Priya PatelTLDR:
- Despite ongoing cyber attacks, U.S. official says cyber norms are serving their purpose
- Norms provide a foundation to call out and hold states accountable for cyber misbehavior
Almost three years ago, in March 2021, the United Nations agreed to comply with 11 cyber norms to reduce global anxieties about malicious online activity. However, since then, ransomware attacks and cyber sabotage have continued, challenging the effectiveness of these norms. U.S. officials, like Liesyl Franz from the State Department’s Bureau of Cyberspace and Digital Policy, emphasize that the norms provide a foundation for calling out states that violate them. While attributions and technical evidence are used to hold states accountable, there is a recognition that mere agreement on norms may not be sufficient to ensure stability in cyberspace.
China and Russia, who were involved in negotiating the norms, have been accused of engaging in cyber activities that contravene the established norms. Despite this, there is a level of alignment among the U.S. and its European allies on how to respond to such actions responsibly. The U.S. advocates for a multistakeholder model for internet governance, in contrast to the top-down approach proposed by Russia and China. Additionally, the U.S. strategy involves transparent, proportional, and reversible countermeasures to address repressive cyber activities. Capacity building efforts are also emphasized to assist countries in defending against cyber threats.
