The Biden-Harris Administration’s Engagement with International Partners on Responsible State Behavior in Cyberspace

THE NEW YORK FOREIGN PRESS CENTER (VIRTUAL BRIEFING VIA ZOOM)

MODERATOR:  Good afternoon, and welcome to today’s New York Foreign Press Center briefing on Biden-Harris administration’s engagement with international partners on responsible state behavior in cyberspace.  My name is Mahvash Siddiqui, and I’m today’s moderator.  Just a reminder, this briefing is on the record.

It’s a pleasure to introduce our speaker, Anne Neuberger, Deputy Assistant to the President and Deputy National Security Advisor for Cyber and Emerging Technology.  Previously, Ms. Neuberger served as the National Security Agency’s director of cyber security, where she led the NSA’s cyber security mission.  Prior to this role, Ms. Neuberger led NSA’s election security effort and served as the assistant deputy director of NSA’s operation directorate, where she oversaw foreign intelligence and cyber security operations.

I will go over a few ground rules.  This briefing is on the record.  Following Ms. Neuberger’s opening remarks, I will open the floor for questions.  And if you have a question, please go to the participant field and raise your virtual hand, and wait for me to call on you.  When called on, kindly enable your audio and your video, and identify yourself by your full name and your outlet.  Could I also please ask the journalists to have your cameras and audio off until the Q&A session?  Thank you.

And with that, it is my pleasure today to introduce Deputy National Security Advisor Anne Neuberger as our speaker.  Ms. Neuberger, please take it away.

Ms. Neuberger, you will have to unmute yourself.  Please kick it off again.  Thank you.

MS NEUBERGER:  Thank you, Mahvash.  And thank you to all of those joining us today.  Technology makes our lives better, from voice-assisted devices helping people with disabilities, to agricultural technology detecting and fighting disease to protect crops.  Technology provides new and unprecedented benefits to citizens and businesses around the world.

President Biden recognizes that with those benefits come core challenges for the 21st century.  We need digital development and digital security combined.  Protecting our ability to communicate and innovate is central to all of our national security interests, our economic interests, and global peace and stability.

That’s why I’ve come to New York to meet with international counterparts representing their governments at the highest levels to talk about the responsibility each of us have to promote stability and security in cyberspace.

Cyber threats and malicious cyber activity in particular are a fundamental aspect of 21st century geopolitics, at times of peace and at times of conflict.  The United Nations can and must continue to play a central role in setting expectations for responsible state behavior in cyberspace and in advancing an open, interoperable, secure, and reliable internet that fosters free expression, innovation, and trade.

We must work together as an international community to hold states accountable for any disruptive and destabilizing activity in cyberspace, just as we would in the physical world.  And it’s incumbent upon us all to ensure that the internet is a positive, transformative force that benefits us all equally.

Before pausing for your questions, I’ll say a few words about Russia’s fundamentally different vision for cyberspace and the DPRK’s use of malicious cyber activity to bypass sanctions and fuel their weapons of mass destruction and ballistic missile development program.

First, on Russia.  Since Russian President Vladimir Putin launched his unprovoked and brutal invasion of Ukraine, the ceaseless bombardment of Ukraine’s cities and critical infrastructure by Russia’s forces has created one of the fastest growing humanitarian crises in recent decades.  In addition to kinetic activity, Russia has used cyber attacks as an important component of its force projection and to sow discord – all consistent with its playbook.

Russia’s actions in Ukraine and its diplomatic actions in the United Nations cyber forums all demonstrate a common goal.  We believe Russia’s ambitions at the UN, often supported by other authoritarian regimes like China, challenge international security, peace, and stability, as they represent a multifront strategic effort to reshape existing international standards and norms governing cyberspace to undermine the technical underpinnings of the internet, leverage digital authoritarianism to trample human rights, and dilute accountability for authoritarian countries’ malicious conduct in cyberspace.

Russia has long sought to use the UN system, particularly the International Telecommunication Union, to introduce top-down controls on the internet as a way to achieve its authoritarianism digitally in cyberspace.

Before closing, I also want to highlight an action the U.S. took last week related to the DPRK’s ongoing malicious cyber activity.  The DPRK relies on illicit activity, including cyber crime, to generate revenue for its WMD and ballistic missile program as it works to evade robust UN and U.S. sanctions.  Last week, the U.S. Government attributed the recent theft of $620 million in crypto to the DPRK government, and following that the Treasury Department designated the wallet in which those stolen funds had been held to ensure that other actors did not move funds related or conduct transactions related to that wallet.  This highlights to us the degree to which illicit use of cryptocurrency is used by the DPRK, including theft and hacking to fuel their program, recognizing that the system of anti-money-laundering which we have built together globally in the fiat currency world must now be brought into the cryptocurrency world, and recognizing the need to build capacity in countries around the world.

Last October, the United States launched a counter ransomware initiative of which one core pillar led by the United Kingdom and Singapore focuses on countering illicit use of cryptocurrency and building capacity.  And the United States will be conducting briefings and educating regarding how one analyzes the blockchain and identifies illicit use of cryptocurrency to lift up and ensure that we can counter use of cryptocurrency to evade sanctions, theft of cryptocurrency to fuel malicious activity, like the activity we’re highlighting here.

In parallel to both the attribution of the theft to the DPRK and the designation of the wallet to make it difficult to further launder the funds, the U.S. also published cyber security guidance to the crypto community on protecting crypto exchanges, gaming related to crypto, to ensure such activities are difficult to continue to do.

So again, which brings me to the purpose of my visit to New York, we must work together as an international community to hold states accountable for disruptive and destabilizing activity in cyberspace – because the positives of technology and the internet well outweigh those negatives, but we need to work together to ensure we can enjoy those benefits.

I’ll now take a few questions.

MODERATOR:  Thank you, Ms. Neuberger, for your opening remarks.  Let’s open the floor for questions.  If you have a question, please raise your hand and wait for me to call on you.  You’re also welcome to type your question in the chat room.

I’ll turn over to the VOA journalist.  Please introduce yourself and your outlet.  Thank you.

QUESTION:  Ms. Neuberger, thank you so much for doing this.  You just mentioned about North Korea and I was curious whether you had a specific discussion with South Korea, which is also affected very much by North Korea’s cyber activities.  Did you and South Korean counterparts discuss any ways to counter North Korea’s activities?  Thank you.

MS NEUBERGER:  Thank you so much for the question.  It’s a really great question.  So first, our Indo-Pacific allies are incredibly strong allies in countering the DPRK’s weapons of mass destruction ballistic missile program.  So prior to sharing this information publicly, we have shared this information with our Indo-Pacific allies and are very much looking forward to working closely with them in countering such type of activity and countering illicit use of cryptocurrency as well.

MODERATOR:  Thank you, Ms. Neuberger, and thank you to our journalist.  Let’s turn to Matthew Cranston.  Matthew, please go ahead and turn on your audio and video and introduce yourself and your outlet, please.

QUESTION:  Thanks very much, and thanks, Anne, for doing this.  Appreciate it.  I wondered if you could specifically give some data along what you’d like to see, for example, Australia do when it comes to supporting or coming to a consensus on how to react to some of this state-sponsored cyber attacks, I’d suppose you’d call it.

And the other question, just to tie along from that, is:  Have you seen anything specific or new when it comes to the type of cyber activity outside what you’ve mentioned about crypto, specifically in the Pacific Islands or in the – in different geographic regions?  Has there been any change in the geography of these cyber attacks?  Thanks very much.

MS NEUBERGER:  Thank you for the questions, Matthew.  Australia has been one of our closest allies in really promoting that framework of responsible state behavior.  The UN has a set of norms which countries signed up for – things, for example, like not offering safe harbor to cyber criminals, things like not attacking critical infrastructure.  And as part of signing up for those norms, countries agreed to a framework of saying these are the set of activities which responsible countries don’t do voluntarily in cyberspace.

As part of implementing those norms, the first step often is that when irresponsible, malicious activity occurs, countries come together and attribute it.  They say X country, Y country was responsible, and then discuss what are appropriate consequences to enforce that norm.  Australia has joined us in multiple attributions over the last couple of years – from the Chinese compromise of Microsoft Exchange that compromised thousands of servers around the world, to the SolarWinds activity which Russia conducted almost a year and a half ago.

So certainly Australia has led and joined in that way.  I’ll also note from – while we look at the malicious actor, we also know what we need to do at home to lock our digital doors, and Australia’s recent passage of critical infrastructure legislation is very much a hallmark of what countries need to do to ensure there is adequate security to protect critical services their citizens rely on.

With regard to the different geographic regions you talked about, one of the things we’re seeing in the development of cryptocurrency is a move to distributed infrastructure – for example, mixers – that can anonymize different transactions in an attempt to cover tracks for stolen funds.  Those are distributed all around the world, and it’s one of the reasons why we’re putting such effort in building capacity and educating and, frankly, showing that we can still designate those distributed entities and ensure that we can still impose sanctions to ensure that, when they’re used to fuel illicit use like DPRK’s ballistic missile program, we will pursue and hunt down those activities.

QUESTION:  Sorry, can I just ask a follow-up question to that?  So it was good of you to thank Australia for the work it’s done in cooperating with the U.S. in reaction to it, but my question is specifically more about what you’d like to see the Australians do that they haven’t done already.  Is there something that you would like to sort of gain more support from allies like Australia when it comes to your actions to help secure the cyber world?

MS NEUBERGER:  Yes, very much so.  The first piece is what I mentioned, is really locking digital doors at home, particularly of critical infrastructure, which countries around the world are now starting to do.  The second aspect of that is helping us implement international norms.  The norms exist; they’re often not implemented.  And the way we need that to be implemented is by calling out activity and then putting in place consequences, so working through those processes to make it more quick and more agile for us to both attribute activity and call out those consequences.  And finally, one of the reasons I’m here at the UN is the UN has really been a forum for cyber policy in the First and Third Committees, and some of our discussions today, which I won’t preview at this time, have been around how do we advance a positive image.

So there’s a global cyber crime treaty.  Let’s discuss what countries need in that treaty so that we can ensure that we put in place an environment that can achieve what global law enforcement needs, but also ensure that some of the Russian goals for the treaty – for example, noting that dissident behavior is not permitted or calling out that behavior in a negative way – does not make its way into the treaty.  So working together closely to ensure we advance our vision of a democratic, secure, open, interoperable internet and protect individuals online, while countering some of the more authoritarian approaches, which have made some progress and we want to counter.

MODERATOR:  Thank you, Ms. Neuberger.  We have time for one last question, and I will actually convey the question that came from Michael Huber from Asahi Shimbun, Japan:  “As cyberspace becomes used by more actors, public and private, and its capacity for transactions grow, what do you see as the United States role in governing such a space?  Do you see the U.S. working with its allies like Japan or the UK, or just unilaterally?”  Over to you, ma’am.

MS NEUBERGER:  We absolutely – President Biden has made diplomacy and working with allies and partners a core approach to every opportunity and every challenge on the international stage.  You’ve certainly seen it in the President’s approach to counter Russia’s invasion of Ukraine, bringing countries together to impose sanctions, bringing countries together to talk about offering refugees a home, and really leading on the international stage, noting that when we’re arm in arm with allies and partners, we achieve so much more.

In cyberspace particularly, the U.S. has really worked to – in a number of multilateral forums, certainly in the NATO forum where we released our first cyber defense policy in seven years, and additional work we’re doing in that space to tie countries together; certainly in the EU forum, where we have a number of tech and trade initiatives; and certainly in the UN forum, where we’re working to implement that responsible state behavior in cyberspace.

So absolutely.  There’s a number of areas coming out of today’s discussion – for example, how we bring together digital development and digital security in a combined approach; how we ensure that the benefits of digital advancements, whether in jobs or in learning or in tech, can be felt more broadly around the world.  These are all takeaways we have from today’s discussion to continue to advance both U.S. leadership but also U.S. partnership with allies and partners around the world in this important area.

MODERATOR:  Well, thank you so much, Ms. Neuberger.  We are now out of time.  We appreciate Deputy National Security Advisor Anne Neuberger’s time and participation in this briefing.  Thank you to the members of the media for attending this briefing.  Today’s briefing was on the record.  I will share a transcript with everyone who’s participating today.  And it will also be posted on our website, fpc.state.gov.  If you do publish a story as a result of this briefing, kindly share it with us by emailing us at nyfpc@state.gov.  And with that, thank you so much.  Have a wonderful day.

MS NEUBERGER:  Thank you, Mahvash, and thank you all.