16 April 2020
B. Existing and Potential Threats
B1.
Paragraph 15 (and paragraph 3, discussed above) of the Pre-draft should be revised
taking into account comment A4 above. The Report should build upon paragraph 4 of the
2015 GGE Report (A/70/174) with the following amendments: “[A] growing number of
States are developing ICT capabilities for military purposes. The use of ICTs in future conflicts
is becoming more likely.”
B2.
We recall that GGE reports refrained from listing specific types of critical
infrastructure. The Pre-draft notes complications arising from different national priorities
and methods of categorisation (para. 19). In addition to sharing this concern, we are reticent
to emphasise the severity of threats to particular categories of critical infrastructure, lest it
be seen to implicitly condone malicious activity against a category not specified. That said,
we see value in the Report drawing attention to the increased threat that cyberspace will be
exploited by malicious actors for purposes inconsistent with international peace and
security during times of global crisis. For example, paragraph 19 of the Pre-draft could
express concern about the potential for increased exploitative state-sponsored malicious
cyber activity that is inconsistent with international peace and security during global crises,
including vis-à-vis critical infrastructure. Noting, with concern, open source reports of
disruption by cyber means of critical infrastructure (including healthcare/medical services,
facilities and systems, and crisis response organisations) during the COVID-19 global
pandemic.
B3. Strongly support the acknowledgment in the Pre-draft that measures to promote
responsible state behaviour in cyberspace should remain technology neutral (para. 18).
Likewise welcome the clarity in the Pre-draft that the subsequent sections of the Report
provide recommendations to address the threats so discussed (para. 21).
C. International Law
C1
Strongly support the reaffirmation in the Pre-draft that international law, including
the Charter of the United Nations, is applicable and is essential to maintaining peace and
stability and promoting an open, secure, stable, accessible and peaceful ICT environment.
C2
Recalling the consensus among OEWG delegations that the question ‘if international
law applies to state conduct in cyberspace’ has been resolved in the affirmative and that the
focus is now on how it applies. delegations discussed two paths to resolve this question.
The first path (of which Australia is a proponent) is premised on the basis that – if adhered
to – existing international law (complemented by voluntary norms of responsible state
behaviour, confidence building measures and capacity building) provides a robust
framework to address the threats posed by state-generated or state-sponsored malicious
Page 2 of 9
www.dfat.gov.au/cyberaffairs