erode trust in institutions, exacerbate fragility, and undermine the effectiveness of peacekeeping and peacebuilding efforts. The consequences of these risks are far-reaching and devastating, impacting both the affected country as well as the broader international community.

Aligned with its mandate and primary responsibility for the maintenance of international peace and security, there is a role for the United Nations Security Council (UNSC) in addressing the ICT and digital security implications to international peace and security. Efforts to date have included formal meetings on cyber security, and on technology and peacekeeping, as well as ten Arria-formula meetings on cyber-related topics.

These meetings and efforts have proven highly beneficial and momentum on cyber within the Council is growing in 2024. Yet, questions remain about what role the UNSC can and should play in relation to ICT security; and how can these actions be complementary to those undertaken elsewhere in the United Nations (UN) system?

To understand these and other related questions, the Stimson Center is implementing a new research initiative to examine the role of the UNSC in addressing international cyber peace and security. The project explores the potential ways in which the UNSC can more robustly and regularly address the impact of ICTs and digital technologies on international peace and security through research, consultation, and partnership building. It also examines how issues that present similar transnational or nontraditional threats to peace and security are considered by the Council’s working methods.

Cyber Security: An International Peace and Security Priority

ICT and digital security do not exist in a vacuum. They have widespread impacts affecting the international community. Both cyber security and cybercrime are increasingly critical components of maintaining international peace and security in the modern world, given their transboundary nature and the interconnectedness of the digital world.

Decades of UN meetings on international cyber peace and security, including at the UN Security Council, have brought clarity to the intersections between cyber security, cybercrime, and international peace and security. Below are some of the of the most frequently referenced types of operations or specific threats:

An increasing number of states are integrating cybersecurity into their national security and defense strategies. This has led to new investment in national capacities to respond to threats and vulnerabilities—and in developing cyber-offensive and defensive military capabilities. Such capabilities raise questions about the applicability of traditional security concepts, international law, and governance structures to cyberspace.
Cyber operations can be part of the toolkit of hybrid warfare or coercion and accompany military or economic tactics below the threshold of conflict. Over thirty countries have established cyber commands or units, with as many countries developing offensive cyber-attack capabilities.¹ Gray-zone tactics are also used by geopolitical rivals in regional or systemic competition. Increasingly, alliances and allied initiatives such as NATO and AUKUS are leveraging cyber tools in collective defense.
States have acknowledged that not only is the use of ICTs in future conflicts becoming more likely, but such technologies have already been used in this context.² This has implications for the protection of civilians and civilian objects and can contribute to escalation.
The number of malicious cyber activities targeting government institutions and electoral processes are of growing concern to many. Cyberoperations are combined with information operations that aim to influence public opinion and perceptions, which has implications for the integrity of democratic processes and sovereignty as well as relations among states.
From Costa Rica to Albania and the Philippines, it is increasingly common for states to reference cyber operations that have targeted government services or other national critical infrastructure in statements to UN cyber meetings. Critical infrastructure such as power grids, water supplies, and transportation systems are increasingly reliant on digital networks. Cyber operations targeting these systems can cause significant disruptions and pose threats to public safety and national security, potentially leading to destabilization and conflict.
The continued increase in incidents involving the malicious use of ICTs by state and non-state actors, including terrorists and criminal groups, is seen as a disturbing trend. Non-state actors and terrorist organizations increasingly rely on unconventional and asymmetrical tools such as ICTs to inflict damage against governments, organizations, or civilian populations.
The compounding effects of ICT misuse on marginalized individuals and communities and the implications for upholding and protecting human rights are increasingly well-documented. Concerns range from the use and sale of surveillance software to infringements of privacy rights, among others. Promoting human rights is seen as foundational for the UNSC to achieve its mandate of maintaining international peace and security, including through the implementation of the Women, Peace and Security (WPS) Agenda.³
The economic impact of cyber operations, including cybercrime, targeting businesses, financial institutions, and intellectual property are not insignificant. Economic instability can contribute to political tensions and conflict.

Other technologies, such as quantum computing and artificial intelligence (AI) can also negatively affect international peace and security by acting as catalysts and accelerators of malicious cyber activity. That AI-enabled cyberattacks are already targeting critical infrastructure and peacekeeping operations was noted by the UN Secretary-General during a 2023 Arria-formula meeting on artificial intelligence organized by the United Kingdom. Member states as well as expert briefers highlighted other AI risks to international peace and security, including the amplification of bias and surveillance, despite the potential benefits of these technologies. If cyber tools and capabilities already constitute a “threat multiplier”, the introduction other emerging technologies will only heighten the risks to global peace and security.

There is value in addressing these effects in fora like the UNSC because doing so provides states with an opportunity to play a role in developing responses to and mitigating those threats, which also affect their national security. As noted in the concept note for an April 2024 Arria-formula meeting on Cyber Security, “No State is immune to malicious activities carried out in cyberspace since such threats are inherently borderless. The most vulnerable are often those with less developed technological and institutional capacities to prevent, mitigate, and respond to such incidents. Open, inclusive discussions on the threat landscape are in the interest of all States; necessitating further discussion on international cooperation and capacity-building efforts.”⁴

History of Cyber in the UN Security Council

Over the past several years, the UNSC has become increasingly active in discussing various aspects of cyber peace and security, largely in informal settings. Since 2016, around 10 Arria-formula meetings have considered cyber security in the context of international peace and security, hybrid warfare, its implications for critical infrastructure, and preventing civilian impacts. Other discussions have considered adjacent issues such as emerging technologies, the role of social media in inciting discrimination, hostility, and violence, and more recently, AI. Cyber has also surfaced in relation to a broader discussion of operations against Georgia and as part of regional meetings on the Middle East. In 2021, Estonia convened the first High-level Open Debate on the topic.⁵

While these opportunities for exchange have proven highly beneficial for the UNSC and UN membership more broadly, the threat landscape does not remain static, but rather continues to grow more complex and thus merits ongoing consideration.

Deepened exchanges on the landscape of existing and potential threats in cyberspace would greatly benefit the UN Security Council’s future consideration of the growing implications for international peace and security.

IN FOCUS: The Links Between Cyber, Peacekeeping, and International Peace and Security

A comprehensive report from the International Peace Institute (IPI) analyses the unique risk profile of UN peace missions in terms of cyber threats.⁶

The report, citing the 2021 Strategy for the Digital Transformation of UN Peacekeeping,⁷ broadly outlines the unique risk profile of peace operations. The sensitive information gathered through peace operations under UN Security Council mandates raises complex operational challenges and ethical concerns. As mandates have become more robust and security environments more dangerous, the types of data gathered by peace operations have become more sensitive, and the potential value to hostile actors and potential harm caused by the loss of this data has increased.⁸

Moreover, and as detailed in the IPI report, the growth of private or so-called “parallel” security actors has exacerbated geopolitical tensions; for example, the Wagner Group presents itself as an alternative to UN missions and spreads disinformation to this end.⁹ Such private or parallel security actors have sometimes used intrusive surveillance activities that pose operational and privacy risks for mission personnel. Missions need to be more concerned about the security of their communications equipment, often nationally supplied.

Leveling Up UNSC Efforts for Cyber Resilience

United States (U.S.) Ambassador Thomas-Greenfield said in 2022 that the benefits and threats of digital technology is “a new and important focus for the Security Council” and that “it is long past time for [the Council] to fully grapple with the impact of digital technologies” on international peace and security.¹⁰

Certainly, the 2024 High-level Open Debate demonstrated that a majority of UN member states, including many current UNSC members, are supportive of the organ playing a bigger role or having a louder voice in addressing cyber threats.

What would that look like, practically? Below we have set out a range of possibilities, from concrete activities to broad approaches. These possibilities are informed by suggestions made by states during relevant UNSC meetings and events, consultations with the Stimson Center, and our own analysis.

Information-Sharing and Awareness-Raising Activities

The Stimson Center’s research has shown that there is a need to equip Council members and other member states with information and data about cyber threats and trends and to do so on a regular or established basis. As one Council member said during the Debate, “The Council needs a clear diagnosis of the present situation.”

This could occur through more structured formats such as regular briefings for Council members. In addition to briefings on cyber threats or trends, some delegations have indicated that it would be helpful to receive more regular information on what is happening in other bodies or UN fora that address digital, ICT, or cyber-related topics. It has also been suggested that the UNSC could convene an annual discussion focused on the cyber threat landscape. Given the rapidly changing nature of the threat landscape, consideration of the impact of technologies like AI and quantum computing on cyber and digital security is warranted.

During the High-level Debate, some states expressed support for this type of activity, with a few also making the connection to broader cyber capacity-building efforts. One state described the importance of “situational awareness” briefings while another noted that such awareness-raising would enable the UNSC to make informed decisions on specific geographical issues and in the context of peacekeeping operations or the protection of critical infrastructures. Some have encouraged that such briefings either be provided by or otherwise engage with relevant non-governmental stakeholders and experts. In line with proposals for activities that support information sharing.

The potential of requesting the UN Secretary-General (UNSG) to release an annual report on cyber trends in the context of international peace and security has surfaced in recent events. This would constitute something of a procedural “step up” from the types of information-sharing activities described above (UNSG reports need to be mandated from a UN body and by a resolution or presidential statement) but would help to regularize consideration of the topic.

Reaffirming the Framework for Responsible Behavior

Multiple countries and non-governmental stakeholders have stressed the importance of the UN affirming and reinforcing the UN Framework of Responsible Behavior in Cyberspace, which is premised on the consensus agreement about the applicability of international law to cyberspace and a set of 11 voluntary, peace-time behavioral norms developed by the 2015 Group of Governmental Experts (GGE) on ICTs and endorsed by the UN General Assembly on multiple occasions. In statements to meetings and in consultations, states have variously suggested that the UNSC could support the operationalization of the Framework or adherence to it, although not yet with specificity on how that would occur. Ensuring complementarity with UNGA cyber priorities and avoiding duplication of efforts is a clear priority—and concern—as elaborated on further in this report.

A New Priority?

Another possibility is for cyber or ICT to become its own thematic item. At present, there has not been any suggestion of doing so; rather there is more support for improving how the Council can address the cyber dimension of existing thematic and geographic items. That said, should the Council begin to address other technological issues in a more regular and focused way, one suggested approach has been to ‘bundle’ cyber with other adjacent concerns such as AI.

Integration and Mainstreaming

Another possibility is what might be considered the “mainstreaming approach” in which UNSC members would more robustly integrate cyber or ICT within existing UNSC mandates or geographic and thematic priority items, as relevant, and noting the cross-cutting nature of cyber. This is not to say that the debate on these topics currently overlooks cyber threats and digital technologies entirely, but rather that consideration of cyber isn’t widespread or in some instances, formalized in ways that could benefit work on the ground, and/or improve accountability and the enforcement or implementation of mandates.

Per statements delivered in recent UNSC meetings on cyber there are a few areas in which the connection to cyber and ICT is most prevalent:

Sanctions evasion has surfaced often and as a result of efforts to shine a light on the connection between cryptocurrency theft and weapons development programs. While to date this has been largely focused on one country’s actions (the Democratic People’s Republic of Korea) there could be scope to take a wider lens. During the April 2024 Arria-formula meeting, a few states encouraged the Council to take a more proactive role in monitoring the role of cyber/ICT in sanctions evasions and breaches.
Nonproliferation, related to the sanctions issue, is also often spotlighted as an area ripe for updating or mainstreaming, in response to the threat that cyber and ICT poses to arms control and nonproliferation efforts. The work of the 1540 Committee, for example, could be continuously updated to reflect the use of ICTs.
ICT activities pose a threat to civilian populations during armed conflict. This has implications for the UNSC’s mandate to protect civilians and for the universal endorsement of the applicability of international humanitarian law to state conduct in the use of ICTs. Relatedly, targeting civilian objects in fragile zones could seriously impact the ability of peace operations to implement their mandates and to protect civilians.
A growing body of research into the gendered impacts of ICTs presents options for how the Women, Peace and Security (WPS) Agenda should be updated in order to continuously assess how cyber threats and digital technologies affect the four pillars of the Agenda. There is also scope for member states to update National WPS Action Plans accordingly.

As part of this approach, the Council could update or revise existing mandates to address cyber threats more comprehensively and improve accountability. When relevant, accounting for the intersection of cyber threats with other technologies would aid in “future-proofing” such updates. Council products, such as resolutions or statements, might include elements related to cybersecurity as appropriate. During the 2024 Debate, one state gave the example of including provisions about strengthening strategic communications in peacekeeping operations and special political missions.

Additionally, Council members and other member states could more regularly reference cyber-related concerns, developments, or threats within statements delivered during relevant meetings, including in relation to country and regional work. This has proven useful for “connecting the dots” in Council meetings on other topics; for example, the Monthly Action Points (MAP) prepared by the NGO Working Group on Women, Peace and Security helps to identify points of connection between thematic or geographic debate items and the WPS Agenda or gender more broadly.¹¹

Investigation and Response

The potential of the UN Security Council to investigate and/or respond to cyber incidents or malicious cyber activity is another possible area of action. Some states have likened this response to how the UNSC responds to threats posed by conventional means.

This option also intersects somewhat with the mainstreaming approach described earlier, in that response might come in response to cyber activity that intersects with Council interests, such as those that support terrorism or weapons proliferation, which harm civilians or critical infrastructure, or that exacerbate existing conflicts. This is an opportunity for de-escalation, and to promote accountability as has been noted by various states. Or as one state observed during a 2023 Arria-formula meeting, the UN Security Council should engage in dispute resolution as derived from its tasks enshrined in Chapter VI of the UN Charter and potentially consider a more “robust” response to maintain or restore international peace and security when required.

In the context of upholding law and norms, a few states and stakeholders consulted with have indicated that there might be a role for the Security Council in enforcing accountability measures in relation to the malicious use of ICT. This could take the form of more proactively encouraging the development of capabilities to track and attribute cyber activities more accurately, as a way for the UNSC can enhance its ability to hold actors accountable. A dedicated cyber monitoring body under a UNSC mandate could be a relevant option.

IN FOCUS: Sanctions Evasion Impacts International Peace and Security

In February 2016, 35 fraudulent instructions were issued via the Society for Worldwide Interbank Financial Telecommunication (SWIFT) network to transfer USD $1 billion from an account at the Federal Reserve Bank of New York belonging to Bangladesh Bank, the central bank of Bangladesh. The so-called Bangladesh Bank heist was attributed to a hacking group in the Democratic People’s Republic of Korea (DPRK) that is responsible for the WannaCry ransomware exploit and is known as the Lazarus Group. The cybercriminals managed to compromise Bangladesh Bank’s computer network, observe transfer procedures, and gain access to the bank’s credentials for payment transfers. They used these credentials to transfer funds to accounts in the Philippines and Sri Lanka. The cyber operation allegedly helped the Lazarus Group to gain access to the international financial system despite the sanctions imposed against DPRK’s nuclear weapons program.¹²

For several years, the DPRK has used cyber tactics to generate illicit revenue including through cybercrime actors such as the Lazarus Group, often backed by DPRK’s national Reconnaissance General Bureau. How DPRK has used cyber tactics and proxy actors to evade the heavy sanctions placed on it by the international community was the focus of a UN expert panel, whose mandate was controversially not renewed in 2024. Per the Panel’s final report, it believes that half of DPRK’s foreign currency comes from illicit cyber operations.¹³

Overall, sanctions and arms embargoes are becoming less effective as demonstrated by the use of cyber operations by sanctioned countries to raise funds. By compromising the effectiveness of the sanctions regime and the UN Security Council’s mandate, illicit and malicious cyber activity can pose challenges to the global nonproliferation architecture. For instance, an estimated 40% of the DPRK’s weapons of mass destruction (WMD) programs are funded by its illicit cyber activities.

The 1719 Panel report also describes the indiscriminate nature of DPRK’s defense industrial base targeting – from European aerospace companies to Russian satellite communications companies. Over 50 UN member states have now been directly affected by DPRK-backed hacker groups. Elite hackers have been acquiring intellectual property from major companies, including their closest allies, to develop WMD delivery systems.

The Panel also investigated 58 suspected cyberattacks on cryptocurrency-related companies between 2017 and 2023, valued at approximately $3 billion. In June 2023, users of the cryptocurrency wallet Atomic Wallet were targeted by hackers, leading to losses worth 129 million USD. The FBI attributed this to the DPRK hacking group TraderTraitor and stated that it was the first in a series of similar attacks.¹⁴

The Lazarus Group’s actions are a key part of North Korea’s strategy to support its economy and fund its sanctioned programs, showcasing the increasing role of cyber warfare in international relations and national security. Their continued evolution and adaptability make them one of the most persistent cyber threats today.

What Can We Learn From Other Issues?

The experience of the UN Security Council in addressing or more robustly considering other evolving and transboundary threats may be instructive for efforts on cybercrime and cybersecurity.

Climate-related issues one such area in which UNSC engagements can be instructive. Both climate change and cyber threats pose significant and observable risks to peace and security, directly influencing the UNSC’s effectiveness. The threats are transnational, cross-cutting, and evolving. In part due to these linkages and the transboundary nature of the threats, the Council’s role has been contested, and even opposed.

Key questions for the UNSC’s work on climate have included the ways in which the UNSC’s mandate to safeguard international peace and security extends to climate change under the UN Charter. It has included discussions on climate change as a specific and general risk to peace and security, including for specific peacekeeping issues such as the ability of UN peacekeeping operations in at-risk zones to carry out their mandate.¹⁵

Some states, including some P5 members, have made the case that climate change is a sustainable development issue and the UNSC ought not play a major role in addressing it. The focus of the opposition has been the appropriateness of the UNSC as a forum to address climate change—including because of its smaller membership and exclusive nature—or that tackling climate change in the UNSC would create a political discussion and distract from a scientific discussion.¹⁶ Likewise in the case of cyber security and cybercrime, some states are concerned about the further securitization of those topics and point to the UN General Assembly process, or efforts within UN human rights fora as better suited.

In 2021, Ireland and Niger introduced for the first time, a draft resolution on climate, peace, and security.

The resolution received strong objections a few states who argued that there was no scientific consensus about the link between climate change and security, and said that the resolution would politicize the issue. Russia ultimately exercised its veto against this draft, while circulating instead an alternative draft Presidential Statement on environmental risks as a threat to stability in the Sahel region.

Successful UNSC resolutions that incorporate climate have been regarding UN peacekeeping mandates that have incorporated climate considerations into humanitarian and peacekeeping efforts, e.g. MINUSMA (Mali) and UNSOM (Somalia). There have also been efforts to incorporate language on climate change into a draft presidential statement on terrorism and security.

So far, members are united on recognizing the severity of climate change but remain divided on the extent to which the UNSC should play an active role.¹⁷ This mirrors the trajectory of cyber; between the 2021 High-level Open Debate organized by Estonia, and the most recent convenings hosted by the Republic of Korea (ROK), members have acknowledged the urgency and implications of cyber threats but have yet to rally around a specific role for the UNSC in addressing them.

Traditionally, UNSC-focused comparisons of climate change and cyber/ICT security have focused on the inability to achieve tangible outcomes, with a particular focus on the failed 2021 climate resolution. Focusing instead on the common substantive characteristics and the political dynamics surrounding climate and cyber could provide a more constructive approach. Examining these similarities can help address these issues and identify effective ways for the UNSC to engage in ways that align with its mandate.

Sensitivities and Concerns

Complementarity With Other UN Processes

While recent meetings and events have demonstrated that there is wide support for greater UNSC engagement in cyber issues, that support is not universal.

Much of the opposition, or skepticism, appears to stem mainly from a desire to avoid overlap or duplication of efforts with the work of other UN bodies, notably the current Open-ended Working Group (OEWG) on the security of and in the use of ICTs. The OEWG was established through a UNGA First Committee resolution in 2020 and is the second such OEWG, which are both successor bodies to earlier Groups of Governmental Experts on ICTs, that were also established through the UNGA First Committee.

It was the GGEs that developed what is now referred to as the UN Framework described earlier in this report and the OEWGs have largely, to date, sought to support the implementation and shared understanding of the Framework through regular dialogue and intersessional work focused on six standing agenda items. However, the current OEWG’s mandate expires in 2025 and what will replace it is not yet fully known or agreed upon. This might be an opportune momentum for states that wish to see greater Council engagement think through how best to ensure complementarity as a new UN General Assembly mechanism or platform is being developed. The experience of the UN Security Council in addressing or more robustly considering other evolving and transboundary threats may be instructive for efforts on cybercrime and cybersecurity. Small arms and light weapons (SALW) are one corollary. Given the prevalence of SALW in many of the conflicts and geographic areas under the UNSC’s consideration, the topic was both mainstreamed into Council debates over time and became a standalone agenda item. Several years later, the UNSC adopted its first resolution on SALW. Within this same time frame, the UNGA First Committee had also established a politically binding instrument (a Programme of Action) on the illicit proliferation of SALW, demonstrating how both organs of the UN can take complementary action on a topic.

In a commentary that Stimson published in April, we noted that “Future engagement from the Council will need to identify what its unique role and value-add will be, and how any future work or uptake can complement other UN processes.”¹⁸

Most states and stakeholders agree that complementarity is vital, even those that envision a more robust or vocal role for the UNSC on cyber-related topics. Some have suggested that the UNSC should pursue areas where it has clear authority and capability, such as sanctioning known malicious actors or facilitating international cooperation and information sharing.

International Law

Another somewhat related objection has to do with the UN Framework itself and the understanding that international law applies to state conduct in the use of ICTs. Most member states agree that this refers to all international law, but some object to the applicability of IHL and international human rights law. A few also object to the applicability of the UN Charter including Article 51 and the right to self-defense. While it is unlikely that this would prevent the UNSC from becoming a more vocal actor against cyber threats, it could be a complicating factor in efforts to pursue accountability or incident response. Certainly, it illustrates the importance of states outlining their national interpretations of how international law applies to their use of ICTs.

Additional Points

Through its consultations and desk research, the Stimson Center has identified the following points worth bearing in mind. Some represent sensitive topics while others constitute outstanding questions and points for states and interested stakeholders to not lose sight of.

The UNSC’s lack of inclusivity is a concern to some. This is true both with respect to member states that are not Council members, as well as for non-governmental stakeholders.
The ability to veto has stymied Council action on other critical issues such as outer space as well as various geopolitical situations raises questions about the UNSC’s overall utility and impact, particularly in a time of high geopolitical division. One state has pointed out that cyber is one of the few areas in which there is momentum in the UNGA and that should be allowed to continue.
P5 and E10 dynamics¹⁹ are relevant, as they are for agenda-setting on any issue or topic being somewhat newly presented to the UNSC. It will be challenging for UNSC efforts on cyber to deepen without consistent championing among incoming and outgoing E10 states and visible support from P5 states.
There has been some pushback to the suggestion that the UNSC could play a role in incident response, by pointing out the need for high and professional quality attributions of responsibility, and challenges therein.
Some have identified there is a risk of the issue (cyber) becoming overly securitized if brought into the UNSC and that the human rights and humanitarian dimensions could be overlooked, more than they already have been.²⁰
The need for, and if there is merit in, the Council pursuing a “holistic” approach that doesn’t always distinguish between cybersecurity and cybercrime is an open question. Some feel that the distinction is less necessary than it has been in the UNGA processes, but that it is important to not overlook nuances and differences where they exist.
The pros and cons of “bundling” cyber with the Council’s efforts on other technological issues such as AI and avoiding a proliferation of meetings on related issues and topics, including in light of current negotiations on the Global Digital Compact and Pact for the Future, have surfaced in our consultations. It was noted that such meetings tend to occupy time from the same New York-based experts as would contribute to, or be consulted on, cyber efforts in the UNSC—although it was also noted that for many states, cyber experts are based in the capital.
The 2024 High-level Debate included a noteworthy number of references to cyber capacity-building (CCB). What this would look like in a UNSC context is worth unpacking further and distinguishing from CCB efforts led by other actors or UN bodies.

IN FOCUS: Cyber and Humanitarian Organizations

In January 2022, the International Committee of the Red Cross (ICRC) experienced a sophisticated cyberattack that compromised the personal data of over 515,000 highly vulnerable people.²¹ The breach affected servers hosting information on people separated by conflict, migration, and disaster who were at risk of being exposed, exploited, or harmed if it were misused. The ICRC made an appeal to the attackers to uphold the protection of this sensitive data.

The ICRC incident relates directly to international efforts to promote peace and security, disrupting the ability of conflict prevention and humanitarian workers to execute their mandate. This is a threat to the impact and effectiveness of the international security architecture, including the UN Security Council, and its credibility. The incident also sparked discussions about the responsibility of states and the international community to prevent and respond to cyber operational targeting humanitarian organizations. The ICRC’s appeal to the attackers was a reminder of the human impact of such breaches and the need to protect individuals’ rights even in cyberspace.

Conclusion

The value of addressing cyber threats and impacts in fora like the UNSC is that it offers states an opportunity to play a role in developing responses to and mitigating the cyber threats they face individually—and collectively. There are important questions about diplomatic relations and geopolitical realities that need to be considered, but downplaying or continuing to overlook the impacts of cyber or other so-called emerging technologies brings into question the relevance and future viability of the UN Security Council, at a time when disillusionment over its ability to take meaningful action is especially high.

Recommendations

Continue to cultivate opportunities for knowledge-sharing and awareness-raising.
- Regular information briefings, even if held informally, will help to fill informational gaps. Such gaps include knowledge about the current threat landscape and state-of-play in cybersecurity and cybercrime but also exist in relation to topics about UN cyber processes themselves. For example, UNSC experts are not necessarily the same individuals who attend the UN OEWG sessions and have close familiarity with the UN Framework.
- States should continue engaging with non-governmental experts and relevant UN agencies for information-sharing and awareness-raising activities. States that support formalizing or regularizing such briefings, or products like reports, should consider what the necessary procedural steps are and the scope of what types of technical information would add value and be of interest to most Council members.

Support research and dialogue to further understand the cyber and ICT implications of existing UNSC mandates and priorities.
- While this Issue Brief has identified several points of synergy between cyber/ICT and topics under the UNSC’s consideration, a closer analysis is needed. This could include conducting a “cyber audit” of existing mandates to ascertain the gaps and opportunities, the extent to which cyber/ICT has been referenced in past resolutions or PRSTs, or a review of relevant non-governmental research and literature.
- Other avenues of research may include a consideration of how other cross-cutting or evolving topics have been integrated onto the UNSC’s agenda over time.
- In such efforts, engaging with relevant UN agencies and departments will be critical to ensure that any actions taken by the Council add value and do not result in unforeseen or unanticipated consequences on the ground.
Deepen consideration of how the Council can respond to cyber threats through more focused and granular discussions. For the UNSC to investigate and determine if a cyber operation or incident poses a threat to peace or constitutes an act of aggression, more discussion is needed about how the Council can better define and prioritize cyber threats that pose a risk to international peace and security: what are the key indicators that a threat has escalated to a level warranting Council’s attention? Are there measures to be taken by which the Council can prevent escalation of cyber threats?

Interested non-governmental stakeholders could coordinate disparate efforts that are useful to improve the UNSC’s engagement in and response to cyber threats. At present, there are very few organizations or individuals thinking holistically about cyber and the Council writ large and not a strong sense of community or an interested network. Existing platforms such as the NGO Working Group on the Security Council could play a facilitative role. There may also be scope for informal platforms such as the UN Cyber Hub, which connects the cyber-related activities of diverse UN departments and agencies, to share substantive information in addition to their regular exchange on activities.

Cultivate a common vision and core support group. Ultimately, if states and interested stakeholders would like to see the UN Security Council be a more dynamic voice on cyber threats and ICT-related issues, they need to communicate with one another to better identify common objectives and vision and outline strategies for getting there. For example, if a state or group of states believe that the current momentum can lead to the adoption of a PRST or resolution, what provisions and elements should that include? What aspects of cybersecurity and cybercrime should it focus on? And what steps are necessary to get there?

Notes

1
Chatham House, “Offensive Cyber Operations,” Juliet Skingsley, (2023). DOI: 10.55317/9781784135850; Max Smeets, No Shortcuts: Why States Struggle to Develop a Military Cyber-Force (London: Hurst, 2022), 27.
2
UN Secretary-General, Developments in the field of information and telecommunications in the context of international security, A/78/265, 1 August 2023.
3
Michelle Bachelet, “Protecting human rights: the role of the UN Security Council,” Keynote address, May 5, 2021, https://www.ohchr.org/en/2021/05/protecting-human-rights-role-un-security-council.
4
Permanent Mission of the Republic of Korea, Arria-formula Meeting Concept Note: Evolving Cyber Threat Landscape And Its Implications For The Maintenance Of International Peace And Security, April 2024, https://www.securitycouncilreport.org/atf/cf/%7B65BFCF9B-6D27-4E9C-8CD3-CF6E4FF96FF9%7D/arria%20formula%20on%20cybersecurity.pdf.
5
For more background on past UNSC
meetings about ICT, see UN Security Council Report “Information and Communications Technologies”,
https://www.securitycouncilreport.org/information-and-communication-technologies/ and Allison Pytlak, “UN Security Council meeting highlights the cyber peace and security challenges wrought by the COVID-19 pandemic”, May 28, 2020, Reaching Critical Will, https://www.reachingcriticalwill.org/news/latest-news/14706-unsc-meeting-highlights-cyber-peace-and-security-challenges-wrought-by-the-covid-19-pandemic.
6
International Peace Institute, “Cybersecurity and UN Peace Operations: Evolving Risks and Opportunities.” Dirk Druet, (2024) page 4-11. https://www.ipinst.org/wp-content/uploads/2024/03/2403_Cybersecurity-and-UN-Peace-Opsweb-1.pdf
7
United Nations, Department of Peace Operations (DPO), “Strategy for the Digital Transformation of UN Peacekeeping,” (August 2021), https://peacekeeping.un.org/sites/default/files/strategy-for-the-digital-transformation-of-un-peacekeeping_en_final-01_15-08-2021_final.pdf.
8
“Cybersecurity and UN Peace Operations: Evolving Risks and Opportunities,” page 4.
9
Ibid, page 7.
10
Remarks by United States Ambassador Linda Thomas-Greenfield, May 3, 2022, https://usun.usmission.gov/remarks-by-ambassador-linda-thomas-greenfield-at-a-press-conference-on-the-may-program-of-work-and-the-u-s-presidency-of-the-un-security-council/.
11
“Monthly Action Points”, NGO Working Group on Women, Peace and Security, website, n.d., https://www.womenpeacesecurity.org/map/.
12
Jim Finkle, “Bangladesh Bank Attackers Hacked SWIFT Software,” Reuters, April 25, 2016, https://www.reuters.com/article/us-usa-nyfed-bangladesh-malware-exclusiv/bangladesh-bankhackers-compromised-swift-software-warning-issued-idUSKCN0XM0DR/.
13
United Nations Security Council, Final report of the Panel of Experts submitted pursuant to resolution 2680 (2023), S/2024/215 (7 March 2024), available from https://main.un.org/securitycouncil/en/sanctions/1718/panel_experts/reports.
14
Ibid.
15
Security Council Report (2022). The UN Security Council and Climate Change: Tracking the Agenda after the 2021 Veto. https://www.securitycouncilreport.org/atf/cf/%7B65BFCF9B-6D27-4E9C-8CD3-CF6E4FF96FF9%7D/unsc_climatechange_2022.pdf
16
Matt McDonald, Immovable objects? Impediments to a UN Security Council resolution on climate change, International Affairs, Volume 99, Issue 4, July 2023, Pages 1635–1651, https://doi.org/10.1093/ia/iiad064.
17
International Peace Institute, “Climate Change in the Security Council: What New Council Members Can Achieve in 2023.” Adam Day, Janani Vivekananda, and Grazia Pacillo, (2023) page 4-6. https://theglobalobservatory.org/2023/01/climate-change-security-council-elected-members/
18
Allison Pytlak and Shreya Lad, “The UN Security Council Discusses Cyber Threats to International Security,” The Stimson Center, April 15, 2024, https://www.stimson.org/2024/un-security-council-cyber-threats-to-international-security/.
19
For more on this, see Susan Hannah Allen and Amy Yuen “Anticipating the Deal” in Bargaining in the UN Security Council, Oxford University Press, 2022, pp. 76-99; and Arthur Boutellis, Lessons from E10 Engagement on the Security Council, International Peace Institute, November 2022.
20
For more on the extent to which UNSC resolutions have accounted for digital rights, see Imène El Kadouri, Wavering Resolutions: The Un Security Council On Digital Rights, Access Now, June 2024, https://www.accessnow.org/wp-content/uploads/2024/07/UN-Security-Council-in-the-digital-age-technical-report.pdf.
21
International Committee of the Red Cross (ICRC), “International Humanitarian Law and Cyber Operations during Armed Conflicts,” (2019).

Recent & Related

Field Note

Breaking Silos to Beat Scams: Why Holistic Law Enforcement Matters

Courtney Weatherby • Allison Pytlak

Commentary

Attempting to Silence a UN Voice

Rebecca Snyder

Policy Memo

The Impact of Artificial Intelligence on Violence Against Women and Girls

Kalliopi Mingeirou • Yeliz Osman • Raphaëlle Rafin