• The Candidate Countries North Macedonia*, Montenegro^*, Serbia, Albania^*, Ukraine, the Republic of Moldova, Bosnia and Herzegovina^* and Georgia, and the EFTA country Norway, member of the European Economic Area, as well as Andorra and San Marino, align themselves with this statement.
• Mr Chair, thank you for your work and the work of the Secretariat in support of this process.
• The EU remains concerned by the current cyber threat landscape.
• A key trend we are observing year-on-year is the blurring of the lines between state-sponsored and criminal or financially motivated actors. We remain particularly concerned that the threat of ransomware and hiring of ransomware-as-a-service continues to target critical sectors such as healthcare, both in the number of incidents but also in its impact on health organisations. The impact of such ransomware incidents has been seen to rise to the level of international peace and security.
• According to the analysis conducted by the European Union Agency for Cybersecurity (ENISA) of the cyber threat landscape of the health sector in the EU, 43% of ransomware incidents are coupled with a data breach or data theft, while disruptions are the other common effect of the attack. We expect this trend to continue.
• The EU remains committed to tackle cybercriminals by strengthening cross-border law enforcement cooperation against ransomware, and continue to support operators of essential services to increase their resilience.
• Similarly, we work with partners from both public and private sector to reshape the cyber environment so that we are better equipped to combat ransomware. It must be our joint commitment to build out our toolkit for collective resilience to ransomware and we welcome other delegations sharing their insights and their experiences helping to fill the gaps in that landscape which we should concentrate.
• In addition to the rise of ransomware as one of the main challenges, the EU is concerned about the significant threat, particularly with regard to critical infrastructure and critical cyber systems, coming from state actors that seek to gain political or economic advantage from coercive action in cyberspace.
• Year 2024 will bring more elections to more people than any year in history, with more than 40 countries and more than four billion people choosing their leaders and representatives through the right to vote.
• Therefore, the EU and Member States are concerned about the number of malicious cyber activities targeting government institutions as well as democratic processes, as it undermines stability and security and erodes trust in the outcome of democratic elections. End of 2023, the European Union joined the United Kingdom and other international partners in expressing serious concerns about attempts to use cyber operations to interfere with democratic processes and institutions.
• We must continue to address malign cyber activity and enhance accountability of actors that conduct contrary to the international obligations and expectations.
• Making networks and critical infrastructure secure requires competent domestic strategies, but it also requires a willingness among governments to use ICTs responsibly.
• In 2022 Annual Progress Report, we noted that threats have continued to intensify and have evolved significantly in the current challenging geopolitical environment. In 2023 we recalled that a number of States are developing ICT capabilities for military purposes and that the use of ICTs in future conflicts between States is becoming more likely, and expressed concern that ICTs have already been used in conflicts in different regions. We all witnessed cyberattack carried out by Russia launching its large-scale war of aggression against Ukraine.
• In this regard, we call on the OEWG to reaffirm that in the context of armed conflict, ICT activities that affect civilian objects, infrastructure and services, including humanitarian organizations and the provision of health care, is governed by the rules of international humanitarian law, which parties to any armed conflict must abide by. Moreover, when resorting to the use of ICTs in the context of an armed conflict, States should consider the increased risk of spill-over effects potentially affecting, among others, food and energy supply, and resulting in a further escalation of the conflict. They must also consider the increased risk posed by the blurring of the principle of distinction with regard to ICT activities conducted by civilians in the context of armed conflict.
• Finally, the multi-stakeholder approach has been described by most of us in this room as critical to advancing cyber security. Stakeholders, notably private sector, owns much of the critical infrastructure on which our societies are based and they are therefore also our first line of defence against malicious cyber activities. Their perspectives on the threat landscape are therefore vital in informing the work of the OEWG.
• We thank you for convening all interested stakeholders to an informal dialogue last week and hope that throughout this week, stakeholders will be able to continue to share their views, including to share their experience of these cyber threats to international peace and security, and that their input is meaningfully reflected in an eventual OEWG report.

* North Macedonia, Montenegro, Albania and Bosnia and Herzegovina continue to be part of the Stabilisation and Association Process.