The Dhirubhai Ambani International School Model United Nations 2020 Forum: GA(1) – Disarmament and International Security Issue: Advancing proactive cyber defence developments in the interest of national security Student Officer: Devajna Karan Gopal Position: Deputy Chair
Introduction Despite the advent of computer networks towards the end of the Cold War, the development of the World Wide Web in 1989 and the liberalization of the global economy led to major changes in human interaction and the way modern societies function. The connected world of the 1990s inaugurated great expectations: e-commerce potential was huge and several cultural hurdles to the growth and development of the economy were soon to be overcome, allowing developed and developing countries alike to engage in the global economy on a more equal footing. While this connectivity brought about the prospect of human improvement, it also birthed many vulnerabilities and threats, generally termed as, “cyber insecurities” or “cyber-crimes”. These cyber-crimes stem from the exploitation of information and communication technology (ICT) vulnerabilities by various state and non-state actors.
Although more prevalent after the development of the World Wide Web in 1989, it is possible to date initial ICT vulnerabilities back to the late 1960s. For instance, fears over the safety and security of private data had become such in the United States of America that the Congress in 1966 devoted three days to hearings on, “The Computer and Invasion of Privacy”1. Throughout the defence sector, there was also an increasing awareness that it was only a matter of time before these ICT vulnerabilities would be exploited by hackers to defraud banks and illegally access, obtain or manipulate data. Ever since, some state and non-state actors have preyed on these ICT vulnerabilities. Today, the number of national security concerns these cyber-crimes implicate are increasing in tandem with the increasing global dependence on ICTs, the dynamic fluctuations of inter and intrastate conflict, and a constantly changing international order.
These ICT vulnerabilities can severely affect nations, and as stated by former U.S secretary of defence, Leon Panetta, “An aggressor nation or extremist group could use these kinds of cyber tools to gain control of critical switches”2. Hackers can paralyze vital financial networks, transportation systems, electrical power-grids, and other governmental activities that rest on a framework built by computer- based systems. Along with that, any compromise in their ‘secured’ servers could lead to large breaches
1 Relyea, Harold C. “Personal Privacy Protection: The Legislative Response.” EveryCRSReport.com, Congressional Research Service, 24 May 2001, www.everycrsreport.com/reports/RL30671.html. 2 Bumiller, Elisabeth, and Thom Shanker. “Panetta Warns of Dire Threat of Cyberattack on U.S.” The New York Times, The New York Times, 12 Oct. 2012, www.nytimes.com/2012/10/12/world/panetta-warns-of-dire- threat-of-cyberattack.html Research Report | Page 1 of 16
The Dhirubhai Ambani International School Model United Nations 2020 of confidential, private or classified data that may threaten the security of millions, or even billions of people at a time.
Recent attacks that infringed upon the national security of countries include the attack in June 2015 when the dates of birth, social security numbers, fingerprints, residential addresses, and security- clearance-related information of 4 million individuals3 were stolen from the OPM (United States Office of Personal Management) - putting both the government, and its federal employees at risk. Some news agencies like the Wall Street Journal reported that the Chinese government was the source of the attack4. However, no factual evidence was found and hence the source of the attack remains unknown, owing to the lack of preparedness.
Previously ill-advised against potential cyber-insecurities, several governments under-estimated the consequences of cyber-attacks. Now, with the aforementioned increase in the prevalence of these attacks and the significant damage that they have inflicted upon countries, governments can no longer afford to ignore any insecurities. Bearing a reactive stance, they risk attacks that may further exploit any vulnerabilities, and threaten national security by controlling vital government servers, electronically activated weaponry, or power-grids that form the backbones of modern society. With the annual losses brought about by cyber-crime estimated to reach a whopping 6 trillion USD by 20215, a proactive stance offers a solution that prevents attacks by identifying hackers or unusual activity in advance. Thus, cyber- crime is moving the needle away from reactive cyber-defence to a case for proactive cyber-defence.
A formidable defence can only be built by investing in proactive cyber security, with emphasis on preventing an attack in the first place rather than responding to an attack. Examples of a proactive approach include strong access control, VLAN-based security, efficient intrusion detections setups, etc. Essentially, with prevention cheaper than remediation, such a strategy would greatly benefit governments worldwide in ensuring their national security.
In conclusion, one must note that with global leaders now voicing their concerns and discussing highly variegated solutions, it is necessary to preserve an “open, secure, accessible, and peaceful ICT environment”. Unfortunately, multisectoral and multi-institutional approaches involving the public and private sectors have made it difficult to reach a consensus on how to equally govern the numerous proactive policies that governments intend to employ. Thus, constructing ICT norms to govern and encourage developments agreeably as an international community is of great importance to secure a safe and conflict-free future to the development of proactive cyber-defence in the long-term.
3 Barrett, Devlin, et al. “U.S. Suspects Hackers in China Breached About 4 Million People's Records, Officials Say.” The Wall Street Journal, Dow Jones & Company, 5 June 2015, www.wsj.com/articles/u-s-suspects- hackers-in-china-behind-government-data-breach-sources-say-1433451888. 4 ibid 5 Fruhlinger, Josh. “Top Cybersecurity Facts, Figures and Statistics for 2020.” CSO Online, CSO, 9 Mar. 2020, www.csoonline.com/article/3153707/top-cybersecurity-facts-figures-and-statistics.html. Research Report | Page 2 of 16
The Dhirubhai Ambani International School Model United Nations 2020 Definition of Key Terms
Asymmetrical Warfare
Asymmetrical warfare is a form of warfare that, “is between opposing forces that differ greatly in military power and typically involves the use of unconventional weapons, strategies and tactics”.6
Attribution Law
Attribution law, detailed in the “Doctrine of Attribution”, plays an important role in defining State responsibilities. According to the United Nations Legal Committee, “The attribution of conduct to the State as a subject of international law is based on criteria determined by international law and not on the mere recognition of a link of factual causality. As a normative operation, attribution must be clearly distinguished from the characterization of conduct as internationally wrongful. Its concern is to establish that there is an act of the State for the purposes of responsibility. To show that conduct is attributable to the State says nothing, as such, about the legality or otherwise of that conduct, and rules of attribution should not be formulated in terms which imply otherwise.”7
Cyber-crime
At the Tenth United Nations Congress on the Prevention of Crime and Treatment of Offenders, cyber-crime was defined as, “Any illegal behavior committed by means of, or in relation to, a computer system or network, including such crimes as illegal possession [and] offering or distributing information by means of a computer system or network”.8
Denial of Service (DoS) Attack
A denial-of-service (DoS) attack is one that “occurs when legitimate users are unable to access information systems, devices, or other network resources due to the actions of a malicious cyber threat actor”.9
6 Webster, Merriam. “Asymmetric Warfare.” Merriam-Webster, Merriam-Webster, Date unknown, https://www.merriam-webster.com/dictionary/asymmetric%20warfare 7 Responsibility of States for Internationally Wrongful Acts, with Commentaries . United Nations Legal, 2001, https://legal.un.org/ilc/texts/instruments/english/commentaries/9_6_2001.pdf 8 Nations, United. “United Nations' Definition of Cybercrime.” Innovative Dynamic Networks, 8 Dec. 2014,https://idnwi.com/unitednationsdefinitioncybercrime/#:~:text=Cybercrime%20in%20a%20broader%20 sense,a%20computer%20system%20or%20network. 9 Security Agency, Cybersecurity and Infrastructure. “Security Tip (ST04-015).” Cybersecurity and Infrastructure Security Agency CISA, Department of Homeland Security, 4 Nov. 2009, www.us-cert.gov/ncas/tips/ST04- 015. Research Report | Page 3 of 16
The Dhirubhai Ambani International School Model United Nations 2020
Information and Communications Technology (ICT)
ICTs are defined by The United Nations Development Programme as, “information-handling tools - a varied set of goods, applications and services that are used to produce, store, process, distribute, and exchange information.”10
Proactive Cyber Defence
The United Nations Office on Drugs and Crimes states that proactive cyber defence measures, “seek to target prominent and emerging crime threats to reduce harm they cause rather than respond to crimes after they have been committed and as when they are reported”.11
Reactive Cyber Defence
The United Nations Office on Drugs and Crimes states that in contrast to proactive cyber defence, reactive cyber defence, “is applied to crimes that have already taken place and caused harm”12.
Background Information
Hacking bodies and bodies discreetly funded by states
As per international law, “the indication that an ICT activity was launched or otherwise originates from the territory or objects of the ICT infrastructure of a State may be insufficient in itself to attribute the activity to that State”. Often, due to the lack of incriminating evidence, many state-sponsored cyber- crimes often go unaccounted for and unpunished. This acts as an encouraging factor to governments that rely on asymmetrical vectors of warfare, as cyber-attacks can inflict significant damage and remain untraceable at the same time. In the event that the attacks were traced back to a country, the lack of efficiency in the investigation and attribution of cyber-crimes allows for governments to simply deny any responsibility and evade prosecution and adjudication for the attacks.
Investigation, prosecution and adjudication of cyber-crimes
Attribution compounds
Attribution compounding such as the justification of privacy breaches by actors through mentions such as, “an attempt to detect insecurities” allows actors to either misrepresent or conceal their actions.
10 Task Force, United Nations ICT. “Using Information and Communications Technology to Achieve the Millennium Development Goals.” Itu.int, ITU, Dec. 2003, www.itu.int/net/wsis/stocktaking/docs/activities/1103056110/ICTMDGFinal.pdf. 11 “Criminal Justice Assessment Toolkit.” Policing Crime Investigation, UNODC, Date unknown, www.unodc.org/documents/justice-and-prison-reform/cjat_eng/3_Crime_Investigation.pdf. 12 ibid Research Report | Page 4 of 16
The Dhirubhai Ambani International School Model United Nations 2020
Hence, both prosecution and deterrence are difficult, regardless of the means used, since such means are “largely predicated on being able to establish culpability”13.
Legal frameworks and set international norms
Current norms
Most ICT norms created till date have been created by the Group of Governmental Experts (GGE’s) which, in spite of having a growing number of member states, consist of less than 1/7th of all of the UN’s member states. Furthermore, different countries tend to take different legal stances and approaches towards cyber-crime. Thus, no internationally-accepted definition of cyber-crime exists, birthing legal obscurity in the prosecution and adjudication of cyber-crimes.
Limited Trust
The fact that only a few member nations have advanced proactive cyber-defense capacities and capabilities suggests that there is still limited trust in the prudency of proactive measures. However, it is essential that countries recognize the fact that a cyber-attack in one country can affect not only the country itself, but several other countries (like the attack in May 2017, when an attack in Lithuania affected over 60 countries14). This lack of trust is exacerbated by the fact that there are no internationally accepted standards for developing and advancing proactive cyber- defense measures (which bear a strong potential to influence the national security of several countries).
Private and public sector cooperation
With many private sector developers focused on discreetly developing new proactive security measures and later marketing them for profit (like new authentication systems), communication between government-funded developers and private developers remains very poor. The lack of collective action amongst the public and private sectors means longer time-periods for any significant developments and innovation to take place, leaving nations vulnerable to cyber-crime in the near future. Cooperation would mean lower costs of development as resources can be shared between the two sectors; however, costs remain very high at the moment.
High costs of development
Funding the research and development of proactive cyber-defense measures is quite expensive and requires consistent financing to be effective. In the long-term, if a particular facility is not affected by
13 UNIDIR. “UNIDIR Cyber Issues Workshop.” Report of the International Security Cyber Issues Workshop Series, United Nations, 27 Mar. 2020, www.unidir.org/files/publications/pdfs/report-of-the-international-security- cyber-issues-workshop-series-en-656.pdf. 14 Gohel, Prithviraj, and Dixita Rayani. “Cyber Attacks.” Google Books, P.D.apps, Date unknown, https://books.google.co.in/books?id=c8RKDwAAQBAJ&pg=PT70&lpg=PT70&dq=Cyber+attack+on+lithunaia +that+affected+60+countries&source=bl&ots=dFHqAmjFOs&sig=ACfU3U1PIqb18aL- 5nORNGGHSGTyq_neNQ&hl=en&sa=X&ved=2ahUKEwiYxKLZzJLqAhVEyjgGHUkDD1IQ6AEwAHoECAY QAQ#v=onepage&q=Cyber%20attack%20on%20lithunaia%20that%20affected%2060%20countries&f=false Research Report | Page 5 of 16
The Dhirubhai Ambani International School Model United Nations 2020 cyber-insecurities at all, then the costs of maintaining a proactive approach is often deemed too high to be kept in place, and thus, many internal stakeholders disapprove of employing any developed proactive measures. However, they do not consider the fact that the existence of proactive measures deters hackers in the first place and is responsible for the absence of cyber-crime perpetrated against them. This is a matter of grave concern due to the possibility of others following suit, leaving too many facilities defenseless against cyber-crime.
Privacy infringement
While many nations uphold the right to privacy to the best of their abilities, some parties have brought forward cybersecurity measures that infringe upon the privacy of companies and citizens. For instance, the Cyber Intelligence Sharing and Protection Act (CISPA) uses broad definitions (such as the definition of the information that companies are required to share with the government), in order to gain potential access to essentially all of a company’s data, regardless of the sensitivity. Moreover, after the Snowden leaks in 2013 (when Edward Snowden exposed the extensive internet and phone surveillance systems of the U.S government), citizens of several nations are becoming increasingly aware of such breaches of privacy – in fact, 79% of American citizens are worried that their government is ‘spying’ on them15. Thus, to prevent any further conflict between citizens and their respective governments, it is of vital importance that governments uphold their citizens’ right of privacy while implementing cyber defence technologies.
Major Countries and Organizations Involved
Anonymous
Anonymous is one of the most famous ‘hacktivist’ groups in the world. However, it isn’t a centralized hacking collective, it is an amorphous group of people that includes anyone who wishes to use the brand to put forth their causes16. Claiming that their cyber-attacks are a means to provide “justice to every citizen in the world”, they have conducted numerous cyber-attacks to date17. Many governments, however, consider Anonymous’ hackers as criminals and have carried several arrests on the accounts of cyber-stalking, computer hacking, and fraud18. One of their most famous hacks include
15 Reese, Hope. “79% Of Americans Fear Government Surveillance during COVID-19.” TechRepublic, TechRepublic, 28 Apr. 2020, www.techrepublic.com/article/79-of-americans-fear-government-surveillance- during-covid-19/. 16 News, ABC. "What To Know About The Worldwide Hacker Group ‘Anonymous’". ABC News, 2020, https://abcnews.go.com/US/worldwide-hacker-group-anonymous/story?id=37761302. 17 Anonymous. “Anonymous History: Who Started Anonymous Group.” Anonymous Hackers, Anonymous, 7 Mar. 2020, www.anonymoushackers.net/anonymous-history/. 18 News, ABC. "What To Know About The Worldwide Hacker Group ‘Anonymous’". ABC News, 2020, https://abcnews.go.com/US/worldwide-hacker-group-anonymous/story?id=37761302. Research Report | Page 6 of 16
The Dhirubhai Ambani International School Model United Nations 2020
‘Operation Tunisia’ where they launched DDoS attacks on Tunisian government websites in to protest against the government limiting access to internet in the country19.
Chaos Computer Club (CCC)
The Chaos Computer Club is Europe’s largest association of hackers and a strong advocate of computer ethics. For the past thirty years they have provided “information about technical and societal issues, such as surveillance, privacy, freedom of information, hacktivism, data security and many other interesting things around technology and hacking issues”20. Recently, CCC exposed several vulnerabilities in the German banking, government, and computer systems. This brought about several improvements in the cyber-defense department in the country as they were previously unaware of such insecurities. Most importantly, it helped safeguard the German computerized voting systems—which were previously vulnerable to manipulation by hackers21.
China
China bears a dominating presence in cyberspace. Over the years, it has denied several accusations of conducting cyber espionage22. While there is evidence of Chinese hacking groups (such as Naikon23) stealing state secrets from countries around the world, no ties have been found with the Chinese government. China is also one of the leading cyber-defence developers in the world and has advanced several proactive technologies such as the Cyber Defense Mimic (CDM) system24.
Democratic People’s Republic of Korea
The Democratic People’s Republic of Korea has been held accountable for several cyber-attacks over the past decade, and aggressively threatens further cyber-attacks against countries like the USA25. Over the years, it has used cyber-attacks to overcome sanctions, maintain domestic control26, display its
19 "Anonymous' Most Memorable Hacks ". Cbsnews.Com, 2020, https://www.cbsnews.com/pictures/anonymous- most-memorable-hacks/13/. 20 CCC. “Home.” CCC, Chaos Computer Club, Unknown, www.ccc.de/en/. 21 Silver, Vernon. “The Chaos Computer Club Is Fighting to Save Democracy.” Bloomberg.com, Bloomberg, 27 June 2017, www.bloomberg.com/news/features/2017-06-27/the-chaos-computer-club-is-fighting-to-save- democracy. 22 Sudworth, John. “China Denies Cyber Attack Allegations.” BBC News, BBC, 20 Feb. 2013, www.bbc.com/news/av/business-21514872/china-denies-cyber-attack-allegations 23 CP. “Naikon APT: Cyber Espionage Reloaded.” Check Point Research, Check Point Research, 14 May 2020, https://research.checkpoint.com/2020/naikon-apt-cyber-espionage-reloaded/ 24 Dan, Zhang. “China-Proposed Cyber Security Mechanism Blocks 2.8m Attacks in 48 Hours at Intl Contest.” Global Times, Global Times, 21 June 2020, 21:36:31, www.globaltimes.cn/content/1192344.shtml
25 Barrett, Brian. “DoJ Charges North Korean Hacker for Sony, WannaCry, and More.” Wired, Conde Nast, 9 June 2018, 15:12, www.wired.com/story/doj-north-korea-hacker-sony-wannacry-complaint/. 26 Shin, Hyonhee. “Mystery Hacker Steals Data on 1,000 North Korean Defectors in South.” Reuters, Thomson Reuters, 28 Dec. 2018, www.reuters.com/article/us-northkorea-southkorea/mystery-hacker-steals-data-on- 1000-north-korean-defectors-in-south-idUSKCN1OR0CS. Research Report | Page 7 of 16
The Dhirubhai Ambani International School Model United Nations 2020 power internationally and improve the regime’s reputation worldwide27. By causing large-scale disruption and financial losses, these cyber-attacks exploit any opportunities short of war.
European Union (EU)
The European Union has very stringent laws regarding cyberspace and over the years, it has taken several efforts to pass stricter laws so as to minimize its vulnerability to any cyber-attacks28. As the target of most cyber-attacks29, few accusations have been made against countries of the EU for any form of cyber-attack. Moreover, several cyber-defence programs have been launched by its member nations such as the European Conference on Cyber Warfare and Security (ECCWS)30 and the Forza NEC Programme31, which have made several advances in proactive defence in the past decade.
GhostNet
GhostNet is the codename used for a vast Chinese cyber-espionage network that has penetrated over 103 countries32. Ghost-Net was first discovered in March 200933, post-investigation of a potential breach of the Office of Dalai Lama in India, when the University of Toronto’s Citizen Lab analyzed forensic evidence. This was one of the first global realizations of the threat that privately-funded hacking groups can pose and subsequently lead to the legislation of stricter laws that govern private cyber- space34. Although a clear link has not been established, many believe it is funded by the Chinese government35.
27 Parsons, Ed, and Henry Bureau. “Understanding the Cyber Threat from North Korea.” UNDERSTANDING THE CYBER THREAT FROM NORTH KOREA, f-Secure, Unknown, www.f-secure.com/en/consulting/our- thinking/understanding-the-cyber-threat-from-north-korea. 28 Union, European. “Cybercrime.” Migration and Home Affairs - European Commission, European Union, 6 Dec. 2016, https://ec.europa.eu/home-affairs/what-we-do/policies/cybercrime_en 29 ENISA. “Exposure to Cyber-Attacks in the EU Remains High - New ENISA Threat Landscape Report Analyses the Latest Cyber Threats.” ENISA, European Union Agency for Cybersecurity, 28 Jan. 2019, www.enisa.europa.eu/news/enisa-news/exposure-to-cyber-attacks-in-the-eu-remains-high. 30 Onwubiko, Cyril. “ECCWS • Academic Conferences and Publishing International Ltd.” Academic Conferences and Publishing International Ltd, 13 May 2020, www.academic-conferences.org/conferences/eccws/. 31 Cricorian. “Forza NEC Programme and Europe.” Forza NEC Programme and Europe, IAI Istituto Affari Internazionali, Selex Sistemi Integrati, 22 Jan. 2015, www.iai.it/en/ricerche/il-programma-forza-nec-e- leuropa. 32 Shanghai, Malcolm Moore in. “China's Global Cyber-Espionage Network GhostNet Penetrates 103 Countries.” The Telegraph, Telegraph Media Group, 29 Mar. 2009, www.telegraph.co.uk/news/worldnews/asia/china/5071124/Chinas-global-cyber-espionage-network- GhostNet-penetrates-103-countries.html. 33 “GhostNet.” GhostNet - Cybersecurity Wiki, Harvard University, 9 Aug. 2012, 15:26, https://cyber.harvard.edu/cybersecurity/GhostNet 34 Seth, Karnika. “KarnikaSeth.com.” Evolving Strategies for the Enforcement of Cyberlaws | Karnika Seth - Cyberlawyer & Expert, Date unknown, www.karnikaseth.com/evolving-strategies-for-the-enforcement-of- cyberlaws.html
Research Report | Page 8 of 16
The Dhirubhai Ambani International School Model United Nations 2020
Russia
Russia has often been accused by countries to be funding hacking proxies in order to gain a foothold in major organizations, project power, and prepare for any escalation in hostilities36. While these allegations have been denied, the Gerasimov doctrine provides an insight into the country’s intentions. Written by Russian Chief of the General Staff, Valery Gerasimov, the doctrine details the potential use of unconventional levers, such as cyber-attacks to achieve Russia’s political goals without risking an armed conflict with its opponents37. On the flip side, the Russia’s Federal Security Service (FSB) has recently made many proactive cyber-defence investments such as The National Coordination Center for Computer Incidents (abbreviated as GosSOPSKA in Russian) to protect critical infrastructural facilities38.
United States of America
The USA is one of the most active parties in cyberspace. While denying numerous accusations of cyber-attacks39, its government has often been criticized by its own citizens of breaching their privacy40. With one of the largest cyber-defence budgets in the world, the USA has been making several developments in proactive cyber-defence technologies. In fact, two-star US Air Force General, B. Edwin Wilson said, “We have shifted from… a more reactive stance with regards to national security threats in the cyber domain… into a more proactive, assertive posture”41. One of the most recent hacks includes the temporary shutdown of the Minneapolis Police Department’s website (by the hacktivist group, “Anonymous”), in order to protest against the discrimination against the African-Americans in the country.
36 Raff, Michael, and Ed Parsons. Understanding the Cyber Threat from Russia, f-Secure, Unknown, www.f- secure.com/en/consulting/our-thinking/understanding-the-cyber-threat-from-russia. 37 Mckew, Molly K., et al. “The Gerasimov Doctrine.” POLITICO Magazine, POLITICO, Unknown, www.politico.com/magazine/story/2017/09/05/gerasimov-doctrine-russia-foreign-policy-215538. 38 Unknown. “Tag: National Coordination Center for Computer Incidents.” National Coordination Center for Computer Incidents – Cyber Security Review, 12 Sept. 2018, www.cybersecurity-review.com/tag/national- coordination-center-for-computer-incidents/. 39 Lecher, Colin. “Huawei Accuses the US of 'Launching Cyber Attacks' against the Company.” The Verge, The Verge, 4 Sept. 2019, www.theverge.com/2019/9/4/20849092/huawei-cyberattacks-us-government- netowrks-employee-harassment. 40 Toomey, Patrick. “The NSA Continues to Violate Americans' Internet Privacy Rights.” American Civil Liberties Union, American Civil Liberties Union, 23 Aug. 2018, www.aclu.org/blog/national-security/privacy-and- surveillance/nsa-continues-violate-americans-internet-privacy. 41 Lopez, C. Todd. “DOD More Assertive, Proactive in Cyber Domain.” U.S. DEPARTMENT OF DEFENSE, U.S Government, 28 June 2019, www.defense.gov/Explore/News/Article/Article/1891495/dod-more-assertive- proactive-in-cyber-domain/. Research Report | Page 9 of 16
The Dhirubhai Ambani International School Model United Nations 2020 Timeline of Events
Date Description of event
2000 In order to protest against the oppression in Kashmir, Pakistani Activists deface websites belonging to the Indian Government. Activists from the Middle East do the same to Israeli Websites to protest against the oppression in Palestine.
2001 Hackers from the USA and China engage in web defacement skirmishes amidst rising Chinese-American relations.
2001 The ‘9/11”’ terrorist attacks on the World Trade Center and Pentagon leads the U.S Judiciary to the legislate of multiple anti-terrorism laws, where they group hackers with
terrorists, and remove many long-standing personal freedoms in the name of public safety.
2002 Critical safety systems of the David-Besse nuclear power plant in Ohio, USA, are disabled by a worm.
2003 A Chinese cyber-espionage ring code-named ‘Titan Rain’ hacks U.S military bases, defense contractors, and aerospace companies.
2007 The Estonian government’s websites including those of the police, Ministry of Finance and Parliament in Estonia face multiple DoS attacks.
2010 Intelligence Services of the USA and Israel co-develop Stuxnet (a computer worm) and successfully sabotage Iranian nuclear research equipment and weapons program.
2011 In retaliation to the damage caused by Stuxnet, Iran creates “Shamoon” which destroys and wipes data on more than 35,000 workstations on the network of Saudi Aramco, causing huge losses.
2013 The Snowden leaks expose a global surveillance network that the US and its Five Eyes partners had set up after the 9/11 attacks. This leads countries like Iran, China, and Russia to create their own surveillance operations and boost foreign intelligence-gathering efforts, leading to an increase in cyber-espionage but also proactive cyber defence developments.
2015 In December, a cyber-attack on a Ukrainian power grid causes power outages across western Ukraine and is the first successful attack on a power grid's control network
2019 Security researchers (ethical hackers) reveal the exploits of iOS, Windows and Android to track Uighur Muslims in Xinjang cities in China
2020 The USA and the UK accuse Russian hackers of attempting to steal COVID-19 vaccine research.
Research Report | Page 10 of 16
The Dhirubhai Ambani International School Model United Nations 2020 Relevant UN Treaties and Events
● Developments in the field of information and telecommunications in the context of international security, 4 December 1988 (A/RES/53/70): This was one of the first resolutions that placed emphasis on the development of new cyber security measures to ensure international security.
● Developments in the field of information and telecommunications in the context of international security, 2 December 2011 (A/RES/66/24): This resolution welcomed collaboration with the GGE on developments in cybersecurity measures in the context of international security
● Developments in the field of information and telecommunications in the context of international security, 23 December 2015 (A/RES/70/237): This resolution strongly emphasized on the collaboration between nations, the secretary-general and the GGE with set objectives.
● Advancing responsible State behavior in cyberspace in the context of international security, 22 December 2018 (A/RES/73/266): Requests involvement and collaboration of the Office for Disarmament Affairs of the Secretariat, while establishing relatively new grounds for developments in cybersecurity.
Previous Attempts to solve the Issue
The Global Programme on Cybercrime was mandated to assist member states against cyber- related crimes. Over the years, it has provided technical assistance and through capacity building, has helped ameliorate the cyber-security standards of countries worldwide. However, it failed in creating an internationally recognized definition for cyber-crime and hence lacked proper foundation to prosecute and adjudicate any cyber offences.
At a national scale, many countries have taken their own measures to combat cybercrimes such as the USA, Russia, China, India, etc. These include alerts, advisories and the training of law enforcement personnel. However, at the strategic level, countries have not been able to institute sufficient mechanisms to track metrics on both the rates of cybercrime and the law enforcement actions taken against cybercriminals. Cyber-crime data typically relies on victim reporting, which the US FBI acknowledges usually only represents a “fraction” of the crimes that occur.42As the General Secretariat of the Council of the EU identified, even in cases where governments have established mechanisms to track statistics on cybercrime and cybersecurity, these mechanisms are often “insufficient, fragmented and do not allow comparison either between the different regions within the same Member State and between the different Member States.”43
42 Baker, Al. “An Iceberg of Unseen Crimes: Many Cyber Offenses Go Unreported.” The New York Times, The New York Times, 5 Feb. 2018, www.nytimes.com/2018/02/05/nyregion/cyber-crimes-unreported.html. 43 Peters, Allison, and Amy Jordan. Countering the Cyber Enforcement Gap: Strengthening Global Capacity on Cybercrime. Third Way, 2019, www.jstor.org/stable/resrep20150. Research Report | Page 11 of 16
The Dhirubhai Ambani International School Model United Nations 2020
The Group of Governmental Experts has been working to monitor developments in cyberspace. Unfortunately, the 2017 UN GGE failed to reach consensus in building on the 2015 report, in large part over a dispute as to whether international law is applicable to cyberspace.44 GGE reports also confirm that the indication of the origin of the attack might not be enough for attribution, and that accusations need to be substantiated. Since the official positions of the main actors are often divergent, this has left the issue of attribution compounds unchecked.
Possible Solutions
To lay the foundation for any solutions, there must first be cooperation among all concerned states and the U.N in the investigation and prosecution of international cases of criminal misuse of information technologies, with the objective of effective law enforcement. Cooperation between states in the development and application of proactive cyber-defense technologies is essential to prevent many cyber-attacks in the long-term by allowing for a faster pace of development and innovation.
To establish a strong legal framework, it is essential that pragmatic legislation of internationally- binding laws and norms is carried out in the format of the ‘United Nations Open-ended Working Group on Developments in the Field of Information and Telecommunications in the Context of International Security’, with support from the Group of Governmental Experts (GGE’s) on Developments in the Field of Information and Telecommunications in the Context of International. With the legislation conducted in accordance with their mandates and the mandate of the DISEC, this will ameliorate the process of investigation, prosecution and adjudication of cyber-crimes. This process must ensure the creation of an elaborate and internationally-accepted definition of cyber-crime to eliminate the validity of any attribution compounds, and thus allow for the prosecution of all offenders found guilty of committing cyber-crime.
Efforts to develop proactive cyber-security within individual countries are of vital importance. All member nations could conduct intra-state training and exercises to enhance response capabilities and test continuity and contingency plans in the event of an information infrastructure attack and encourage stakeholders to engage in similar activities. Apart from that, they could also conduct broad-based periodic risk assessments to identify threats and vulnerabilities to encompass key internal and external factors such as technology, physical and human factors, policies and third-party services with security implications. This will allow for the determination of the acceptable level of risk, assisting in the selection of appropriate controls to manage the risk of potential harm to information systems and networks in the light of the nature and importance of the information to be protected.
44 “The Year in Review: The Death of the UN GGE Process?” Edited by Net Politics, Council on Foreign Relations, Council on Foreign Relations, 21 Dec. 2017, https://www.cfr.org/blog/year-review-death-un- ggeprocess#:~:text=The%20Year%20in%20Review%3A%20The%20Death%20of%20the%20UN%20GGE %20Process%3F,The%20United%20Nations&text=An%20effort%20at%20the%20United,its%20cyber%20n orm%20promotion%20efforts. Research Report | Page 12 of 16
The Dhirubhai Ambani International School Model United Nations 2020
Furthermore, countries should promote partnerships among stakeholders in a nation, among both public and private sectors, to share and analyze critical infrastructure information in order to prevent, investigate and respond to damage to or attacks on such infrastructures.
Lastly, all member nations must ensure that the effort against the criminal misuse of information technologies requires the development of solutions taking into account both the protection of individual freedoms and privacy and the preservation of the capacity of Governments to fight such criminal misuse.
Bibliography
Anonymous. “Anonymous History: Who Started Anonymous Group.” Anonymous Hackers, Anonymous, 7 Mar. 2020, www.anonymoushackers.net/anonymous-history/
"Anonymous' Most Memorable Hacks ". Cbsnews.Com, 2020, https://www.cbsnews.com/pictures/anonymous-most-memorable-hacks/13/
Baker, Al. “An Iceberg of Unseen Crimes: Many Cyber Offenses Go Unreported.” The New York Times, The New York Times, 5 Feb. 2018, www.nytimes.com/2018/02/05/nyregion/cyber-crimes- unreported.html
Barrett, Brian. “DoJ Charges North Korean Hacker for Sony, WannaCry, and More.” Wired, Conde Nast, 9 June 2018, 15:12, www.wired.com/story/doj-north-korea-hacker-sony-wannacry-complaint/
Bumiller, Elisabeth, and Thom Shanker. “Panetta Warns of Dire Threat of Cyberattack on U.S.” The New York Times, The New York Times, 12 Oct. 2012, www.nytimes.com/2012/10/12/world/panetta- warns-of-dire-threat-of-cyberattack.html
CCC. “Home.” CCC, Chaos Computer Club, Unknown, http://www.ccc.de/en/
CP. “Naikon APT: Cyber Espionage Reloaded.” Check Point Research, Check Point Research, 14 May 2020, https://research.checkpoint.com/2020/naikon-apt-cyber-espionage-reloaded/
“Criminal Justice Assessment Toolkit.” Policing Crime Investigation, UNODC, Date unknown, www.unodc.org/documents/justice-and-prison-reform/cjat_eng/3_Crime_Investigation.pdf
Dan, Zhang. “China-Proposed Cyber Security Mechanism Blocks 2.8m Attacks in 48 Hours at Intl Contest.” Global Times, Global Times, 21 June 2020, 21:36:31, www.globaltimes.cn/content/1192344.shtml
ENISA. “Exposure to Cyber-Attacks in the EU Remains High - New ENISA Threat Landscape Report Analyses the Latest Cyber Threats.” ENISA, European Union Agency for Cybersecurity, 28 Jan. 2019, www.enisa.europa.eu/news/enisa-news/exposure-to-cyber-attacks-in-the-eu-remains-high
Fruhlinger, Josh. “Top Cybersecurity Facts, Figures and Statistics for 2020.” CSO Online, CSO, 9 Mar. 2020, www.csoonline.com/article/3153707/top-cybersecurity-facts-figures-and-statistics.html
Research Report | Page 13 of 16
The Dhirubhai Ambani International School Model United Nations 2020
“GhostNet.” GhostNet - Cybersecurity Wiki, Harvard University, 9 Aug. 2012, 15:26, https://cyber.harvard.edu/cybersecurity/GhostNet
Gohel, Prithviraj, and Dixita Rayani. “Cyber Attacks.” Google Books, P.D.apps, Date unknown, https://books.google.co.in/books?id=c8RKDwAAQBAJ&pg=PT70&lpg=PT70&dq=Cyber+attack+on +lithunaia+that+affected+60+countries&source=bl&ots=dFHqAmjFOs&sig=ACfU3U1PIqb18aL- 5nORNGGHSGTyq_neNQ&hl=en&sa=X&ved=2ahUKEwiYxKLZzJLqAhVEyjgGHUkDD1IQ6AEwA HoECAYQAQ#v=onepage&q=Cyber%20attack%20on%20lithunaia%20that%20affected%2060%2 0countries&f=false
Lecher, Colin. “Huawei Accuses the US of 'Launching Cyber Attacks' against the Company.” The Verge, The Verge, 4 Sept. 2019, www.theverge.com/2019/9/4/20849092/huawei-cyberattacks-us- government-netowrks-employee-harassment
Lopez, C. Todd. “DOD More Assertive, Proactive in Cyber Domain.” U.S. DEPARTMENT OF DEFENSE, U.S Government, 28 June 2019, www.defense.gov/Explore/News/Article/Article/1891495/dod- more-assertive-proactive-in-cyber-domain/
Mckew, Molly K., et al. “The Gerasimov Doctrine.” POLITICO Magazine, POLITICO, Unknown, www.politico.com/magazine/story/2017/09/05/gerasimov-doctrine-russia-foreign-policy-215538
Nations, United. “United Nations' Definition of Cybercrime.” Innovative Dynamic Networks, 8 Dec. 2014, https://idnwi.com/unitednationsdefinitioncybercrime/#:~:text=Cybercrime%20in%20a%20broader% 20sense,a%20computer%20system%20or%20network
News, ABC. "What To Know About The Worldwide Hacker Group ‘Anonymous’". ABC News, 2020, https://abcnews.go.com/US/worldwide-hacker-group-anonymous/story?id=37761302
OECD, iLibrary. “Chapter 1. Understanding E-Commerce.” OECD Instance, OECD , Mar. 2020, www.oecd-ilibrary.org/sites/1885800a-en/index.html?itemId=/content/component/1885800a-en#n- ch01-2
Onwubiko, Cyril. “ECCWS • Academic Conferences and Publishing International Ltd.” Academic Conferences and Publishing International Ltd, 13 May 2020, www.academic- conferences.org/conferences/eccws/
Parsons, Ed, and Henry Bureau. “Understanding the Cyber Threat from North Korea.” UNDERSTANDING THE CYBER THREAT FROM NORTH KOREA, f-Secure, Unknown, www.f-secure.com/en/consulting/our-thinking/understanding-the-cyber-threat-from-north-korea
Peters, Allison, and Amy Jordan. Countering the Cyber Enforcement Gap: Strengthening Global Capacity on Cybercrime. Third Way, 2019, www.jstor.org/stable/resrep20150
Raff, Michael, and Ed Parsons. Understanding the Cyber Threat from Russia, f-Secure, Unknown, www.f-secure.com/en/consulting/our-thinking/understanding-the-cyber-threat-from-russia
Research Report | Page 14 of 16
The Dhirubhai Ambani International School Model United Nations 2020
Reese, Hope. “79% Of Americans Fear Government Surveillance during COVID-19.” TechRepublic, TechRepublic, 28 Apr. 2020, www.techrepublic.com/article/79-of-americans-fear-government- surveillance-during-covid-19/
Relyea, Harold C. “Personal Privacy Protection: The Legislative Response.” EveryCRSReport.com, Congressional Research Service, 24 May 2001, www.everycrsreport.com/reports/RL30671.html
Responsibility of States for Internationally Wrongful Acts, with Commentaries . United Nations Legal, 2001, https://legal.un.org/ilc/texts/instruments/english/commentaries/9_6_2001.pdf
Security Agency, Cybersecurity and Infrastructure. “Security Tip (ST04-015).” Cybersecurity and Infrastructure Security Agency CISA, Department of Homeland Security, 4 Nov. 2009, www.us- cert.gov/ncas/tips/ST04-015
Seth, Karnika. “KarnikaSeth.com.” Evolving Strategies for the Enforcement of Cyberlaws | Karnika Seth - Cyberlawyer & Expert, Date unknown, www.karnikaseth.com/evolving-strategies-for-the- enforcement-of-cyberlaws.html
Shanghai, Malcolm Moore in. “China's Global Cyber-Espionage Network GhostNet Penetrates 103 Countries.” The Telegraph, Telegraph Media Group, 29 Mar. 2009, www.telegraph.co.uk/news/worldnews/asia/china/5071124/Chinas-global-cyber-espionage- network-GhostNet-penetrates-103-countries.html
Shin, Hyonhee. “Mystery Hacker Steals Data on 1,000 North Korean Defectors in South.” Reuters, Thomson Reuters, 28 Dec. 2018, www.reuters.com/article/us-northkorea-southkorea/mystery- hacker-steals-data-on-1000-north-korean-defectors-in-south-idUSKCN1OR0CS
Silver, Vernon. “The Chaos Computer Club Is Fighting to Save Democracy.” Bloomberg.com, Bloomberg, 27 June 2017, www.bloomberg.com/news/features/2017-06-27/the-chaos-computer- club-is-fighting-to-save-democracy
Steinberger, Richard. “Proactive vs. Reactive Security.” Computer Crime Research Center - Daily News about Computer Crime, Internet Fraud and Cyber Terrorism, Crime-Research.org, Date unknown, www.crime-research.org/library/Richard.html
Sudworth, John. “China Denies Cyber Attack Allegations.” BBC News, BBC, 20 Feb. 2013, www.bbc.com/news/av/business-21514872/china-denies-cyber-attack-allegations
Task Force, United Nations ICT. “Using Information and Communications Technology to Achieve the Millennium Development Goals.” Itu.int, ITU, Dec. 2003, www.itu.int/net/wsis/stocktaking/docs/activities/1103056110/ICTMDGFinal.pdf
“The Year in Review: The Death of the UN GGE Process?” Edited by Net Politics, Council on Foreign Relations, Council on Foreign Relations, 21 Dec. 2017, https://www.cfr.org/blog/year-review-death- un- ggeprocess#:~:text=The%20Year%20in%20Review%3A%20The%20Death%20of%20the%20UN Research Report | Page 15 of 16
The Dhirubhai Ambani International School Model United Nations 2020
%20GGE%20Process%3F,The%20United%20Nations&text=An%20effort%20at%20the%20United ,its%20cyber%20norm%20promotion%20efforts
Toomey, Patrick. “The NSA Continues to Violate Americans' Internet Privacy Rights.” American Civil Liberties Union, American Civil Liberties Union, 23 Aug. 2018, www.aclu.org/blog/national- security/privacy-and-surveillance/nsa-continues-violate-americans-internet-privacy
UNIDIR. “UNIDIR Cyber Issues Workshop.” Report of the International Security Cyber Issues Workshop Series, United Nations, 27 Mar. 2020, www.unidir.org/files/publications/pdfs/report-of-the- international-security-cyber-issues-workshop-series-en-656.pdf
Union, European. “Cybercrime.” Migration and Home Affairs - European Commission, European Union, 6 Dec. 2016, https://ec.europa.eu/home-affairs/what-we-do/policies/cybercrime_en
Unknown. “Tag: National Coordination Center for Computer Incidents.” National Coordination Center for Computer Incidents – Cyber Security Review, 12 Sept. 2018, www.cybersecurity- review.com/tag/national-coordination-center-for-computer-incidents/
“What Is Proactive Cyber Defense?” Cybrary, Cybrary, Apr. 2017, https://www.cybrary.it/study- guides/whatisproactivecyberdefense/#:~:text=Proactive%20Cyber%20Defense%20is%20defined,a ttack%20against%20computers%20and%20networks.&text=Proactive%20defense%20helps%20m itigate%20operational%20risk
Webster, Merriam. “Asymmetric Warfare.” Merriam-Webster, Merriam-Webster, Date unknown, https://www.merriam-webster.com/dictionary/asymmetric%20warfare
Research Report | Page 16 of 16