Upload
others
View
3
Download
0
Embed Size (px)
Citation preview
TIANMUN 2018 Disarmament Committee –
1
FORUM: Disarmament Commission
ISSUE: Measures to suppress International Cyber
Espionage
STUDENT OFFICER: Tony (Seon Kwan) Cho
POSITION: Deputy President of Disarmament Commission
Introduction
Nowadays, with the advance of technology, the internet
has become an integral part of people throughout the world:
from communicating with people through Social Network
Service to learning, shopping, and banking, the presence of the
internet has become ubiquitous in every aspect of the modern
society. Yet, people undoubtedly expect that the potential threats
in the cyber realm will most likely to increase year by year, as
the use of digital devices will unceasingly be soaring, while
malign performers are becoming more emboldened and better armed with cyber-related technology. As
the President Obama once said “It is now clear that cyber threat is one of the most serious economic and
national security challenges we face as a nation,” the potential threats in the cyber realm are becoming a
reality for us, as a cascade of infected, malicious websites are prevalent
The outcomes of this act include not only seepage of salient confidential government documents
but also the leakage of company secrets, as evidenced by two major cyber espionage operations—
Operation Shady Rat and Operation of Aurora. The Operation Shady Rat has stolen corporate and
government data from more than 74 agencies and companies all over the world since 2012; the victims of
this act include United Nations, International Olympic Committee, Samsung, Apple. The Operation of
Aurora is another example; Google, in the beginning of 2010, claimed that the company faced a series of
cyber threats. Furthermore, it is later revealed that the hackers also stole information from more than 20
international corporations, including Yahoo and Microsoft. The People’s Republic of China has been
suspected of being behind this cyber-attack. These, however, are a few examples of this issue that have
recently garnered nationwide and international attention, pointing out the importance of acts against the
potential threats in the cyber realm and illustrating that many things are at stake.
Cyber Espionage: Hackers
TIANMUN 2018 Disarmament Committee –
2
Background Throughout human history, nations have been trying to undermine each other through clandestine
activity--espionage. In the early Egyptian dynasties, spies sought for weak tribes that could be easily
subjugated and enslaved. Several millennia later, Chinese and Indian military generals-Sun Tzu and
Chanukah, respectively- stressed the need for espionage tactics for military purpose. Spies were also
prevalent in the Greek and Roman empires. During 13th and 14th century, Mongolians relied heavily upon
spying in their colonies in Asia and Europe.
Compared to the traditional espionage, the modern
espionage poses a great threat to international security. In 1999,
the Congress of the United States expressed its utmost worries
and concerns on the seepage of the confidential documents
regarding the Weapons of Mass Destruction, commonly known as
WMD, stating that China had been stealing highly classified
information on thermonuclear warhead in the country’s
intercontinental ballistic missile (ICBM) arsenal. It was later revealed that every computer at the
American nuclear lavatories in the U.S. was infected by a certain virus that submitted design of advanced
warheads, the neutron bomb, and even weapon codes, which allow computer to initiate nuclear testing,
directly to secret agents of People's Republic of China. The leakage of weapon codes allowed China to
develop and enhance their nuclear weapons without having to conduct their own nuclear testing. What is
worse, a report-- published by the Security Council of the United Nations in 2010--stated that China has
backed development of nuclear weapons and consecutive testing of Submarine-Launched Ballistic
Missiles (SLBM) of Democratic People’s Republic of Korea (DPRK), using the data of the United States.
Because nuclear weapons pose a great threat to humanity, all nations possessing nuclear weapons have
exhaustive rules against sharing information regarding the development of nuclear weapons. Therefore, it
is now flagrant that China has yielded a great threat to the world security.
Office of Personnel Management Data Breach It is never overstatement that the biggest case of cybercrime in the U.S. history was Office of
Personnel Management Date Breach. In July, 2013, specialized hacking members from Russia and
Ukraine hacked a number of networks in the U.S., obtaining accesses to the bank account details of many
celebrities and corporates: the hacked companies include Nasdaq, Visa Card, American Airline, and
Carrefour NA. The investigators announced that the total loss resulted from this attack costed over $300
million, saying “in recent years, people with the ability to hack are the greatest threat to international
Weapons of Mass Destruction: Nuclear Bomb
TIANMUN 2018 Disarmament Committee –
3
security.” This incident showed the susceptibility of large corporates armed with sophisticated protection
system.
Problems Raised Violation of Rights and Properties and Security of Individuals
The internet not only plays such salient roles but does it
also offers people with space to save and store their personal
information and money. Since one of the chief aims of cyber-
espionage is to gain money, the malign actors devise a number
of methods to hack into the people’s banking accounts. It is no
exaggeration to say that most people’s banking accounts are at
high risk of getting cyber-attack, as exemplified by several
cyber assaults on numerous banking systems throughout the
world. In 2015, for instance, thousands of Canadian Central Banks' accounts were targeted by Chinese
cyber-terrorists, so-called Zeus; due to their assault, Canadian Central Bank lost $160,000 in just one day.
In2016, North Korean hackers conducted a cascade of cyber-attacks against the Central Bank of
Bangladesh, resulting in the cyber extortion of $81million.
Economic Impact of Cyber Espionage In this technology-driven era, an effective
advancement, implementation, and protection of technology
is determined by whether or not the corporations,
organizations, and nations meet their fiasco. Cybercriminals
are concentrated on attacking commercial websites/
organizations. According to a research conducted by Pilot in
2010, 193 out of 200 businesses responded that they have
been attacked by cybercriminals using malicious computer
viruses such as Ransom ware. The Record Industry Association of America (RIAA) estimated that the
cybercrimes targeting businesses cost about $13.9 billion per annum in economic losses on a global scale.
International Actions Convention on Cybercrime
Victims of cyberattack: Bank
Dollars: huge economic losses
TIANMUN 2018 Disarmament Committee –
4
The convention on cybercrime, also known as the Budapest Convention on Cybercrime, was the
first treaty that attempted to recognize the gravity of the cyber-related crimes, along with the enforcement
of the national laws, enhancement of investigative systems, and increment of cooperation among the
member states. This treaty was a great step towards international collaboration against cybercrime;
however, since it was drafted by the European Union, countries such as Brazil, China, and India refused
to follow this treaty, saying that they are not part of the European Union, and that it is a violation of their
sovereignty. Moreover, Russian Federation opposed to sign and ratify its problems, stating that adoption
of this treaty might severely infringe and violate its sovereignty.
Agreement between the USA and China in 2015 China, as presented, has been suspected to be one of the biggest hubs of the cyber-related crimes.
However, there is a hope that the agreement between the U.S. and China in 2015 may alleviate the gravity
of this situation. In September 2015, Chinese President Xi and the U.S. president Barack Obama met and
discussed the future plans for the cyber security and solutions to it; in their meeting, both of them
expressed a deep concern on this issue, contending that both governments should curb cyber-spying acts
on both sides. They agreed to implement a policy precluding the hackers from committing acts of cyber
espionage.
Key Players Russia
Russia will most likely conduct more stout, destructive
cyber operations in the following years, as it is evidenced by the
successive cyber-attacks against Ukraine. Russian government is
reported to be preparing for an array of cyber operations, which
shall target interruption of Ukrainian energy distribution branches,
interception of communication system at military base, operation of false flag, circulation of denial-of-
service attack, and many others. The Russian government’s cyber-attack will not be confined to Ukraine;
Russian intelligence will continue to operate cyber-attacks and espionage against the United States and its
allies, including Republic of Korea and Canada, in order to probe their critical infrastructure and
confidential documents regarding weapons. They will also target the US-related organizations such as
NATO in order to get insights as to the future US foreign policies.
Russia
TIANMUN 2018 Disarmament Committee –
5
China China’s use of cyber warfare poses a bulky threat to international
security and economy. It is an incontrovertible fact that China will continue
using more advanced cyber-attack and espionage in order to boost national
priorities, as evidenced by China’s 12th Five-Year Plan, which covers
2015~2020. The Federal Bureau of Investigation (FBI) continue to
scrutinize the ongoing cyber-attacks coming from China; the United States has accused China of
conducting a series of cyber-attacks against the US. The accusations include China’s cyber espionage
against American civilians and investigation of important military, commercial, research, and industrial
data bases. With China’s 12th Five-Year Plan--China’s stout desire for being a superpower of the world--,
many analysts contend that China will have the most advanced and aggressive cyber warfare capabilities
in the world. It, indeed, is no hyperbole to say that China will most likely steal more secrets from
entrepreneurs and governments than any other countries in the following years.
Democratic People’s Republic of Korea It is highly anticipated that North Korea’s cyber-attack and
espionage to help its fund-raising plans and gather intelligence will most
likely ascend in the following years, despite harsh sanctions imposed on
North Korea. North Korea has operated a series of attacks against the
Unites States and its partners-- especially South Korea by distributing
denial-of-service (DDOS) attacks, deleting data collection of the government, and deployment of ransom
wares. In 2016, North Korean hackers conducted a cascade of cyber-attacks against the Central Bank of
Bangladesh, resulting in the cyber extortion of $81million. It, hence, is undoubtedly expected that North
Korea will a great threat to international security and economy.
The United States of America The United States of America has been one of the greatest
victims of cyber-related crimes. As such, the United States of
America has taken an array of schemes to prevent cybercrimes and
prosecute cybercriminals. The U.S., for example, annually host the
Conference for Cyber Crime, a commission that deals with the enforcement of the Federal Laws and
enhancement of detecting-techniques.
China
DPRK
United States of America
TIANMUN 2018 Disarmament Committee –
6
Possible Solutions Collaboration with NGOs and Interpol The General Assembly (GA), Economic and Social Council (ECOSOC), and Security Council
(SC) of the United Nations often address the gravity of cyber espionage and attacks. Therefore, they call
for the cooperation of the member states to combat cybercrimes. However, as mentioned, the tangible
results have been evasive so far; a major adversity in combating cybercrimes is very hard to tract the
records, since the cybercrimes take furtive forms. Yet, several Non-Governmental Organizations (NGOs)
that are responsible for coordinating schemes and tracking the information regarding cyber espionage
have stopped monitoring malice actors and reporting the cyber security issues. With the absence of the
NGOs, the United Nations and its member states have been experiencing difficulties in implementing the
policies combating cybercrimes. To realize successful results, the member states also start cooperating
with INTERPOL. INTERPOL has proved itself that it should be the mediating body in this conflict,
offering a lot of nations with national police training and specific international procedures that could be
implemented in case of an assault. All member nations should start recognizing the importance of the
presence of the NGOs and, therefore, should create the organizations that can collaborate with the
member states.
Treaty and Convention (International Cooperation) Ever since its creation, the role of the United Nations has been to strengthen and ignite
international cooperation. With soaring rates of cybercrimes worldwide, the need for international
cooperation has grown greatly. Although many attempts have been taken, a lack of cohesion and
cooperation among member states have made them elusive so far. A treaty and convention, hence, should
be drafted and implemented by all member states: some nations such as India, China, and Russia rejected
to sign the Budapest Convention on Cybercrime, saying that it severely violates their sovereignty, though
the Budapest Convention clearly defined and addressed goals and procedures for cybercrime, along with
all nations that belong to the United States. Thus, the possible solution must include some clauses that
deal with the creation and ratification of treaty and convention, along with an encouragement of
international cooperation.
Glossary Cyber Espionage
TIANMUN 2018 Disarmament Committee –
7
Cyber espionage, also known as cyber spying, is the act or practice of obtaining secrets and
information without the permission and knowledge of the holder of the information from individuals,
competitors, governments, and enemies for personal, economic, political, and military advantage through
deploying such malicious software-viruses- as Trojan horses and spyware.
Cyber Terrorist Cyber terrorists are group of people who conduct cyber terrorism by supporting and backing up
each other. Most cyber terrorists tend to harm vulnerable victims with a specific purpose to benefit
themselves. Most terrorists avoid being caught by social network security system by utilizing techniques
that preclude people from detecting the source of terrorism.
Information Warfare Information warfare is a specific type of violence that occurs between two opposing sides that are
trying to gain access to each other’s information. Several techniques that can be employed during the
warfare includes the spreading of propaganda, demoralization of the opponent, or falsely uploading
wrong information in order to manipulate other people into going against the opponent. Information
warfare is also considered as psychological warfare that springs between the two conflicting sides
because the knowledge-level of various techniques plays a huge role during the warfare.
Denial-of-Service attack (DDOS attack) DDOS attack is utilized by numerous cyber terrorist groups worldwide that help them achieve
their goals without revealing their identity. This technique involves ways to attack the victims through
numerous websites in order to prevent the victims from finding the members of the terrorist groups at
ease. Terrorist groups, such as the Anonymous, utilize this technique to attack and censor the opponents.
TIANMUN 2018 Disarmament Committee –
8
Sources AFP. "China Cybercrime Costing US Billions: FBI Chief | SecurityWeek.Com." Security Week.
Security Week Network, 5 Oct. 2014. Web. 21 Aug. 2015.
<http://www.securityweek.com/chinacybercrime-costing-us-billions-fbi-chief>. Baldwin,
Roberto. "Frenemies US and China Join Forces to Fight Cyber Crime." Engadget. Aol Tech,
13 Apr. 2015. Web. 12 Aug. 2015.
<http://www.engadget.com/2015/04/13/dhs-chinacyber-security/>. "China's Policy Paper on the
EU: Deepen the China-EU Comprehensive Strategic Partnership for Mutual Benefit and
Win-win Cooperation." Ministry of Public Affairs of the People's Republic of China. Apr.
2014. Web. 12 Aug. 2015.
<http://www.fmprc.gov.cn/mfa_eng/zxxx_662805/t1143406.shtml>. "Combating Cyber Crime."
Homeland Security. Department of Homeland Security, 27 Apr. 2015. Web. 20 Aug. 2015.
<http://www.dhs.gov/topic/combating-cyber-crime>. "Combating Cybercrime in a Digital Age."
European Cybercrime Center (EC3). Europol, 16 Mar. 2014. Web. 12 Aug. 2015.
<www.europol.europa.eu>. COMMUNIQUÉ (1997). Council of Europe. 10 Dec. 1997. Web. 9
Aug. 2015.
<http://www.coe.int/t/dghl/cooperation/economiccrime/cybercrime/Documents/Points%20of%20C
contact/24%208%20Communique_en.pdf>. "Convention on Cybercrime." Council of Europe.
Council of Europe, 23 Nov. 2001. Web. 20 Aug. 2015.
<http://conventions.coe.int/Treaty/EN/Treaties/Html/185.htm>. "Convention on Cybercrime."
Wikipedia. Wikimedia Foundation, 18 Aug. 2015. Web. 20 Aug. 2015.
<https://en.wikipedia.org/wiki/Convention_on_Cybercrime>. "Cybercrime." INTERPOL.
INTERPOL, 17 Nov. 2014. Web. 12 Aug. 2015.
<http://www.interpol.int/Crime-areas/Cybercrime/Cybercrime>. "EU International Cyberspace
Policy." European Union External Action. European Union, 26 Oct. 2013. Web. 12 Aug. 2015.
<http://eeas.europa.eu/policies/eu-cyber-security/>.
"G8." Cybercrime Law. Cybercrime data AS, 12 Mar. 2012. Web. 10 Aug. 2015.
<http://www.cybercrimelaw.net/G8.html>. "G8 Wages War on Cyber-crime." BBC News. BBC, 11
Dec. 1997. Web. 9 Aug. 2015.
<http://news.bbc.co.uk/2/hi/science/nature/38009.stm>. Harmati, Judit. "Initial Training International
Competition - Third Edition –." International Cooperation in Criminal Matters in the European
Union (2008): 3-16. Council of Europe. Web. 9 Aug. 2015.
<http://www.coe.int/t/dghl/cooperation/lisbonnetwork/Themis/Criminal/Paper4_en.pdf>.
"International Cybercrime." Wikipedia. Wikimedia Foundation, 20 Apr. 2015. Web. 10 Aug. 2015.
TIANMUN 2018 Disarmament Committee –
9
<https://en.wikipedia.org/wiki/International_cybercrime>. Koul, Scaachi. "A Timeline of
Cyberwar and Cybercrime | Hazlitt." Hazlitt. Penguin Random House, 21 May 2013. Web. 12
Aug. 2015. <http://penguinrandomhouse.ca/hazlitt/blog/timelinecyberwar-and-cybercrime>. Lee,
Martin. "The Evolution of Cybercrime: From Julius Caesar and Prince Philip to State Sponsored
Malware." International Business Times RSS. IB Times, 07 Aug. 2015. Web. 12 Aug. 2015.
<http://www.ibtimes.co.uk/evolution-cybercrime-julius-caesar-prince-philip-statesponsored-
malware-1514552>. "