Dmitry Fonarev, Senior Public Affairs Manager, Kaspersky
In the digital era, cybercrime has emerged as a truly cross-border phenomenon, unconstrained by geographical boundaries or national jurisdictions. Crimes such as phishing, ransomware attacks, identity theft, and online fraud often involve complex networks of actors spread across multiple countries, making investigation and prosecution challenging. The anonymity and speed of digital communication further blur traditional legal borders, exposing gaps in national legislation and law enforcement cooperation. Addressing cybercrime therefore requires coordinated international action – harmonizing laws, enhancing information sharing, and building joint capabilities to ensure that cyberspace remains secure, trustworthy, and governed by the rule of law.
After years of complex negotiation, the United Nations has taken a historic step to address this pending issue with the adoption of the UN Convention against Cybercrime in December 2024. As a global cybersecurity company on the front lines of this fight, Kaspersky views this treaty as a necessary foundation for the future of international cyber law enforcement.
The path to this comprehensive document began in 2017, largely as a counterproposal to the Council of Europe’s Budapest Convention (2001), which many nations have not ratified. In December 2019, the UN General Assembly established an Ad Hoc Committee to draft the treaty. Negotiations grappled with fiercely contested issues, including the the scope of criminalized acts, the extent of law enforcement powers, and the balance between security and human rights. Despite profound initial disagreements, consensus was ultimately achieved, and the UN General Assembly adopted the treaty in December 2024. The signing ceremony took place in Hanoi in October 2025, attended by numerous national delegations and public sector representatives, and concluded with more than 70 signatories. The convention will enter into force following 40 ratifications.
The treaty’s core strength lies in its potential to harmonize the fractured global response to cybercrime. It recognizes that crimes are both cyber-dependent (like hacking) and cyber-enabled (like online fraud or terrorism). By obligating states to criminalize a common set of offences, it removes safe havens for criminals who exploit legal disparities.
From Kaspersky’s operational vantage point, several provisions are particularly welcome:
- 24/7 network of national points of contact. Mandating a round-the-clock national point of contact for urgent international cooperation is a pragmatic win. In cyber incidents where evidence vanishes in milliseconds, having a direct, known channel for rapid evidence sharing is invaluable.
- Preservation of volatile evidence. The provisions for expedited preservation of stored computer data address a critical necessity. This allows authorities to secure fleeting digital evidence before formal mutual legal assistance requests are completed.
- Public-private cooperation framework. The convention’s recognition of the need for a strengthened collaboration between law enforcers and the corporate sector is crucial. The cybersecurity industry possesses unparalleled threat intelligence, technical expertise, and visibility into attacks. Successful joint operations prove this model works. One example of this is the INTERPOL-coordinated action that disrupted Grandoreiro malware campaign. Supported by Kaspersky and other private companies, this operation led to the Brazilian authorities arresting five banking trojan administrators who had defrauded victims of more than EUR 3.5 million, according to conservative estimates. The treaty provides a platform to institutionalize such collaboration globally.
Kaspersky actively contributed to the convention’s negotiation process through
several multistakeholder discussion sessions. The company was also honored to
attend the signing ceremony in Hanoi and participate in its high-level side
events. Specifically, Kaspersky’s founder and CEO, Eugene Kaspersky, delivered
a speech addressing the importance of capacity-building initiatives for
upskilling cybersecurity specialists worldwide and the role of the private
sector in these efforts.
As a global cybersecurity vendor, Kaspersky believes the
convention’s adoption marks not an end, but the beginning of a more arduous
journey. To strengthen the global fight against cybercrime under the UN
Convention against Cybercrime, we propose the following key recommendations:
- Developing supplementary protocols. While the convention provides a crucial legal basis for broader international cooperation in the fight against cybercrime, it is fundamentally a framework document. Its practical application and effectiveness will depend on the goodwill of states parties and their efforts to align their national laws with its provisions. We therefore advocate for future supplementary protocols to further harmonize technical standards and enable a more coordinated global response to cyber offences.
- Establishing common forensic standards. Additional work is required to develop a digital forensic toolkit that would be recognized by the courts of various jurisdictions as legal evidence, and a methodology that can be used to conduct investigations. We believe it is important for states to reach a consensus on this issue and reflect it in a future protocol to the convention.
- Protecting penetration testers. The document does not cover sufficiently the topic of legal protection for “white-hat hackers” and penetration testers who identify vulnerabilities in ICT systems and prevent their exploitation for criminal purposes. Despite their significant contribution to creating a safe digital ecosystem, these professionals yet remain vulnerable to unfair prosecution, which ultimately undermines collective cybersecurity. This gap should be addressed.
- Deepening public-private synergy. The principle of public-private partnership must transition into practice. This requires establishing clear, lawful channels for sharing threat intelligence, conducting joint exercises, and implementing capacity-building programs that fully leverage private-sector expertise.
The UN Convention against Cybercrime represents a pivotal acknowledgment that our digital security is a shared global responsibility. It provides a much-needed common floor for cooperation. However, its framework nature means its legacy will be defined by the details of national implementation and the development of subsequent protocols.
For its part, Kaspersky believes in the promise of this coordinated approach. We stand ready to contribute to its responsible implementation – by providing actionable threat intelligence, training law enforcement partners, and working with governments, academia, and civil society to build the technical and operational capacity needed to make our digital world safer for everyone.
