My colleague recently wrote that ransomware has so far undoubtedly been the “defining cyber threat” of 2021. I agree with that assessment, given the onslaught of major ransomware attacks we’ve seen this year. But it’s also important to note that there’s been meaningful progress in U.N. negotiations on cyberspace -- much to the surprise of many observers, including myself.
In March, the Russia-backed Open-Ended Working Group (OEWG) reached a cybersecurity agreement reaffirming 11 non-binding norms for state-sponsored cyber activity. And then two months later, the U.S.-backed Group of Governmental Experts (GGE) followed suit. That said, fundamental differences in opinions and priorities between countries remain on what kind of cyber activities should be regulated and how. The diplomatic path forward for future rounds of international negotiations is also unclear, with the United States wanting to enforce current U.N. agreements as Russia proposes more. Thus, despite the progress seen so far this year, the...
