UN Adopts Global Treaty to Tackle Rising Cybercrime

The UN authorities are supporting law enforcement authorities in Cambodia, and elsewhere, to fight cybercrime.

Imagine this: you visit the familiar website of your local hardware store. Everything looks the same — the design, the brand name, the interface. You place your order, make the payment, and only later notice a small detail — just one letter in the website address was different.

That’s how easily you can fall into a cybercriminal trap. If you’re lucky, the loss is small and your bank acts quickly — refunding the money and reissuing your card. But not everyone is so fortunate; in many countries, recovering stolen funds is nearly impossible.

One click away from losing everything

A bankruptcy lawyer told UN officials that an increasing number of people are being forced to declare bankruptcy after losing money to cybercrime. Anyone can fall victim to a cyberattack — no matter where they live — and everyone deserves protection and support.

In many countries, cybercriminal acts are still not clearly defined under the law, and mechanisms for international cooperation remain weak. Meanwhile, cybercrime continues to evolve rapidly. What once were isolated attacks by individual hackers have become large-scale operations run by organised criminal networks.

The internet and emerging technologies, including artificial intelligence, now allow criminals to act faster, reach victims worldwide, and commit crimes with minimal human involvement. From autonomous cyberattacks and fake images created using deep-fake technologies to malicious software and AI-enhanced phishing campaigns, the misuse of new tools challenges traditional systems of investigation and prevention.

Phishing kits for criminals

The most common cybercrime today is phishing — tricking victims into revealing passwords or financial information through fake websites or emails. Even inexperienced criminals can now use ready-made “phishing kits” to instantly clone major brand websites and send convincing fraudulent messages.

In recent years, billions of stolen username and password combinations have surfaced on the dark web. These data are used in so-called “credential-stuffing” attacks — automated login attempts across thousands of websites at once.

Turning the page on cybercrime

This chapter of digital history may soon change. In December 2024, the UN General Assembly adopted the United Nations Convention against Cybercrime, the first international treaty on criminal justice in more than two decades.

The adoption followed five years of negotiations among UN Member States, with contributions from experts, civil society, academia, and the private sector. UN Secretary-General António Guterres described the Convention as “a decisive step” in global efforts to ensure online safety.

The treaty will be opened for signature on 25 October in Hanoi, Viet Nam, and will enter into force 90 days after ratification by 40 states.

Global response to a global threat

The new Convention establishes a unified international framework to combat cybercrime. It introduces standardised definitions, investigation procedures, and mechanisms to assist victims — including compensation, restitution, and the removal of illegal content.

States will implement these measures according to their national legislation but within agreed international principles. With this Convention, the UN hopes to build a future where a single wrong letter in a website address no longer costs victims everything.

The United Nations Office on Drugs and Crime (UNODC) leads global efforts against cybercrime, providing training and technical support to countries worldwide. The Vienna-based agency offers expertise in prevention, legislative reform, law enforcement capacity-building, international cooperation, forensic support, and data-driven research on cyber threats.