EU Statement – UN General Assembly 1st Committee: Other Disarmament Measures and International Security

Mr. Chair, 

I have the honour to speak on behalf of the European Union and its Member States. 

The Candidate Countries North Macedonia^*, Montenegro^*, Albania^*, Ukraine, the Republic of Moldova, Bosnia and Herzegovina^* and the EFTA countries Iceland and Norway, members of the European Economic Area, as well as, Monaco and San Marino align themselves with this statement.

Over the past decade, the international community has made clear that the international rules-based order applies also to States’ behaviour in cyberspace. All members of the United Nations General Assembly have repeatedly affirmed their support for the implementation of the UN framework of responsible State behaviour in cyberspace, grounded in the analysis of existing and emerging threats, the application of international law in cyberspace, the adherence to the voluntary non-binding norms of State behaviour in cyberspace, the commitment to inclusive cyber capacity building, and the enhancement of practical confidence-building measures to reduce the risk of conflict. 

Broad international consensus around these elements, and the recent adoption of the Global Mechanism on developments in the field of ICTs in the context of international security and advancing responsible State behaviour in the use of ICTs as a permanent UN platform are the foremost accomplishments of international cyber diplomacy at the UN in the last decade.

The role of international law in serving tomaintain international peace and stability in cyberspace can only be fully realised when States adhere to and implement their international obligations. The continued malicious behaviour of State actors in cyberspace, including by Russia as itpursues its unjustified and illegal full-scale war of aggression against Ukraine, seriously undermines international security and stability, including in the cyber domain. Additionally, such activities are also part of a broader hybrid campaign and show a continuous pattern of irresponsible behaviour by Russia, targeting democratic institutions, government entities and critical infrastructure providers within the EU and its partners. This type of behaviour is contrary to the UN norms of responsible State behaviour in cyberspace, such as impairing the use and operation of critical infrastructure. Moreover, destructive cyber-attacks against Ukraine, often in conjunction with missile and drone attacks, have a negative spillover effect around the globe.

Digitaltechnologies are driving sustainable development worldwide, but as our reliance on these technologies grows, this also increases the threat of disruptive, coercive and destabilizing cyber activities by State and non-State actors. The changed threat environment in Europe, induced by Russia’s war of aggression against Ukraine as well as evolving threats from China and other State and non-State actors have affected the way we as the EU respond to malicious cyber activities. The EU does not tolerate such activities, particularly those that aim to degrade our critical infrastructure, weaken societal cohesion and influence democratic processes. We have strengthened our ability to be cyber resilient within the EU and remain committed to further improve it, as well as tocontinue to enhance cyber resilience in other regions and develop further strategies on how to best address cyber threats emanating from malicious actors.

To this end, we are working to prevent, discourage, deter and respond to malicious cyber activities using a range of instruments. This includes the EU Cyber Diplomacy Toolbox and the EU’s Policy on Cyber Defence enabling prevention, detection, deterrence and defence across all domains - political, military and technical. We also continue to invest in capacity building efforts by implementing concrete capacity building projects on cyber security, cybercrime, and cyber diplomacy, and cooperate with States and stakeholders to make sure that the governance, institutions and capabilities of all States correspond to the threat landscape and become futureproof. 

Mr. Chair,

The importance of cybersecurity can hardly be underestimated. In recent years, cyber security threats have significantly increased in level, complexity, sophistication and scale. While Artificial Intelligence (AI) can serve as a powerful tool for strengthening cybersecurity, it also has the ability to exacerbate this trend and make malicious cyber activities even more complex, sophisticated and far-reaching. Although AI presents opportunities for development and peaceful applications, its rapid integration in the military domain can also introduce new risks and exacerbates existing ones. This development demands collaborative, multilateral responses in relevant international forums to seize potential opportunities and address challenges AI raises for international peace and security.

While recognising that States bear the primary responsibility to ensure international peace and security, other stakeholders have an essential role to play. The contribution of the multi-stakeholder community is essential to our collective aim of maintaining international peace and security in cyberspace. Our ability to liaise with technical experts and other non-governmental stakeholders can serve to strengthen the implementation of the framework for responsible State behaviour, considering the significant role that many stakeholders play in the functioning of the cyber domain. Just as the mode and structure of UN cyber discussions has evolved over the years, so too has our recognition of the contributions of, and modalities for engagement with, non-State stakeholders. Cyber threats are only continuing to rise, and we need to remain vigilant in delivering tangible outcomes so that all States have the capacity to build resilience to cyber threats. The High-Level Global Roundtable on Cyber Capacity Building organised by the Chair of the Open-Ended Working Group on the security of and in the use of information and communication technologies (OEWG) in May 2024 was very useful in this regard, and we look forward to the continuation of our work on cyber capacity building under the new Global Mechanism, which should provide States with flexibility to address issues through a virtuous cycle that links political discussions, information exchange and practical implementation. To this end, the EU and its Member States are committed to continue to contribute to the work in the Global Mechanism’s Dedicated Thematic Group drawing on the five pillars of the framework to accelerate security capacity building. We welcome the considerable work undertaken both within and outside the UN to identify cyber capacity building needs, including by the multi-stakeholder community, as well asthe delivery of assistance to meet these needs. 

We also welcome the consensus reached in July 2025 on the final report of the OEWG of the OEWG 2021-2025, and the establishment of the Global Mechanism as the new permanent UN forum in which to continue our work. We stress the need for the international community to continue to focus on the implementation of the UN framework of responsible State behaviour in cyberspace to further strengthen security and stability in cyberspace. While the final OEWG report does outline ways forward to work together to implement and strengthen the UN framework for responsible State behaviour, regrettably it does not adequately reflect the progress achieved in discussions by cross-regional groups regarding the application of international law, including international humanitarian law, to cyberspace. We welcome the final report's recognition of the international security risks posed by malicious activities and practices such as ransomware, the growing market and misuse of commercially available cyber intrusion capabilities, and cyber threats against critical infrastructures. We need to continue to increase our understanding of the threat landscape, and ensure the connection between the threats, and the solutions provided by the UN framework of responsible State behaviour to address them. To this end, the EU and its Member States are committed to continue to contribute to the work in the Global Mechanism’s Dedicated Thematic Group to address specific challenges in the sphere of cybersecurity. While the Global Mechanism will be State-driven, it will also benefit from multi-stakeholder engagement, including with the private sector, academia, civil society, and the technical community to provide their unique perspectives for consideration. 

Mr. Chair,

The EU welcomes the establishment of a permanent UN cybersecurityplatform through the endorsement of the OEWG’s final report and supportsthe related resolution presented this year at the First Committee by Singapore to bring it into being as a basis to implement the institutional framework for continued work. We express our sincere appreciation to the outgoing OEWG Chair, Ambassador Burhan Gafoor, for facilitating the conclusion of an agreement between UN Member States on a single-track, permanent mechanism to advance responsible behaviour in cyberspace. We call on all UN Member States to support the resolution and to take part in the continued discussions, in a constructive manner. The Global Mechanism should provide us with the institutional stability to make progress, and to build on the hard-fought gains we have made over the six UN GGE reports and two OEWGs to date. It should also permit the international community to focus its discussions on substance and action-oriented measures, the exchange of best practices and the enhancement of cooperation and trust among States, and with the multi-stakeholder community.

Given the escalating nature of international cybersecurity threats, it is more important than ever to deepen our cyber collaboration with international partners and forge a shared understanding on how international law applies and how to further implement the United Nations framework of responsible State behaviour. The EU has contributed to advance our work on responsible state behaviour in cyberspace through an action-oriented and inclusive approach. The core of the EU's ambition under the Global Mechanism is to continue to do so, to move forward on the implementation of the UN framework; on enhancing global cyber resilience including through capacity building; on improving our cooperation to address malicious cyber behaviour and on ensuring the security and stability of cyberspace in the long run.

Mr. Chair,

The EU would also like to touch upon another important issue that will be discussed again this year: AI in the military domain. In this respect the EU welcomes the SG report A/80/78 published in August 2025 that reflects upon the submissions sent to the Secretary General on the opportunities and challenges of responsible use of AI in the military domain. We believe that there is a role for the UN to discuss this very important issue, and that it offers an inclusive place for discussion. We welcome the proposal to hold a 3-day informal consultation to further exchange on the opportunities and risks, to exchange best practices and to discuss potential next steps for AI in the military domainwithin the UN. We underline the importance of engaging stakeholders in this discussion as key developers, players and implementers in this field. We see such a discussion as an added-value to discussions taking place outside of the UN such as the REAIM conference and the Political Declaration on Responsible Military Use of Artificial Intelligence and Autonomy. The EU looks forward to positively contributing to the discussion.

I thank you, Mr. Chair.

* North Macedonia, Montenegro, Serbia, Albania and Bosnia and Herzegovina continue to be part of the Stabilisation and Association Process.