US administration rolls out international cyberspace and digital policy strategy focused on digital solidarity

The U.S. Department of State has published its ‘United States International Cyberspace & Digital Policy Strategy’ that focuses on digital solidarity, which is a willingness to work together on shared goals, stand together, help partners build capacity, and provide mutual support. Collaborating with other federal agencies, the Department of State aims to steer international involvement in technology diplomacy and align with the National Security Strategy and National Cybersecurity Strategy.

To build broad digital solidarity, the strategy lays out three guiding principles and four action areas. The guiding principles include: 

1. An affirmative vision for a secure and inclusive cyberspace grounded in international law, including international human rights law;
2. Integration of cybersecurity, sustainable development, and technological innovation; 
3. A comprehensive policy approach that utilizes the appropriate tools of diplomacy and international statecraft across the entire digital ecosystem

The areas of action highlighted by the Department of State include promoting, building, and maintaining an open, inclusive, secure, and resilient digital ecosystem; aligning rights-respecting approaches to digital and data governance with international partners; advancing responsible state behavior in cyberspace, and counter threats to cyberspace and critical infrastructure by building coalitions and engaging partners; and strengthen and build international partner digital and cyber capacity, including capacity to combat cybercrime.

Each of the Strategy’s four action areas reflects aspects of the Department of State’s vision of digital solidarity. Moving forward, the Department of State will work to bring a wide range of partners across the globe into the process of building and extending digital solidarity. 

“Central to our strategy is the effort to build digital solidarity – working together to offer mutual assistance to the victims of malicious cyber activity and other digital harms; assist partners – especially emerging economies – in deploying safe, secure, resilient, and sustainable technologies to advance their development goals; and builds strong and inclusive innovation economies that can shape our economic and technological future,” Antony J. Blinken, Secretary of State, wrote in the latest strategy document. “We are rallying coalitions of governments, businesses, and civil society to shape the digital revolution at every level of the technology ‘stack’ – from building subsea cables and telecommunication networks to deploying cloud services and trustworthy artificial intelligence, to promoting rights-respecting data governance and norms of responsible state behavior.” 

The Department of State will reinforce efforts to forge digital solidarity by its proactive participation in international, multilateral, and multi-stakeholder bodies where obligations, norms, standards, and principles are developed that impact cyberspace, digital, Internet, and technology issues. While progress in these venues can be slow and incremental – frequently as a function of their objectives—a lack of U.S. leadership in international fora may allow adversaries to fill the void and shape the future of technology to the detriment of U.S. interests and values.

The strategy focuses on building coalitions and engaging partners to promote responsible state behavior in cyberspace and counter threats to cyberspace and critical infrastructure. “We will pursue more action-oriented discussions at the UN focused on how member states and institutions can work together to implement the framework’s essential elements and build all states’ capacity to manage cyber-related threats,” Blinken identified. 

“To accommodate this evolving conversation, the United States and its partners have proposed a more action-oriented forum, a Program of Action (POA), as a future permanent mechanism for dialogue on cyber issues related to international security at the UN,” he added. “Designed to be flexible enough to address future threats, with member states setting its direction over time, the POA will also incorporate the views of civil society, the private sector, and other non-state stakeholders.”

The Department of State, in close coordination with interagency and international partners, will continue to organize and execute sustained diplomatic pressure campaigns to raise international and public awareness of significant cyber threats and to increase the costs and risks to malicious cyber actors. For example, the U.S. has worked with allies, partners, and the private sector to disrupt DPRK revenue-generation efforts through cybercrime, crypto theft, and IT workers. 

U.S. Cyber Command, National Security Agency (NSA), Department of Homeland Security (DHS), Department of Justice (DOJ), and the Federal Bureau of Investigation (FBI) have exposed North Korean malware, seized malicious cyberinfrastructure, seized cryptocurrency and fiat currency, and shared actionable threat intelligence with the private sector. Furthermore, the Department of State coordinates action with the Republic of Korea through a bilateral DPRK Cyber Working Group, including information sharing and policy coordination. 

Also, the U.S., Japan, and the Republic of Korea coordinate efforts to counter DPRK cyber threats through a trilateral working group announced during the Camp David Summit in August 2023. The Department of State has also briefed officials around the world on threats posed by DPRK IT workers and cyber actors and deployed foreign assistance funds to build capacity to detect and defend against DPRK cyber and crypto threats.

The Department of State will continue to work with allies and partners – through our embassies on the ground and our cyber experts in Washington – to coordinate appropriate support during the investigation, mitigation, and recovery from such cyber incidents. This support can include, as appropriate, the provision of advice by embassy cyber experts; facilitation of remote or on-the-ground investigative, hunt, and malware analysis activities; foreign assistance projects; or coordination of cyber assistance efforts with partner countries. 

Furthermore, the Department of State views such activities as critical to strengthening collective cyber defense and resilience and help countries resist cyberattacks aimed at coercing them or otherwise interfering with their sovereignty.

Ransomware in particular has emerged in recent years as a clear threat to national security, public safety, and economic prosperity. “Operating from safe havens like the PRC, DPRK, Iran, Russia, and certain other countries, ransomware operators have disrupted government services, hospitals, schools, pipeline operations, and civil society entities. With some states using ransomware actors as proxies or turning a blind eye to their activities and the significant impact of their cyberattacks on critical infrastructure, it is increasingly clear that ransomware activity can threaten international peace and security,” the strategy document added. 

Digital solidarity is clearly expressed through the Department of State’s efforts to leverage its diplomatic capabilities to support the whole-of-government fight against ransomware and other forms of cybercrime, including by building partner capacity; developing coalitions to prevent, disrupt, and punish criminal behavior; and fostering cooperation with the private sector. 

The Departments of State, Homeland Security, and Justice will continue to participate in the U.S. Joint Ransomware Task Force and partner with private industry and international allies to disrupt online criminal infrastructure and resources, take down botnets, and seize cryptocurrency garnered from ransomware campaigns.

The Department of State will continue to use its diplomatic engagements and capacity-building to broaden and strengthen participation in the International Counter Ransomware Initiative (CRI). The CRI is a unique and geographically diverse coalition of nearly 60 countries, plus multilateral institutions such as the European Union, Interpol, and Organization of American States, committed to building collective resilience to ransomware, cooperating to disrupt ransomware and pursue the actors responsible, countering the illicit finance that underpins the ransomware ecosystem, and working with the private sector to defend against ransomware attacks.

Moving forward, the U.S. government will continue to work to disincentivize misuse and positively reshape the commercial spyware market by driving out or encouraging reform by businesses associated with the misuse of these tools. The Department of State will continue to engage diplomatically to urge the countries that have already joined the Joint Statement to take concrete steps to counter the misuse and proliferation of commercial spyware, induce additional countries to join, and persuade countries that misuse or enable the misuse of spyware to implement safeguards to deviate less from U.S. policy.

“One shortcoming of the strategy is the limited inclusion of the Department of Defense’s efforts in the strategy, “ according to Mark Montgomery, senior director of the Center on Cyber and Technology Innovation (CCTI) at the Foundation for Defense of Democracies (FDD), wrote in an emailed statement. “The DoD and U.S. Cyber Command are key contributors to international engagement, support, and capacity building in cyberspace — yet are mentioned only four times each in the strategy.” 

By contrast, he added that other departments like Commerce and its subordinate agencies, all with smaller footprints than DoD and USCC, are mentioned 15-20 times. “This is a challenge when you are trying to get a complete understanding of U.S. efforts and properly prioritize resources to fill gaps.”

“The first action area of the strategy does well to explain the importance of international cooperation on cyber resilience and the impact this can have on continued U.S. economic prosperity,” Montgomery said. “The discussions on the importance of secure and trustworthy cloud services are insightful, especially given the Administration’s failure to address the similar issue of cloud computing security in its recent NSM-22 efforts concerning domestic critical infrastructure protection.” 

Moving to the fourth action area in the strategy of strengthening partner cyber capacity, Montgomery pointed out that it is especially important and deserves Congressional focus as it determines the State Department’s 2025 appropriations. “The Cyberspace, Digital Connectivity, and Related Technologies Fund, created by Congress in FY2023 NDAA and resourced by Congress in FY 2024 Appropriations with $50 million, will need to be similarly supported by Congress in the FY 2025 appropriations effort.”

He added that the cyber resilience of the critical infrastructure of U.S. allies and partners is critical to military planners as they plan for theater movements and logistics in a non-permissive environment. “The recent Volt Typhoon reporting indicates that potential adversaries are already probing and exploiting these critical infrastructure vulnerabilities.”

Anna Ribeiro

Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.