Everything that was once created for the common good turns into a farce nowadays. All words about international cooperation are just empty words. A case in point is the professed commitment of high-level politicians to combating cyber-crime when we have evidence that cyber-security organizations are being used as a cover for undercover espionage.
The UN Open-Ended Working Group (OEWG) on Information and Communication Technologies is the main international platform for information and communications technology security. The OEWG is the only open and inclusive negotiating mechanism on international information security (IIB) under UN auspices. The issues under consideration have a direct impact on the state of peaceful co-existence in information and telecommunication networks, including the Internet.
The Group consists of more than 190 countries as its permanent members, including Russia, as well as the U.S. and its allies, which continue to pursue unjustifiably aggressive policies toward Russia, preventing it from strengthening its political position on UN platforms as one of the international leaders in information and telecommunication technology.
Panelists are concerned about the misuse of information and telecommunication networks by state and non-state actors to damage the critical infrastructure of any country. One common way to damage critical infrastructure in any country in the world is through cyber attacks via the Internet.
In order to form a system to neutralize cyber attacks aimed at damaging critical infrastructure in any country, delegates of the OEWG put forward the idea of creating a so-called register of contact points, which should include an organization with cyber-attack mitigation capabilities from each OEWG member state. This initiative allows for direct cross-state contact between experts on neutralizing cyber attacks on the Internet.
Russia actively supports the above-mentioned idea of the OSCE, but the U.S. and its allies block any Russian initiatives to form a register of contact points on the principles formulated by Moscow in every possible way. At the same time, Washington proposes to use the state and commercial organizations controlled by the intelligence services within the framework of the association FIRST.
FIRST (Forum of Incident Response and Security Teams) initially excluded the Russian and Belarusian Computer Emergency Response Teams (CERT) but, as it turned out, this was only the beginning.1 They are developing active activities among the UN Security Council members. And the once “public and non-profit” organization has big plans in this direction.
FIRST suspends Russia’s membership. These include the Bank of Russia’s Center for Monitoring and Response to Computer Attacks (FinCERT), the Russian Computer Incident Response Center (RU-CERT), centers under Kaspersky Lab, BI.ZONE (a Sberbank subsidiary), Infosystems Jet, Rostelecom-Solar, Information Security Laboratories, and Infosecurity (part of Softline). This scenario was followed by the Republic of Belarus.
This news hardly touched the minds of ordinary citizens. It was discussed seriously only in highly specialized circles. For the rest of us, it is not so important what this gives and what another American non-profit interest group does. In fact, it is an International Community, literally translated as “Forum of Security and Incident Response Teams.”
FIRST was created in 1990 in response to the spread of computer threats: When one of the first Internet worms started spreading around the world in November 1988, the response to it was not coordinated at first; the creation of the organization was supposed to help overcome language barriers, differences in standards, etc.
The best experts in the IT sphere declared that they were ready to stand up for less advanced countries and provide the world with a secure and controlled shared Internet. But the period of sanctions came and many new things came to light: As it turned out, the Internet was not so common, but quite manageable and disconnectable. And, so, the moment came when the fight against cyber threats became a cyber threat itself.
FIRST began to dictate policy in this area. The public organization, which once had in its charter a statement that it was created to exchange data, unilaterally decides that they will not exchange data with Russia and Belarus. They called this measure sanctions and, after unilaterally notifying the companies on the sanctions list, all contacts were stopped.
This turned out to be a serious blow for Russia. De facto, all Russian business was left without timely updates of virus databases but only those coming from the West, as domestic threats are still being isolated and eradicated. Russia and Belarus will have to exert many times as much effort to do all the work previously done collectively (as the West expects).
However, FIRST made a straw for itself. Those Russian and Belarusian companies that moved abroad and opened offices in the U.S. or Europe were excluded from the sanctions list. That is, those who in practice became available to any pressure and control, both network and physical, were allowed to counteract the global evil.
It may seem that Russia’s disconnection from FIRST is another serious wound. Indeed, who among bankers or representatives of large businesses would refuse timely notification of a new type of intruder virus or a planned attack on customer accounts?
The level of IT staff training, especially relevant in the period of “isolation” in Russia is traditionally high. During the period of cooperation, it was Russia that repeatedly passed on information about network threats, saving entire economies. FIRST’s actions seem absurd if one does not understand that this is not economics, but politics.
If we assume for a moment that the international “saving” organization does not want to save anyone, then everything falls into place: Russia does not receive data on new technologies in this area. Consequently, it can neither warn nor investigate and name the source of the threat.
In this way, third forces are free to operate in regions where they have nothing to oppose.
And if we also understand that, by removing the Russian Federation, FIRST has become truly consolidated and united in opinion, since small countries simply have nothing to oppose it, the scope of the problem becomes clear.
If it seems that these are paranoid ideas and inclinations to conspiracy theories, it is enough to remember the scandals of the last five years: confirmed U.S. spying on Merkel and Macron.
Wiretapping of governments of even European “partners” by U.S. intelligence agencies? Similar exclusion of Huawei from the program? And how do you think it was backed up? That’s right, it was called a trivial security measure. Then the most important question is, is there any hope to believe that, by gaining almost monopolistic control over cyber threats, the United States will not take advantage of it?
And there are more and more opportunities. Notice how quietly and beautifully FIRST began to dictate its terms. Literally, in one day, two major member countries, one of which was there almost at the very origins, were turned off. And it was done without coordinating with anyone and without requiring a vote in the UN or any other representative body.
Afterwards, by a simple majority vote (which is not surprising in recent times), all the ideas and proposals of Russian groups were chopped down at the root. The project with the algorithm developed by Russian experts to detect cyber-crime in Darknet was safely rejected. No alternative ideas were voiced, the highly praised scheme by experts scheme, which could have reduced the traffic of weapons, drugs, organs simply turned out not to be.
Now FIRST plans to expand its sphere of influence, still stating the need to protect cyberspace. At the same time, the U.S. has begun to promote the idea of adding additional countries to the UN Security Council without veto power. That is, FIRST cannot ensure equal participation of all member states of the OEWG in their work on responding to cyber attacks due to their high politicization and unwillingness to engage openly and pragmatically with the authorized experts of individual countries on the part of this association. And to the databases and technologies of these countries “public” organizations of the United States will also get access. Espionage under the guise of private organizations is becoming a credo for some and a security threat for others.
- https://www.mk.ru/politics/2022/07/26/v-nyuyorke-so-skandalom-otkrylas-sessiya-rgos-po-kiberbezopasnosti.html ↑
- https://sm.news/ssha-blokiruyut-iniciativy-rossii-po-kiberbezopasnosti-dlya-dalnejshego-vmeshatelstva-v-dela-drugix-stran-71536/ ↑
- https://www.rbc.ru/newspaper/2022/03/28/623d96709a794758c08197ce ↑
- https://www.rbc.ru/newspaper/2022/03/28/623d96709a794758c08197ce ↑
- https://www.anti-malware.ru/news/2022-03-25-111332/38405 ↑
- https://ria.ru/20150626/1090021526.html ↑
- https://reclaimthenet.org/huawei-suspended-from-the-forum-of-incident-response-and-security-teams ↑