Representatives of 16 countries wound up two days of meetings on cybersecurity in Vancouver this week by calling for nations to uphold responsible behaviour in cyberspace.
Global Affairs Canada said the meetings, which discussed challenges to co-ordinated responses to incidents, were follow-ups to sessions last year in Belgium.
“Country representatives recognized that every country faces different circumstances and noted growing cyber challenges in the Indo-Pacific region, in the context of the war in Ukraine and beyond, and reflected on how to address these through robust strategies,” Global Affairs said in a statement. “Participants reaffirmed their commitment to broad international co-operation to counter cyber threats.”
In addition to Canada, participants came from Australia, Czechia, Estonia, France, Germany, Japan, Mexico, the Netherlands, New Zealand, Poland, Singapore, Sweden, Switzerland, the United Kingdom, and the United States, as well as the European Union.
No information was revealed on detailed policies or strategies the participants may have agreed to. According to Global Affairs, during the meeting, participants:
- reaffirmed the importance of upholding responsible behaviour in cyberspace;
- welcomed initiatives to implement the UN Framework for Responsible State Behaviour in Cyberspace, notably the development of a robust, action-oriented and inclusive Program of Action;
- recalled that international law applies to cyberspace;
- invited all countries to share national assessments on the applicability of international law to the cyber domain as a means to reach common understanding and further build international acquis on responsible state behaviour in cyberspace.
“Building on the outcomes of this meeting,” Global Affairs said, “Canada is committed to deepening its cyber collaboration with international partners, including countries in the Indo-Pacific.”
In a statement the European Union — which hosted the gathering — said the scenario-based discussions pretended that cyber incidents took place in different countries, affecting their critical infrastructure and essential operators, with potential cross-border effects. The severity and impact of the cyber-attacks gradually escalated in the scenario, leading participants in the exercise to swiftly build shared situational awareness and explore international co-operation and joint responses.
It’s just one of several international efforts to fight nation-state and criminal cyber-attacks. For example, a group of nations is holding regular meetings to fight ransomware.
Meanwhile, an ad hoc committee of the United Nations continues to meet in an effort to create a cybercrime treaty. Last week, a consultation meeting was held in Vienna. The sixth formal session will be held in New York, starting Aug. 1, to discuss a draft text.
“I’m pumped that these conversations are happening,” David Shipley, head of New Brunswick-based Beauceron Security and co-chair of the Canadian Chamber of Commerce’s national Cyber Right Now awareness campaign, said of the Vancouver meetings. “I heard it was a great meeting.
“We can’t win this war on defence. We have to re-assert norms at the global level for what is not acceptable behaviour and start pushing consequences, whether that’s trade sanctions, diplomatic sanctions. There have got to be levers to try and send signals [to nations] that it’s not OK to steal intellectual property, to steal money from our businesses, to disrupt operations, and we’re not going to take it anymore.”
The federal government’s Canadian Centre for Cyber Security’s latest national cyber threat assessment says the state-sponsored cyber programs of China, Russia, Iran, and North Korea pose the greatest strategic cyber threats to this country. “State-sponsored cyber threat activity against Canada is a constant, ongoing threat that is often a subset of larger, global campaigns undertaken by these states. State actors can target diaspora populations and activists in Canada, Canadian organizations and their intellectual property for espionage, and even Canadian individuals and organizations for financial gain.”
(This story has been updated from the original with the addition of the statement from the EU)