Remarks by H.E.Amb. LEE Taeho
Vice Minister of Foreign Affairs
on the occasion of the Second Inter-Regional Conference on Cyber/ ICT Security
Seoul, May 1, 2019

Your Excellency Amb. Karoly Dan,

Chair of the OSCE Informal Working Group and Ambassador of Hungary to the OSCE, the UN and Other International Organizations in Vienna,
Ms. Rasa Ostrauskaite,
Director of Transnational Threats, OSCE Secretariat,
Ambassadors and other members of the diplomatic corps in Korea,
Government officials, experts, and business leaders,
Distinguished guests,
Ladies and gentlemen,

I am delighted to welcome you all to the Second Inter-Regional Conference on Cyber/ICT Security. Let me also thank the OSCE Secretariat for the excellent cooperation it has rendered in organizing today’s meeting.

Today, we are meeting at a momentous juncture – a year ahead of marking the 25th anniversary of partnership between the OSCE and the Asian region next year. Over more than two decades, we have worked together to create a safe and secure world.

The OSCE has shared its best practices and lessons from the Helsinki Process over the past decades. In its effort to nurture trust-building dialogues in Northeast Asia, the Republic of Korea, for its part, has been inspired by the OSCE’s success in promoting trust building that led cooperation over conflict in Europe. Our joint efforts have indeed evolved and deepened as we are faced with new and emerging threats to our security, including in the cyberspace.

Today’s conference testifies to the growing cooperation between Asia and Europe in cybersecurity. When we met two years ago, our discussion was at an incipient stage. In two years’ time, this forum has become a solid platform for continued cooperation to counter various cyber threats.

Distinguished guests,

With the remarkable advances in ICTs, we have seen the advent of a high-tech and inter-connected world. It has presented to us a new domain of boundless opportunities, bringing unprecedented economic and social benefits. At the same time, however, the dual-use in technology has brought new threats to security.

Block chain technology can be a good example. It has made financial transactions easier and simpler with crypto-currency.  However, at the same time, remember hackers often demand a ransom in crypto-currency because the technology gives them anonymity and makes them untraceable.

Neither individual nor country is immune to the threats posed by malicious cyber activities. Critical infrastructure, such as power grids and transport systems, has become their major targets as attacks on national critical infrastructure can literally paralyze an entire nation. 

Indeed, these threats are multifaceted and complex. The cyber ecosystem has become even more vulnerable with the increasing activities by malicious actors, often presumed to be sponsored by States. The trend of using proxies has made it more difficult to identify the perpetrators of cyberattacks. One way to cope with this challenge is to promote responsible behavior of States in cyberspace. I am pleased to note that this will be one of the topics for today’s discussion.

Ladies and gentlemen,

With a view to responding to these looming cyber threats, we need to focus on certain critical elements. I would like to highlight four of them.

First, it is essential to strengthen international partnership.  The inter-connectivity and transnational nature of malicious cyber activities require us to step up our collaborative efforts to combat them. The partnership should be forged not only among governments but also with the private sector.

Above all, there is a need to boost the sharing of information among governments on a real-time basis. Also, we need to foster cooperation among law enforcement agencies. The volatility of digital evidences requires a rapid and concerted response from governments and relevant agencies. Our joint efforts will send a strong collective message to the actual and potential perpetrators that they will be held accountable for their wrongdoings.This will ultimately lead to deterring future cyberattacks.

Technical cooperation and engagement with the private sector will also need to be intensified. I would like to reaffirm our support for The Paris Call, which highlights a public-private partnership and a multi-stakeholder approach in cyberspace. The ROK remains committed to the joint efforts by the international community in this regard.

Second, there is an urgent need to develop and promote international norms.                                     

It has been 15 years since we embarked on consultations within the UN system regarding international norms, rules and principles of responsible behavior of States, as well as international laws applicable to the use of ICTs. However, we have yet to develop a comprehensive normative framework governing these areas.

This year the UN will continue to discuss international norms in cyberspace via two consultative mechanisms. The new Group of Governmental Experts (GGE) and Open-ended Working Group (OEWG) will accelerate efforts in this regard. We hope that the two forums will capitalize on each other’s complementarity and build on progress we have made so far in the previous GGEs.

In this regard, let me underscore the importance my government attaches to the principle of ‘due diligence’. I recall the 2015 GGE Report, which recommended that States should not knowingly allow their territory to be used for internationally wrongful acts with the use of ICTs. I would like to reaffirm my government’s commitment to actively participate in discussions to further develop this principle.

Third, we must exert more efforts to come up with confidence-building measures (CBMs). In the absence of CBMs, we risk misunderstanding and miscalculation easily escalating into a crisis.

Moreover, confidence-building measures certainly serve as a basis for observing international norms in cyberspace. Rules not based on trust can have no real meaning because nobody would be willing to comply with such rules.

We are fortunate to have the OSCE as our partner in that it has expertise in confidence-building for the cyber domain. The OSCE has successfully advanced its discussion on CBMs in cyberspace among participating countries and already adopted 16 CBMs. I firmly believe that the OSCE’s rich experience and know-how in this area can be a valuable asset to the Asian region. 

Last but not least, in a hyper-connected world, we cannot overemphasize the importance of capacity-building at the national, regional and global level. Malicious actors tend to target developing countries as transit routes for attacks within the global cyber ecosystem.

Developing countries do not yet have the fully developed defense and resilience capability in cyberspace. By helping them to build capacity, we can bridge the gap and ensure a safer and more secured cyberspace.

In this context, the ROK hosted the 2013 Seoul Conference on Cyberspace and incorporated capacity-building into the agenda of the conference. To build upon this initiative, we launched the Global Cybersecurity Center for Development (GCCD) in 2015 as part of our efforts to share expertise and experience with developing countries. As always, the ROK stands ready to mobilize our technical and related resources to help strengthen the capacity of our partner countries. 

Last month, my government launched its first-ever National Cyber Security Strategy. This Strategy highlights, among others, the importance of international cooperation. In order to promote international cooperation, my government plans to actively contribute to the process of norm-establishment; to actively engage in discussions on confidence building measures; and to expand its capacity-building assistance program.

Distinguished guests, ladies and gentlemen,

I surely hope that today’s Conference will contribute to the shaping of future discussions in the upcoming UN and related consultative processes.

By the time we close this meeting tomorrow, we will feel, hopefully, that we have moved one step closer to creating an open, secure, stable, accessible and peaceful cyber environment. 

Thank you. /end/