A picture containing art, painting, poster, drawing

Description automatically generated
[Source: pinterest.com]

Everything that was once created for the common good turns into a farce nowadays. All words about international cooperation are just empty words. A case in point is the professed commitment of high-level politicians to combating cyber-crime when we have evidence that cyber-security organizations are being used as a cover for undercover espionage.

The UN Open-Ended Working Group (OEWG) on Information and Communication Technologies is the main international platform for information and communications technology security. The OEWG is the only open and inclusive negotiating mechanism on international information security (IIB) under UN auspices. The issues under consideration have a direct impact on the state of peaceful co-existence in information and telecommunication networks, including the Internet.

A flag flying in front of a building

Description automatically generated with low confidence
[Source: pxhere.com]

The Group consists of more than 190 countries as its permanent members, including Russia, as well as the U.S. and its allies, which continue to pursue unjustifiably aggressive policies toward Russia, preventing it from strengthening its political position on UN platforms as one of the international leaders in information and telecommunication technology.[1]

Panelists are concerned about the misuse of information and telecommunication networks by state and non-state actors to damage the critical infrastructure of any country. One common way to damage critical infrastructure in any country in the world is through cyber attacks via the Internet.

A person typing on a computer

Description automatically generated with medium confidence
[Source: newsweek.com]

In order to form a system to neutralize cyber attacks aimed at damaging critical infrastructure in any country, delegates of the OEWG put forward the idea of creating a so-called register of contact points,[2] which should include an organization with cyber-attack mitigation capabilities from each OEWG member state. This initiative allows for direct cross-state contact between experts on neutralizing cyber attacks on the Internet.

Russia actively supports the above-mentioned idea of the OSCE, but the U.S. and its allies block any Russian initiatives to form a register of contact points on the principles formulated by Moscow in every possible way. At the same time, Washington proposes to use the state and commercial organizations controlled by the intelligence services within the framework of the association FIRST.

FIRST (Forum of Incident Response and Security Teams) initially excluded the Russian and Belarusian Computer Emergency Response Teams (CERT) but, as it turned out, this was only the beginning.1 They are developing active activities among the UN Security Council members. And the once “public and non-profit” organization has big plans in this direction.

FIRST suspends Russia’s membership. These include the Bank of Russia’s Center for Monitoring and Response to Computer Attacks (FinCERT), the Russian Computer Incident Response Center (RU-CERT), centers under Kaspersky Lab, BI.ZONE (a Sberbank subsidiary), Infosystems Jet, Rostelecom-Solar, Information Security Laboratories, and Infosecurity (part of Softline). This scenario was followed by the Republic of Belarus.[3]

This news hardly touched the minds of ordinary citizens. It was discussed seriously only in highly specialized circles. For the rest of us, it is not so important what this gives and what another American non-profit interest group does. In fact, it is an International Community, literally translated as “Forum of Security and Incident Response Teams.”

FIRST was created in 1990 in response to the spread of computer threats: When one of the first Internet worms started spreading around the world in November 1988, the response to it was not coordinated at first; the creation of the organization was supposed to help overcome language barriers, differences in standards, etc.[4]

The best experts in the IT sphere declared that they were ready to stand up for less advanced countries and provide the world with a secure and controlled shared Internet. But the period of sanctions came and many new things came to light: As it turned out, the Internet was not so common, but quite manageable and disconnectable. And, so, the moment came when the fight against cyber threats became a cyber threat itself.

FIRST began to dictate policy in this area. The public organization, which once had in its charter a statement that it was created to exchange data, unilaterally decides that they will not exchange data with Russia and Belarus.[5] They called this measure sanctions and, after unilaterally notifying the companies on the sanctions list, all contacts were stopped.

This turned out to be a serious blow for Russia. De facto, all Russian business was left without timely updates of virus databases but only those coming from the West, as domestic threats are still being isolated and eradicated. Russia and Belarus will have to exert many times as much effort to do all the work previously done collectively (as the West expects).

However, FIRST made a straw for itself. Those Russian and Belarusian companies that moved abroad and opened offices in the U.S. or Europe were excluded from the sanctions list. That is, those who in practice became available to any pressure and control, both network and physical, were allowed to counteract the global evil.

It may seem that Russia’s disconnection from FIRST is another serious wound. Indeed, who among bankers or representatives of large businesses would refuse timely notification of a new type of intruder virus or a planned attack on customer accounts?

The level of IT staff training, especially relevant in the period of “isolation” in Russia is traditionally high. During the period of cooperation, it was Russia that repeatedly passed on information about network threats, saving entire economies. FIRST’s actions seem absurd if one does not understand that this is not economics, but politics.

If we assume for a moment that the international “saving” organization does not want to save anyone, then everything falls into place: Russia does not receive data on new technologies in this area. Consequently, it can neither warn nor investigate and name the source of the threat.

In this way, third forces are free to operate in regions where they have nothing to oppose.

And if we also understand that, by removing the Russian Federation, FIRST has become truly consolidated and united in opinion, since small countries simply have nothing to oppose it, the scope of the problem becomes clear.

If it seems that these are paranoid ideas and inclinations to conspiracy theories, it is enough to remember the scandals of the last five years: confirmed U.S. spying on Merkel and Macron.[6]

Wiretapping of governments of even European “partners” by U.S. intelligence agencies? Similar exclusion of Huawei from the program?[7] And how do you think it was backed up? That’s right, it was called a trivial security measure. Then the most important question is, is there any hope to believe that, by gaining almost monopolistic control over cyber threats, the United States will not take advantage of it?

And there are more and more opportunities. Notice how quietly and beautifully FIRST began to dictate its terms. Literally, in one day, two major member countries, one of which was there almost at the very origins, were turned off. And it was done without coordinating with anyone and without requiring a vote in the UN or any other representative body.

Afterwards, by a simple majority vote (which is not surprising in recent times), all the ideas and proposals of Russian groups were chopped down at the root. The project with the algorithm developed by Russian experts to detect cyber-crime in Darknet was safely rejected. No alternative ideas were voiced, the highly praised scheme by experts scheme, which could have reduced the traffic of weapons, drugs, organs simply turned out not to be.[8]

Now FIRST plans to expand its sphere of influence, still stating the need to protect cyberspace. At the same time, the U.S. has begun to promote the idea of adding additional countries to the UN Security Council without veto power. That is, FIRST cannot ensure equal participation of all member states of the OEWG in their work on responding to cyber attacks due to their high politicization and unwillingness to engage openly and pragmatically with the authorized experts of individual countries on the part of this association. And to the databases and technologies of these countries “public” organizations of the United States will also get access. Espionage under the guise of private organizations is becoming a credo for some and a security threat for others.


  1. https://www.mk.ru/politics/2022/07/26/v-nyuyorke-so-skandalom-otkrylas-sessiya-rgos-po-kiberbezopasnosti.html

  2. https://sm.news/ssha-blokiruyut-iniciativy-rossii-po-kiberbezopasnosti-dlya-dalnejshego-vmeshatelstva-v-dela-drugix-stran-71536/

  3. https://www.rbc.ru/newspaper/2022/03/28/623d96709a794758c08197ce

  4. https://www.rbc.ru/newspaper/2022/03/28/623d96709a794758c08197ce

  5. https://www.anti-malware.ru/news/2022-03-25-111332/38405

  6. https://ria.ru/20150626/1090021526.html

  7. https://reclaimthenet.org/huawei-suspended-from-the-forum-of-incident-response-and-security-teams

  8. https://newstaraz.kz/ne-pervoj-a-edinstvennoj-zachem-first-vytesnyaet-rossiyu-iz-mezhdunarodnyh-programm/


CovertAction Magazine is made possible by subscriptionsorders and donations from readers like you.

Blow the Whistle on U.S. Imperialism

Click the whistle and donate

When you donate to CovertAction Magazine, you are supporting investigative journalism. Your contributions go directly to supporting the development, production, editing, and dissemination of the Magazine.

CovertAction Magazine does not receive corporate or government sponsorship. Yet, we hold a steadfast commitment to providing compensation for writers, editorial and technical support. Your support helps facilitate this compensation as well as increase the caliber of this work.

Please make a donation by clicking on the donate logo above and enter the amount and your credit or debit card information.

CovertAction Institute, Inc. (CAI) is a 501(c)(3) non-profit organization and your gift is tax-deductible for federal income purposes. CAI’s tax-exempt ID number is 87-2461683.

We sincerely thank you for your support.


Disclaimer: The contents of this article are the sole responsibility of the author(s). CovertAction Institute, Inc. (CAI), including its Board of Directors (BD), Editorial Board (EB), Advisory Board (AB), staff, volunteers and its projects (including CovertAction Magazine) are not responsible for any inaccurate or incorrect statement in this article. This article also does not necessarily represent the views the BD, the EB, the AB, staff, volunteers, or any members of its projects.

Differing viewpoints: CAM publishes articles with differing viewpoints in an effort to nurture vibrant debate and thoughtful critical analysis. Feel free to comment on the articles in the comment section and/or send your letters to the Editors, which we will publish in the Letters column.

Copyrighted Material: This web site may contain copyrighted material the use of which has not always been specifically authorized by the copyright owner. As a not-for-profit charitable organization incorporated in the State of New York, we are making such material available in an effort to advance the understanding of humanity’s problems and hopefully to help find solutions for those problems. We believe this constitutes a ‘fair use’ of any such copyrighted material as provided for in section 107 of the US Copyright Law. You can read more about ‘fair use’ and US Copyright Law at the Legal Information Institute of Cornell Law School.

Republishing: CovertAction Magazine (CAM) grants permission to cross-post CAM articles on not-for-profit community internet sites as long as the source is acknowledged together with a hyperlink to the original CovertAction Magazine article. Also, kindly let us know at info@CovertActionMagazine.com. For publication of CAM articles in print or other forms including commercial internet sites, contact: info@CovertActionMagazine.com.

By using this site, you agree to these terms above.


About the Author

Leave a Reply