This conclusion can be drawn from the discussion that is currently unfolding in the field of countering cyber attacks that are aimed at damaging critical infrastructure.
There are now two approaches to cybersecurity. The first is supranational and consists in creating a Register of contact points within the framework of the activities of the UN Open-ended Working Group on Security in the Field of Information and Communication Technologies (OEWG), where each member State of the group will have to send an organization with the capabilities to neutralize cyber attacks in its area of responsibility.
The US approach is not to create any additional structures, but to use existing organizations such as CERT (Computer Emergency Response Team) or FIRST (Forum of Incident Response and Security Teams – Forum of Security and Incident Response Teams). They were created in the United States in the early years of the Internet to share cybersecurity information and virus databases around the world.
The problem is that both CERT and FIRST are national structures of the United States, and they build their policies in full accordance with the policy of this country. And if the United States denies any other state its favor and declares sanctions, then CERT and FIRST automatically exclude rogue states from their sphere of activity.
The latest example is the unilateral suspension of cooperation with Russian and Belarusian computer incident response centers. It is not difficult to guess what such a policy of the American services to combat cyber threats is designed for. The United States thinks that without information from their side, Russian centers will not be able to effectively combat cyber attacks. But there is also a downside to this situation – without cooperation with the Russian IT services of the United States, it is also impossible to fully respond to threats in the digital sphere.
All other countries are well aware of this danger, so they mainly support the supranational principle of ensuring global cybersecurity by putting forward their initiatives to form a Register of contact points.
Here are the basic principles of these proposals:
1. The register is formed from organizations that are part of the system of authorities of the State party to the OEWG, which nominated it as its representative.
2. An organization nominated by a State party to the UN Open-ended Working Group on Security Issues in the Field of Information and Communication Technologies should have sufficient state and administrative resources to address issues of neutralization of cyber attacks on the Internet in its area of responsibility.
3. If a State Party nominates a Group of several organizations, this State must identify among them an organization that will be responsible for coordinating their activities to neutralize cyber attacks on the Internet.
4. The nomination of a representative to the Register of Contact Points by a State party to the Group is voluntary, while for States intending to practically participate in the system of neutralization of cyber attacks, participation in the register is a prerequisite confirming their intention.
5. Regardless of the international situation, organizations included in the Register of Contact Points should remain politically neutral and not become the object of sanctions.
6. The exchange of information between organizations included in the Register of Contact Points should be carried out in a confidential manner and should be made public only if all organizations involved in such interaction agree.
The political bias in the situation of countering cyber threats, which is used by the United States and its controlled structures, hits the entire international community of experts and the entire information security industry, as it calls into question the fundamental principle of trust. This is the opinion of many reputable experts in this field. "The principles of impartiality and objectivity, open cooperation of experts and organizations from different countries, laid down decades ago, have become the cornerstone of modern approaches, technologies, products and services of information security. They must remain inviolable so that the word "security" has a chance to remain in the name of the industry," they believe.
