Protecting Critical Infrastructure from Terrorist Attacks
January 30, 2019
FROM THE UN SECRETARY-GENERAL
Protecting Critical Infrastructure from Terrorist Attacks
Following is UN Secretary-General António Guterres’ message to the Security Council open debate on protection of critical infrastructure against terrorist attacks, (delivered by Maria Luiza Viotti, Chef de Cabinet) in New York on 13 February:
[It is a pleasure for me to be here today on behalf of the Secretary-General.] I congratulate the Minister for Foreign Affairs of Ukraine for convening this meeting.
As terrorist organizations proliferate and seek innovative ways to plan and execute physical and cyberattacks across the globe, the threat they pose is becoming increasingly complex. Critical infrastructure is especially vulnerable, including energy facilities and networks; air, land and maritime transportation; banking and financial services; water supply; food distribution, public health and other services that are the backbone of modern societies.
Infrastructure networks and systems that previously functioned independently have become interlinked through advances in communication and information technology. An attack on one sector can affect others, leading to disruptions and wide-spread chaos.
The Counter-Terrorism Committee Executive Directorate has recognized the gravity of the dangers of Da’esh and other groups determined to carry out such attacks. Moreover, since many such facilities and networks operate across borders, any terrorist attack against them would almost certainly have regional and global implications.
The transnational nature of terrorism requires a coordinated response of all states and actors of the international community. However, we need to admit that international counter-terrorism cooperation has been limited, especially in the area of critical infrastructure.
Strategically, this means that the international community needs to unite and be more creative, proactive and effective, including through the development of strong public-private partnerships.
Three key steps need to be taken. First, vulnerabilities in critical infrastructure need to be mapped, at all levels and in all sectors. Second, international, regional and national actors should cooperate on prevention, and in case an attack does take place, on the mitigation of its effects, including through information-sharing. Third, it is crucial to build States’ capacities — including to assess risks, take preparedness measures, strengthen emergency management capacity and ensure that responses are fully in keeping with human rights norms and standards. The United Nations stands ready to assist Member States in these and other areas.
The Counter-Terrorism Implementation Task Force has set up an Inter-agency Working Group on the Protection of Critical Infrastructure including Internet, Vulnerable Targets and Tourism Security. Various projects to assist Member States are under way, encompassing many areas, UN entities and partners. But, of course, the primary responsibility lies with Member States.
This debate comes at a crucial time. As our world becomes increasingly interconnected — through travel, commerce, communications and in cyberspace — we become more vulnerable to attacks by technologically savvy terrorists seeking new ways to spread fear.
I encourage the Security Council to heighten its attention to this critical threat.
In his statementSyed Akbaruddin (India) said that while protecting critical infrastructure was primarily a national responsibility, threats of attacks against an international stock market, a major dam, a nuclear power plant or other facilities had much wider implications, far beyond national borders. The global nature of information and communications technologies called for an international vision and policy coordination, he said, noting with concern the dearth of international instruments addressing cyberspace threats. Warning that current international law was not well-positioned to support responses to cyberattacks, he said today’s debate was an opportunity to ask important questions. “Can we look at options for strengthening international law against terrorist cyberattacks?” he asked. “Are we ready for a collaborative prevention approach to address terrorist cyberattacks against critical infrastructure?” That would require a “global neighbourhood watch programme” as well as trust, he said, noting that there was a deficit of the latter. Noting that international law relating to terrorism had evolved largely as a result of States reacting to terrorist violence, he said that he hoped that would no longer be the case, emphasizing that the resolution adopted today must be the first of many steps in the right direction.
The full text of resolution 2341 (2017) reads as follows:
“Reaffirming its primary responsibility for the maintenance of international peace and security, in accordance with the Charter of the United Nations,
“Reaffirming its respect for the sovereignty, territorial integrity and political independence of all States in accordance with the United Nations Charter,
“Reaffirming that terrorism in all forms and manifestations constitutes one of the most serious threats to international peace and security and that any acts of terrorism are criminal and unjustifiable regardless of their motivations, whenever, wherever and by whomsoever committed, and remaining determined to contribute further to enhancing the effectiveness of the overall effort to fight this scourge on a global level,
“Reaffirming that terrorism poses a threat to international peace and security and that countering this threat requires collective efforts on national, regional and international levels on the basis of respect for international law, including international human rights law and international humanitarian law, and the Charter of the United Nations,
“Reaffirming that terrorism should not be associated with any religion, nationality, civilization or ethnic group,
“Stressing that the active participation and collaboration of all States and international, regional and sub-regional organizations is needed to impede, impair, isolate, and incapacitate the terrorist threat, and emphasizing the importance of implementing the United Nations Global Counter-Terrorism Strategy (GCTS), contained in General Assembly resolution 60/288 of 8 September 2006, and its subsequent reviews,
“Reiterating the need to undertake measures to prevent and combat terrorism, in particular by denying terrorists access to the means to carry out their attacks, as outlined in Pillar II of the UN GCTS, including the need to strengthen efforts to improve security and protection of particularly vulnerable targets, such as infrastructure and public places, as well as resilience to terrorist attacks, in particular in the area of civil protection, while recognizing that States may require assistance to this effect,
“Recognizing that each State determines what constitutes its critical infrastructure, and how to effectively protect it from terrorist attacks,
“Recognizing a growing importance of ensuring reliability and resilience of critical infrastructure and its protection from terrorist attacks for national security, public safety and the economy of the concerned States as well as wellbeing and welfare of their population,
“Recognizing that preparedness for terrorist attacks includes prevention, protection, mitigation, response and recovery with an emphasis on promoting security and resilience of critical infrastructure, including through public-private partnership as appropriate,
“Recognizing that protection efforts entail multiple streams of efforts, such as planning; public information and warning; operational coordination; intelligence and information sharing; interdiction and disruption; screening, search and detection; access control and identity verification; cybersecurity; physical protective measures; risk management for protection programmes and activities; and supply chain integrity and security,
“Acknowledging a vital role that informed, alert communities play in promoting awareness and understanding of the terrorist threat environment and specifically in identifying and reporting suspicious activities to law enforcement authorities, and the importance of expanding public awareness, engagement, and public-private partnership as appropriate, especially regarding potential terrorist threats and vulnerabilities through regular national and local dialogue, training, and outreach,
“Noting increasing cross-border critical infrastructure interdependencies between countries, such as those used for, inter alia, generation, transmission and distribution of energy, air, land and maritime transport, banking and financial services, water supply, food distribution and public health,
“Recognizing that, as a result of increasing interdependency among critical infrastructure sectors, some critical infrastructure is potentially susceptible to a growing number and a wider variety of threats and vulnerabilities that raise new security concerns,
“Expressing concern that terrorist attacks on critical infrastructure could significantly disrupt the functioning of government and private sector alike and cause knock-on effects beyond the infrastructure sector,
“Underlining that effective critical infrastructure protection requires sectoral and cross-sectoral approaches to risk management and includes, inter alia, identifying and preparing for terrorist threats to reduce vulnerability of critical infrastructure, preventing and disrupting terrorist plots against critical infrastructure where possible, minimizing impacts and recovery time in the event of damage from a terrorist attack, identifying the cause of damage or the source of an attack, preserving evidence of an attack and holding those responsible for the attack accountable,
“Recognizing in this regard that the effectiveness of critical infrastructure protection is greatly enhanced when based on an approach that considers all threats and hazards, notably terrorist attacks, and when combined with regular and substantive consultation and cooperation with operators of critical infrastructure and law enforcement and security officials charged with protection of critical infrastructure, and, when appropriate, with other stakeholders, including private sector owners,
“Recognizing that the protection of critical infrastructure requires cooperation domestically and across borders with governmental authorities, foreign partners and private sector owners and operators of such infrastructure, as well as sharing their knowledge and experience in developing policies, good practices, and lessons learned,
“Recalling that the resolution 1373 (2001) called upon Member States to find ways of intensifying and accelerating the exchange of operational information, especially regarding actions or movements of terrorist persons or networks; forged or falsified travel documents; traffic in arms, explosives or sensitive materials; use of communications technologies by terrorist groups; and the threat posed by the possession of weapons of mass destruction by terrorist groups and to cooperate, particularly through bilateral and multilateral arrangements and agreements, to prevent and suppress terrorist attacks,
“Noting the work of relevant international, regional and sub-regional organizations, entities, forums and meetings on enhancing protection, security, and resilience of critical infrastructure,
“Welcoming the continuing cooperation on counter-terrorism efforts between the Counter-Terrorism Committee (CTC) and International Criminal Police Organization (INTERPOL), the United Nations Office on Drugs and Crime, in particular on technical assistance and capacity-building, and all other United Nations bodies, and strongly encouraging their further engagement with the United Nations Counter-Terrorism Implementation Task Force (CTITF) to ensure overall coordination and coherence in the counter-terrorism efforts of the United Nations system,
“1. Encourages all States to make concerted and coordinated efforts, including through international cooperation, to raise awareness, to expand knowledge and understanding of the challenges posed by terrorist attacks, in order to improve preparedness for such attacks against critical infrastructure;
“2. Calls upon Member States to consider developing or further improving their strategies for reducing risks to critical infrastructure from terrorist attacks, which should include, inter alia, assessing and raising awareness of the relevant risks, taking preparedness measures, including effective responses to such attacks, as well as promoting better interoperability in security and consequence management, and facilitating effective interaction of all stakeholders involved;
“3. Recalls its decision in resolution 1373 (2001) that all States shall establish terrorist acts as serious criminal offences in domestic laws and regulations, and calls upon all Member States to ensure that they have established criminal responsibility for terrorist attacks intended to destroy or disable critical infrastructure, as well as the planning of, training for, and financing of and logistical support for such attacks;
“4. Сalls upon Member States to explore ways to exchange relevant information and to cooperate actively in the prevention, protection, mitigation, preparedness, investigation, response to or recovery from terrorist attacks planned or committed against critical infrastructure;
“5. Further calls upon States to establish or strengthen national, regional and international partnerships with stakeholders, both public and private, as appropriate, to share information and experience in order to prevent, protect, mitigate, investigate, respond to and recover from damage from terrorist attacks on critical infrastructure facilities, including through joint training, and use or establishment of relevant communication or emergency warning networks;
“6. Urges all States to ensure that all their relevant domestic departments, agencies and other entities work closely and effectively together on matters of protection of critical infrastructure against terrorist attacks;
“7. Encourages the United Nations as well as those Member States and relevant regional and international organizations that have developed respective strategies to deal with protection of critical infrastructure to work with all States and relevant international, regional and sub-regional organizations and entities to identify and share good practices and measures to manage the risk of terrorist attacks on critical infrastructure;
“8. Affirms that regional and bilateral economic cooperation and development initiatives play a vital role in achieving stability and prosperity, and in this regard calls upon all States to enhance their cooperation to protect critical infrastructure, including regional connectivity projects and related cross-border infrastructure, from terrorist attacks, as appropriate, through bilateral and multilateral means in information sharing, risk assessment and joint law enforcement;
“9. Urges States able to do so to assist in the delivery of effective and targeted capacity development, training and other necessary resources, technical assistance, technology transfers and programmes, where it is needed to enable all States to achieve the goal of protection of critical infrastructure against terrorist attacks;
“10. Directs the CTC, with the support of the Counter-Terrorism Executive Directorate (CTED) to continue as appropriate, within their respective mandates, to examine Member States efforts to protect critical infrastructure from terrorist attacks as relevant to the implementation of resolution 1373 (2001) with the aim of identifying good practices, gaps and vulnerabilities in this field;
“11. Encourages in this regard the CTC, with the support of CTED, as well as the CTITF to continue working together to facilitate technical assistance and capacity building and to raise awareness in the field of protection of critical infrastructure from terrorist attacks, in particular by strengthening its dialogue with States and relevant international, regional and sub-regional organizations and working closely, including by sharing information, with relevant bilateral and multilateral technical assistance providers;
“12. Encourages the CTITF Working Group on the Protection of Critical Infrastructure including Vulnerable Targets, Internet and Tourism Security to continue its facilitation, and in cooperation with other specialized United Nations agencies, assistance on capacity-building for enhancing implementation of the measures upon request by Member States;
“13. Requests the CTC to update the Council in twelve months on the implementation of this resolution;