Forum: General Assembly 1

Establishing international frameworks for cyber warfare and the ethical Issue: use of cyber technology

Student Officer: Alice Loveri

Position: Deputy President Chair

Introduction

Cyber security has been a growing issue since the creation of the internet, and with it a world of cyber warfare that is rapidly spreading. Technology is a fast-growing community which can be hardly controlled and the effects of the lack of control and what is happening behind the screens are starting to be seen.

Cyber security is “the collection of tools, concepts, safeguards, guidelines and policies that can be used to protect the cybersphere and an organization or nation's assets” and is often underestimated because of its apparent simplicity. However, the importance of cyber security and the issue of cyber warfare should not be misconstrued, as anyone who specializes in technology could hack into a variety of different systems from easily personal accounts but easily banks, governments, confidential database etc. too. In the worst cases, cyber warfare could lead to complete destruction of countries’ systems. A country’s systems being hacked and held for ransom in exchange for monetary gain could destabilize the nation and create chaos in the frameworks and workings of the country. This ultimately opens up the private and public sectors as well as other countries’ secrets to immense vulnerabilities and dangers. Protecting the cybersphere against the threat of cyber warfare and cyber terrorism, has now become a major priority for the United Nations.

As the UN Secretary-General Ban Ki-moon said “Information and communications technologies are part of daily life. They are helping to revolutionize health and education; transform the way we live and work and move us closer to our development goals. But cyber-attacks have the potential to destabilize on a global scale. Cyber-security must therefore be a matter of global concern.”

Page 1 of 18 Definition of Terms

Artificial Intelligence

Artificial intelligence (AI) refers to the simulation of human intelligence in machines that are programmed to think like humans and mimic their actions. The term may also be applied to any machine that exhibits traits associated with a human mind such as learning and problem-solving.

Cyber

Relating to or characteristic of the culture of computers, information technology, and virtual reality.

Cyber Attack

A cyber attack is an assault launched by cybercriminals using computers against a single or multiple computers or networks. A cyber attack can maliciously disable computers, steal data, or use a breached computer as a launch point for other attacks.

Cyber Espionage

Cyber espionage is the act of obtaining secrets and sensitive information without the permission and knowledge of the owner from individuals, competitors, rivals, groups, governments and enemies for personal, economic, political or military advantage using methods on the Internet, networks or individual computers through the use of proxy servers, cracking techniques and malicious software including Trojan horses and .

Cyber Warfare

The use of computer technology to disrupt the activities of a state or organization, especially the deliberate attacking of information systems for strategic or military purposes.

Computer Emergency Response Team (CERT)

Computer emergency response teams (CERT) are expert groups that handle incidents. In general, CERT aims to oppose the evolution of cyber-attacks, through the implementation of real-world solutions to these problems. They may be government officials or employees of major corporations. For example, the U.S. Computer Emergency Readiness Team (US-CERT) operates under the U.S. Department of Homeland Security.

Page 2 of 18 hacktivism is the act of hacking, or breaking into a computer system, for politically or socially motivated purposes. Hacktivists' targets include religious organizations, terrorists, drug dealers etc. An example of hacktivism is ’ attacks on the Minneapolis Police Department after George Floyd’s killing to support the Black Lives Matter Movement.

Hardware

Computer hardware refers to the physical parts of a computer and related devices. Internal hardware devices include motherboards, hard drives, and RAM. External hardware devices include monitors, keyboards, mice, printers, and scanners.

Malware

Malware, short for malicious software, is a blanket term for viruses, worms, trojans and other harmful computer programs use to wreak destruction and gain access to sensitive information.

Virus

A is a type of malicious code or program written to alter the way a computer operates and is designed to spread from one computer to another. A virus operates by inserting or attaching itself to a legitimate program or document that supports macros in order to execute its code.

Worm

A is a type of malware that spreads copies of itself from computer to computer. A worm can replicate itself without any human interaction, and it does not need to attach itself to a software program in order to cause damage.

Trojan

A or Trojan is a type of malware that is often disguised as legitimate software. Trojans can be employed by cyber-thieves and hackers trying to gain access to users' systems. Once activated, Trojans can enable cyber-criminals to spy on you, steal your sensitive data, and gain access to your system

Page 3 of 18

Ransomware is a type of malware from cryptovirology that threatens to publish the victim's data or perpetually block access to it unless a ransom is paid. While some simple ransomware may lock the system so that it is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called cryptoviral extortion.

Proxy Servers

A proxy server is a computer system or router that functions as a relay between client and server. It helps prevent an attacker from invading a private network and is one of several tools used to build a firewall.

Script

A computer script is a list of commands that are interpreted or carried out by another program rather than by the computer processor. Scripts may be used to automate processes on a local computer or to generate Web pages.

Software

Software, instructions that tell a computer what to do. Software comprises the entire set of programs, procedures, and routines associated with the operation of a computer system.

Page 4 of 18 Key Issues

Cyber terrorism

In the last 20 years, there has been lack of international attempts to identify cyberterrorist, even though it has been the biggest threat to international peace of the decade. Most individuals and organizations which have been labelled as cyberterrorist have not yet carried out any acts of terror within the cybersphere but only threatened, which doesn’t make them imminent threats. However, the organizations that better fit the definition of cyber terrorism are brushed aside and forgotten, finally only labeled as “Hacktivism”, even though their actions can have large scaled consequences, seen by Anonymous’ acts. Countries only consider Al Qaeda and other Salafist groups as the main groups which threaten cyber security only due to their size and aims, but it is in fact groups like Anonymous which pose a grave threat because of their emotional impact on the population.

The UN group of governmental experts

nd General Assembly ordered the GGE to produce a finally report to the 72 ​ session to study ​ further the existing threats to international cyber security and the application of International Law in cyberspace. However, the group never submitted a report to the Assembly due to grave disagreements on the applicability of International Humanitarian Law and the Article 51 of the UN Charter. The proposal of the application of Article 51 of the UN Charter in cyberspace created various oppositions and concerns. The opposition stated that the application of article 51 would lead to a forthcoming militarization of the cyber sphere. Views were shared by the delegates of Russia, China and Cuba. As the Cuban delegate stated, this development will “convert cyberspace into a theatre of military operations and [...] legitimize, in that context, unilateral punitive force actions, including the application of sanctions and even military action by States claiming to be victims of illicit uses of Information and Communication Technology.” The United Kingdom and the United States expressed profound disappointment towards the unwillingness of other nations to endorse the mandate of international legal issues and later opposed the stance. Discussing peaceful and diplomatic solutions to cyber warfare without commenting on the legal and military responses is ineffective and shows which countries are using the GGE for political gains, according to the United States. For the reason that no report was submitted by the fifth session of the GGE, the international community remains at an impasse and the conversation of the application of international law amongst other issues stays unsolved. As the GA has not yet called for the next meeting, the final result

Page 5 of 18 was the dissolution of the international body with a clear order to study cyber security and propose solutions to emerging threats.

Article 51 of the United Nations Charter

Article 51 of the United Nations Charter states, “Nothing in the Charter shall impair the inherent right of individual or collective self-defence if an armed attack occurs against a Member of the United Nations, until the Security Council has taken measures necessary to maintain international peace and security. Measures taken by Members in the exercise of this right of self-defence shall be immediately reported to the Security Council and shall not in any way affect the authority and responsibility of the Security Council under the present Charter to take at any time such action as it deems necessary in order to maintain or restore international peace and security.” Due to its obvious ambiguity, the article has been misused on multiple cases for example in Afghanistan, Iraq and Vietnam. The question of the applicability of the article in cyberspace has become an extremely perpetuating issue. The article has no clear definitions of what an armed attack or self-defense pertains. Therefore, the largest impediment in unanimous consensus in the cyberspace is the legal applicability of the self-defense ideology. In the Nicaragua case of 1986, the International Court of Justice (ICJ) ruled that an armed attack must rise to a specific level, thus minor or smaller incidents are disregarded and not considered. The ICJ further added that there is an apparent unregulated loophole between the use of force and the definition of an armed attack, this loophole is even more obvious in the field of cyberwarfare.

Accountability and legality

Ensuring accountability and responsibility is taken for acts of raises multiple obstacles. Many states have created strict national legislations against cybercrime to ensure cyber security for their country, however the transnational nature of the crimes and criminals delegitimizes the national legislations and creates peculiar barriers when nations attempt to prosecute cyber-crimes. While national demands and legislatures have an important role in increasing and aiding security measures, the large inconsistencies between states lead to gaps and loopholes in security which ultimately only aid the criminals and hackers.

The use of Artificial Intelligence

Artificial Intelligence (AI) is ever growing and developing model of cyber offense and defense. Offensive AIs are able to change and adapt as they contaminated the network and take over

Page 6 of 18 full systems with low to zero chances of being detected. AI’s ingrained ability to learn and adapt from its surroundings will lead to customized and specific attacks which are able to imitate human actions and therefore reduced governments’ ability to hold accountable the actual criminals.

AI as a cyberattack deterrent Traditional security systems are now incompetent and outdated. The traditional cybersecurity systems analyze viruses to find similarities amongst samples, however with malware being created and developed on the daily it is impossible to utilize it. Firms are training AI systems to detect viruses and Trojans with multiple algorithms and codes. AIs can recognize malicious files, links and even behaviors and isolate them more easily and effectively.

AI as a tool for cybercrime

The Emotet Trojan is an exceptionally advanced but common AI based attack. Emotet’s main workings is spam phishing, using scams and malicious email attachments, which people most often open. The Emotet has also been improved to a new version which allows the trojan to steal data from users who open the malicious links and attachments. The Trojan utilizes the AI’s to do natural language processing and send individuals emails which have been exactly written to attract their attention.

Major Parties Involved and Their Views

United States Of America

The US Department of Defense Cyber Strategy as stated on April 2015, 1. Build and maintain ready forces and capabilities to conduct cyberspace operations;

Page 7 of 18 2. Defend the DoD information network, secure DoD data, and mitigate risks to DoD missions; 3. Be prepared to defend the U.S. homeland and U.S. vital interests from disruptive or destructive cyber-attacks of significant consequence; 4. Build and maintain viable cyber options and plan to use those options to control conflict escalation and to shape the conflict environment at all stages; 5. Build and maintain robust international alliances and partnerships to deter shared threats and increase international security and stability.

The United States of America has recognized the immense threat of cyber-warfare and classifies it as a danger to its national interests, to which they have invested billions of dollars in developing defenses following the ‘five pillars’. The National Security Agency, a massive part of the United States intelligence, has been accused of spying and hacking on other countries. However, on the other hand, the United States are often victims of attacks and hackers.

European Union

The EU has several cyber-security programs already in place to protect themselves, all of them from the “Cybersecurity Strategy of the European Union” which includes measures to combat cyber threats and develop cyber resilience by further educating the relevant experts to fight cyber threats and raising awareness in the civilian public.

The Russian Federation

Russia has one of the strongest cyber defenses and the most dangerous cyber army. As seen on the act of 1998, The Russian Federation was the first country to recognize the threat cyber warfare poses, thereby the federation proposed a resolution to the GA1. Russia has been so far a proactive member in campaigning for rules and ethics in cyberspace however, Russia has been accused of conducting numerous cyber-attacks against other countries, and allegedly even the 2016 US elections.

The Islamic Republic of Iran

Iran is a major target of foreign cyber espionage and views cyberattacks as part of the unbalanced military contrasts it confronts every day with the United States. Iran was victim of a US cyber-attack in 2019, which were aimed at taking down Iran’s military structure. Iran utilizes the cybersphere as a way to increase national power and control.

Republic Of Korea

Page 8 of 18 South Korea, in 2016, was ranked the most vulnerable country to cyber-attacks in the Asia-Pacific region, scoring 884 out of 100 on the ‘Cyber Risk Score’. Even though South Korea has access to futuristic and innovative technology, its cyber security structures are weak. Multiple cyber-attacks, from North Korea and other countries, have damaged the Korean economy and have risked the national security of the country.

The Democratic People’s Republic Of Korea

Kim Jong Un stated that Cyber Weapons are as important as Nuclear Weapons and therefore the DPRK’s Bureau 121 is a key aspect of the North Korean Military Strategy. The bureau targets banks, governments, and is considered an ‘all-purpose sword’ that guarantees the military powers and control of the nation. North Korean hackers are extremely skilled and are considered some of the best in the world.

Page 9 of 18 Development of Issue/Timeline

Date Event Outcome

This attack was the world’s first The CIA made major changes recorded cyber-attack. During to a software to cause the the Cold War, the Soviet Union Trans-Siberian Pipeline to openly and strictly denounced June 1982 explode after learning that the the attack and stated it never Soviet Union planned to steal happened, however the software from a Canadian Farewell Dossier of the CIA company to control it. indicates this attack was in fact

planned and in place. About 10% of the world’s A student at Cornell University, servers were shut down as a Robert Tappan Morris, created result of this worm. After the November 1988 and released the ever first United States’ first cyber law internet worm. Now referred to legislation, “The Computer as the Morris Worm and the Fraud and Abuse Act” was Morris incident. passed, Morris was convicted of the felony of cybercrime. Foreign state actors released a NASA now started to block and Trojan into the NASA servers inspect emails with December 2006 by sending it to a top official, attachments, the first major who released it. NASA’s anti-malware system is designs for the latest space incorporated into every day shuttles are stolen. security systems. The European Union and countries such as the United The Russian Cyber Armies States formally recognized attacked, the Estonian Cyber warfare as a threat and government who was April 2007 began creating legislation and bombarded with DoS attacks increasing cyber defense taking down most government systems. The attacks forced websites and halting all online organizations around the world banking. to finally prioritize cyber security.

Page 10 of 18 Hackers (allegedly from HAMAS) attacked Israel’s Addition of Cyber Defence to internet infrastructure using at Israel’s Military Doctrine as January 2009 least 5,000,000 computers, well as the rise of groups

therefore, temporarily in the region. paralyzing all government technology. This led to the creation of the world’s strongest cyber army A world-wide cyber-attack specializing in both offensive named ‘Red October’ was and defensive capabilities. The October 2012 found by Kaspersky affecting attack created an emphasis on much of Eastern Europe, Russia the importance of cyber security and Central Asia. and increased funding for

cyber-security within the Russian army. The Syrian Electronic Army Due to this attack President and Unit 32698 of the People’s Obama signed an executive Republic of China hacked The August 2013 order, which made Telecom New York Times’ website companies blacklist IP which was shut down for over addresses originating from 20 hours. certain countries and regions.

The personal information of 4 The United States and China million individuals employed begin talks to limit cyber June 2015 by the US government were espionage against each other, stolen. After investigations, the which end with agreement US stated they believe China between President Obama and was behind the hack. President Xi Jinping. The 2016 Presidential election The election of the President of showed how the electoral the US in 2016, was open to system could easily be hacked, November 2016 cyberattacks and other because of the weaknesses of malpractices from state actors the voting machines and the and lone wolves. absence of reliable paper trail.

Page 11 of 18 This was the world’s biggest The ‘Wanna Cry’ ransomware cyberattack in recorded history. infected 150 nations and over The attack led to an increased May 2017 300,000 computers. The worm interest in cybersecurity from

encrypted the data and then many countries because so asked for a bitcoin ransom. many were negatively affected for the first time. Along with new concerns risen regarding the possibility of With the 2020 US presidential Russian and Chinese hackers elections the spotlight is moved August 2019 attempting to infiltrate both onto the issue of hacking and American and European cyberwarfare. elections again, voter fraud and

now online/mail in ballots become an issue. Anonymous declared a large hacking sequence three days It is suspected that Anonymous after the killing of George are the cause for the downtime Floyd. An individual claiming and public suspension of the May 2020 to be Anonymous stated that Minneapolis Police Department "We are Legion. We do not website and its parent site, the forgive. We do not forget. website of the City of Expect us.” Anonymous Minneapolis. addressed police brutality.

Page 12 of 18 Previous Attempts to solve the Issue

United Nations

The UN has taken different proactive actions towards reducing the issue of cyber security transnationally. Methodologies which focus around developing offensive abilities and improving protection against cyberattacks. They have created the International Telecommunications Unit, in 1985, which focuses partly on reducing cyber-crime and increasing cyber security. Furthermore, they have created the International Multilateral Partnership Against Cyber Threats, in 2008, containing over 149 members. Additionally, international organizations such as the United Nations Office on Drugs and Crime have cooperated with the United Nations to implement task forces in order to confute these cyber-attacks.

Bilateral Agreements

Bilateral agreements can help and have helped resolve issues. In September 2015, Chinese President Xi Jinping and American President Barack Obama met and came to agreements regarding the issues related to cybersecurity, therefore had productive and successful solutions. In the meetings, they discussed measures that each government should take to reduce cyber espionage and they agreed to disallow any hackers from committing acts of cyber warfare and cyber espionage on each other. However, prior to the meeting, the US administration had warned that cyber-attacks may lead to sanctions and tariffs being placed on China.

Government Experts

In 2004, General Assembly First Committee established The Group of Governmental Experts. The Group has met four times and published three reports in 2010, 2013 and 2015. The GGE is a working group comprised of 15 experts appointed by the Office of the Secretary General to examine potential and existing cyber threats.

The Budapest Convention

The convention was the first treaty that delineated policies and legislation against cybercrime and encouraging transnational cooperation among Member States to address the threats. During the Budapest Convention on Cybercrime, in 2001, the first legally binding agreement over cyberspace was made on a regional level by the Council of Europe which entered in force in 2004. Twenty years later, the convention is still regarded as the most relevant international agreement on cybercrime. The convention has been endorsed by 63 countries and is considered a basis for international cyber law.

Page 13 of 18

Page 14 of 18 Possible Solutions The ideal of an end to cyber security is in the distant future and finding solutions to the issue is a significant challenge. Warms, Trojans and Ransomware attacks have affected about every country whether that be from hackers or other governments directly, and it has been seen that attacks of such large scales can have catastrophic effects on governments, economies, stability but especially safety if they aim to target military and nuclear arms. Therefore, it is of most importance to discuss and resolve the issue. In order to apply international law and treaties to cyber-attacks sound and solid proof is needed, however countries lack the ability to attribute these attacks because of its difficulty. In addition, the First Committee hasn’t defined categories and thresholds of what an act of war in the cyberspace is which makes it harder for countries to achieve accountability. Therefore, in order to maintain small cyber conflicts as small instead of large scale and catastrophic cyber wars, a comprehensive system of laws and thresholds is necessary. Even though collaboration is often disregarded as this issue is seen as a more national problem, it is one of the most crucial elements to keep networks, infrastructures and systems safe. Countries’ will to share capabilities and information, however, is fractional to what is needed as all countries are always considering the possibility of cyber attacking each other. Thus, the best and most effective way to reduce wariness and mistrust between countries, so that agreements can be made, and solutions can be found, is to develop the Confidence Building Measures (CBMs) among states. Conventional CBMs reduces tensions between countries and aims to build mutual trust by increasing transparency. A possible solution argued by the United Nations Institute for Disarmament Research is the stopping of the rapid increase of malicious tools and techniques along with carrying out effective measures to improve the resilience of networks and servers. This was a result of a test run by the Telecommunications Union, which showed that 50% of the countries examined lacked comprehensive cyber security and a defense strategy. National strategies are important and vital to identify cyber attacks’ risks and threats as well as establishing deterrents to the attacks. Furthermore, they could be able to assist nations with setting goals and objectives for research and development, warning and response mechanisms and international communication. The major issue with cyber-security is the thorough and large amount of data and networks which amount to the cyberspace which results in an immense difficulty in monitoring and controlling it in its entirety. The United States has been the considered the greatest protestor as well as the greatest threat to global cybersecurity because of its innovative abilities to monitor the boundless extent of data. Since the United States has been playing the biggest role in the monitoring all the data individuals, corporations and governments have become worried about their privacy and national secrets. Obviously this is a major issue and destroys the ideal of a solution based on collaboration.

Page 15 of 18 Edward Snowden demonstrated US spying on foreign nations and leaders has only increased this distrust. Therefore, the argument is that the internet and cyberspace should be controlled and monitored by an international group who answers to the world and not individuals or countries. This agency would be able to achieve larger accountability and transparency on cyber-attacks and cyber-security, because they would in theory be extremely unbiased and open to collaboration.

Page 16 of 18 Bibliography Bennett, Cory. “Obama Talks Cyber with Chinese President Xi Jinping.” TheHill, 31 Mar. 2016, ​ ​ www.thehill.com/policy/cybersecurity/274845-obama-talks-cyber-with-chinese-president-xi-j

inping?rl=1. ​ Frankenfield, Jake. “Artificial Intelligence (AI).” Investopedia, 6 Jan. 2021, ​ ​ www.investopedia.com/terms/a/artificial-intelligence-ai.asp. ​ ---. “Cyber Security - Hacktivism.” Investopedia, 3 Sept. 2019, ​ ​ www.investopedia.com/terms/h/hacktivism.asp. ​ Fruhlinger, Josh. “Malware Explained: Definition, Examples, Detection and Recovery.” CSO Online, ​ ​ 17 May 2019,

www.csoonline.com/article/3295877/what-is-malware-viruses-worms-trojans-and-beyond.ht

ml. ​ Kaspersky. “What Is a Trojan Virus?” Kaspersky.com, 2019, ​ ​ www.kaspersky.com/resource-center/threats/trojans. ​ Ray, Ashis. “Investigative Documentary Says 2016 US Election Was Exposed to Fraud.” Business ​ Standard India, 3 Nov. 2020, ​ www.business-standard.com/article/us-elections/investigative-documentary-says-2016-us-ele

ction-was-exposed-to-fraud-120110301848_1.html. ​ Sheldon, John B. “Cyberwar.” Encyclopædia Britannica, Britannica, 25 May 2016. Britannica, ​ ​ ​ ​ www.britannica.com/topic/cyberwar. ​ TechTerms. “Hardware Definition.” Techterms.com, 5 Dec. 2006, ​ ​ www.techterms.com/definition/hardware. ​ United Nations Economic and Social Commission for Western Asia. “Computer Emergency Response

Team.” Www.unescwa.org, 2011, www.unescwa.org/computer-emergency-response-team. ​ ​ ​ ​ United Nations Secretary General. “Latest Statements.” United Nations Secretary-General, 25 Jan. ​ ​ 2021, www.un.org/sg/en/latest/sg/statement?nid=7216. ​ ​ VM Ware. “Cyber Espionage.” VMware, www.vmware.com/topics/glossary/content/cyber-espionage. ​ ​ ​ ​

Page 17 of 18 Wikipedia Contributors. “Cyber Spying.” Wikipedia, Wikimedia Foundation, 31 Aug. 2019, ​ ​ www.en.wikipedia.org/wiki/Cyber_spying. ​ Wikipedia Contributors. “Timeline of Events Associated with Anonymous.” Wikipedia, 7 June 2020, ​ ​ www.en.wikipedia.org/wiki/Timeline_of_events_associated_with_Anonymous. ​

Appendix

i. Timeline of all instance of cyber-attacks

https://www.infoplease.com/world/cyberwar-timeline

ii. Budapest Convention On Cyber Crime

https://en.wikipedia.org/wiki/Convention_on_Cybercrime

iii. Research Paper on the Consequences of Cyber War

https://www.belfercenter.org/publication/making-sense-cyberwar

Page 18 of 18