51 states pledge support for global cybersecurity rules
European students compete during the finals of the Cybersecurity Awareness Week (CSAW), the largest student-run cybersecurity event in the world on November 9, 2018 in Valence, central-eastern France. AFP
PARIS, France — Fifty-one states, including all EU members, have pledged their support for a new international agreement to set standards on cyberweapons and the use of the internet, the French government said Monday.
The states have signed up to a so-called “Paris Call for Trust and Security in Cyberspace,” an attempt to kickstart stalled global negotiations.
China, Russia and the United States did not sign the pledge, reflecting their resistance to setting standards for cyberweapons which are at the cutting edge of modern warfare.
“We need norms to avoid a war in cyberspace which would be catastrophic,” French Foreign Minister Jean-Yves Le Drian said Monday.
Campaigners have called for a “Digital Geneva Convention”, a reference to the Geneva conventions that set standards for the conduct of wars.
They want states to commit to not attacking infrastructure which is depended upon by civilians during wartime, for example.
A new international norm would also help define a state-backed cyberattack and when a state could be justified in retaliating.
Dozens of countries are thought to have developed offensive cyberweapons.
“We need to move these norms forward,” Microsoft president Brad Smith said on Monday at the Paris Peace Forum, being held to mark the centenary of the end of World War I.
In a presentation at the forum, Smith portrayed cyberweapons as having the potential to spark another mass conflict.
Global ‘wake-up call’
He said 2017 was a “wake-up call for the world” because of the WannaCry and NotPetya attacks.
WannaCry crippled many hospitals in Britain and affected 150 countries in 24 hours. It is thought to have been deployed from North Korea.
Many experts attribute NotPetya, which hit banking, power and business computing systems across Ukraine, to Russia.
But security officials note that those two attacks appear to be based on code stolen from the US National Security Agency, which leads the country’s cyber-defenses.
“In a world where everything is being connected, anything can be affected, which is why we need to come together,” Smith added.
The text of the Paris call will be presented by French President Emmanuel Macron as he opens UNESCO’s Internet Governance Forum in Paris on Monday.
It has also been signed by 93 civil society groups and 218 companies, Le Drian said.
“To respect people’s rights and protect them online as they do in the physical world, states must work together, but also collaborate with private-sector partners, the world of research and civil society,” according to the text.
Russia has been accused by Western countries of cyber-meddling over the last few years, while huge data breaches online have fuelled calls for new rules governing online behavior. /ee
READ: France seeks global talks on cyberspace security
