OODA Loop

Understand tomorrow, today.

Does a UN Effort to Develop a Cybercrime Treaty Have a Chance of Success?

Archive, OODA Original, Security and Resiliency / by

The United Nations (UN) General Assembly has agreed to enter a three-year engagement to develop a treaty on international cybercrime. The proposed schedule includes at least six sessions to alternate between New York and Vienna. The ad hoc committee includes delegates, as well as non-government, academic, and IT companies. This effort comes at a time when cybercrime is increasing worldwide, as gangs become more sophisticated and professionalized in their operations. Cyber crime’s evolution and its increasingly more diverse and organized ecosystem contributes to its success and popularity. Estimates have placed cybercrime profits at USD 6 trillion in 2021 with an expected increase to USD 10.5 trillion in 2025. One thing is certain: cyber criminals continue to remain one step ahead of defenders that desperately try to anticipate the next evolution of their activities.

This effort comes at a time as the Russia-Ukraine conflict has spilled over into cyberspace. Both state and nonstate supporters for both sides have engaged in cyber attacks, pulling in other interests outside the region into the digital fray. Perhaps capitalizing on the moment when cyber attacks threaten to escalate into other countries, Moscow’s special representative on information security pitched Russia’s desire to establish a cyber treaty to the UN’s Open-Ended Working Group (OEWG) in March, prompting the U.S. Department of State official to call on the world to reject such a proposal. It is clear that Washington does not like the fact that such a cyber aggressor is trying to take a lead on solving a problem has had a hand in creating.

Further complicating matters is the fact that the lines between traditional nation state cyber espionage and industrial espionage continues to blur. While some governments do not cross over these activities, some like China and even an ally like France have been known to use their state capabilities to engage in cyber-enabled industrial espionage support state-run and state influenced companies for competitive advantage. What’s more, there has been evidence indicating that some state actors moonlight on the side, using state assets to conduct cyber criminal activities for their own financial gain. Not only do organizations have to contend with a persistent cyber criminal threat, they know have to take into consideration those state actors that may be using state resources to target their networks for their state and their own profit.



OODA Loop Sponsor

As is the case with cyber initiatives, the premise behind this effort is promising. After all, even the most egregious states known to be pervasive threats in cyberspace suffer cyber criminal attacks. When accused of cyber malfeasance, China frequently points out that it is the victim of cyber crime, and is generally considered among the top twenty countries victimized by cybercrime. According to one source, China’s law enforcement investigated 62,000 reported cyber crime incidents in 2021. Russia ranked just outside the top ten falling securely in the 12th spot on the list. The more the global community can come together and frame the parameters of a treaty that would benefit everyone the better.

But treaties are difficult to come by. Per one senior UN official, it took several years before the UN was able to solidify an anti-corruption treaty, and while this has been lauded a success, the speed with which cyberspace changes requires a more expeditious approach and a document that reflects the dynamism of the domain. It also requires that any said treaty is easily amended and altered to suit the needs of the times. One thing is clear when it comes to all things cyber: traditional models that have been applied to other areas (e.g., terrorism, nuclear, arms control) are not a one-for-one solution and do not have the same impact in the interconnected digital space.

Case and point. This is not the first international effort to counter the cyber crime threat. The Budapest Convention on Cybercrime came into effect in 2001.  Some consider it to be a “success” based on the improved coordination and cooperation between global law enforcements organizations in stakeholder countries. There have been notable law enforcement arrests of cyber criminals fostered by this cooperation, and some large gangs and underground criminal forums and markets have been taken down as a result. However, the global cybercrime ecosystem is expansive and secretive, constantly replenishing its ranks with an unknown number of individuals and groups. Truly the take down of even the most prolific gangs is momentary before another fills the void.

Further complicating matters is actual stakeholder participation. Since coming into force in 2004, less than half of UN members have signed onto the Convention, which exposes the challenges of getting governments involved. Information sharing and cooperation is only good if all members do so equitably. Such a large body of states of varying capabilities and resources will invariably not be able to achieve mutual parity. And that’s if they can even get on the same page. The UN Group of Government Experts (GGE), as well as the OEWG have been trying to come to consensus on codifying responsible state behavior in cyberspace. While progress has been made, it has been slow moving. This is largely due to competing priorities of the principal stakeholders, with states trying to ensure that any agreement serves their positions and best protects their interests. The same obstacles will likely happen with this new UN undertaking.

Based on prior history, there is every reason to believe that by the end of this three-year effort the final report will already be considerably outdated. And this is the fundamental problem with these types of endeavors. Actions move in nanoseconds in cyberspace; government bureaucracies move less expeditiously. In the meantime, state, nonstate, and nonstate state-influenced actors continue to operate in cyberspace, conducting the types of activities that may not even be currently considered by the GGE or OEWG. While a global consensus is a noble aspiration, it may be more productive if cybercrime treaties happen on a regional or state-on-state level. This would allow truly like-minded governments to start build the necessary foundations and build a process from the ground up based on successes that can be used to draw in other governments. Anything short of forward advancement risks remaining in the status quo; content to triumph minor tactical victories against cyber criminals while losing the larger war against cybercrime.

Related Reading:

Explore OODA Research and Analysis

Use OODA Loop to improve your decision making in any competitive endeavor. Explore OODA Loop

Decision Intelligence

The greatest determinant of your success will be the quality of your decisions. We examine frameworks for understanding and reducing risk while enabling opportunities. Topics include Black Swans, Gray Rhinos, Foresight, Strategy, Stratigames, Business Intelligence and Intelligent Enterprises. Leadership in the modern age is also a key topic in this domain. Explore Decision Intelligence

Disruptive/Exponential Technology

We track the rapidly changing world of technology with a focus on what leaders need to know to improve decision-making. The future of tech is being created now and we provide insights that enable optimized action based on the future of tech. We provide deep insights into Artificial Intelligence, Machine Learning, Cloud Computing, Quantum Computing, Security Technology, Space Technology. Explore Disruptive/Exponential Tech

Security and Resiliency

Security and resiliency topics include geopolitical and cyber risk, cyber conflict, cyber diplomacy, cybersecurity, nation state conflict, non-nation state conflict, global health, international crime, supply chain and terrorism. Explore Security and Resiliency

Community

The OODA community includes a broad group of decision-makers, analysts, entrepreneurs, government leaders and tech creators. Interact with and learn from your peers via online monthly meetings, OODA Salons, the OODAcast, in-person conferences and an online forum. For the most sensitive discussions interact with executive leaders via a closed Wickr channel. The community also has access to a member only video library. Explore The OODA Community

About Emilio Iasiello

Emilio Iasiello has nearly 20 years’ experience as a strategic cyber intelligence analyst, supporting US government civilian and military intelligence organizations, as well as the private sector. He has delivered cyber threat presentations to domestic and international audiences and has published extensively in such peer-reviewed journals as Parameters, Journal of Strategic Security, the Georgetown Journal of International Affairs, and the Cyber Defense Review, among others. All comments and opinions expressed are solely his own.