SECURITY COUNCIL

The protection of Global Cyber Security

TABLE OF CONTENTS

General Background: COUNCIL & TOPIC

HISTORY AND CURRENT SITUATION
INTERNATIONAL THREATS OF CYBER SECURITY
IMPORTANT EVENTS AND MORE INFORMATION
QUESTIONS AND CHALLENGES TO CONSIDER
REFERENCES

1
 GENERAL BACKGROUND

Council description

Six principal organs were established by the United Nations Charter: one of them is the
Security Council. It was created following the end of World War II, and it held its first session
on 17 January 1946.

This council has fifteen members who are obligated to comply with its decisions: 5
permanent members (China, France, The United Kingdom, The United States of America,
and The Russian Federation), that dispose of the Veto power, and 10 non-permanent
members elected by the General Assembly of the United Nations for a term of two years.
The election of these members is based according to a specific pattern set by the General
Assembly.

The Security Council is primarily responsible for maintaining international peace and
security in accordance with the purposes and principles of the United Nations. It takes in
lead determining any threats to international peace and tries to settle it by recommending
methods of adjustments, and if required, it can resort to imposing sanctions or authorize
the use of force.

Topic description

The digital world plays an important role in the improvement of human life. However, its
unintended effects represent a risk to the security of people and countries around the
world. Due to the increase in the severity, frequency, and sophistication of cyber-enabled
threats, global cybersecurity remains at risk as policy and legal frameworks stand
inconsistent and communications technologies are most vulnerable.

The term Cybersecurity is the technological, professional, and controllable acts to recover
data, protect computer systems, devices, and networks from multiple threats such as:

- Malware: a software designed to cause damage to a computer, server, client, or computer

network.

- Phishing: a type of social engineering often used to steal user data. It is where an attacker
uses the identity of a trusted entity to trick a user into revealing sensitive information or
even deploying hostile software on the victim’s infrastructure.

- Ransomware: malware that locks up access to a victim’s personal data and threatens to
publish it or block access to it, unless the ransom demanded gets paid usually in
cryptocurrency.

-Data breaches: the intentional or unintentional leakage of secure confidential information

to an untrusted environment.

2
- Man-in-the-middle-attack: a cyber-attack on two parties who believe they are directly
communicating with each other by relaying or altering their communication.

However, digital espionage and cyber-attacks are not the only challenges to global
cybersecurity, as cybercriminals have built a developed marketplace trading confidential
information, people, and illicit goods going against national and international law.

In addition, terrorist groups are exploiting the power of social media to attract new
recruiters, making governments and individuals grow as targets for cybercrime.

To effectively address the increasing challenges of cyber threats on the global security and
development, the United Nations considers the ensuring of the good usage of technology is
a critical point to its mandate to improve human lives around the globe and emphasizes the
importance of cooperation of all stakeholders.

HISTORY AND CURRENT SITUATION

History of Cyber Security:

Throughout the entire existence of the advanced world of technology:

In 1969, the first electronic message was sent from UCLA SDS Sigma 7 host computer to a
programmer, at the Stanford Research Institute. The sent message from UCLA was the word
"login." When they typed the first two letters "lo." the system crashed. Since then, this story
has been a belief that the programmers typed the beginning message "lo and behold."
While factually believed that "login" was the intended message.

In 1970s, Bob Thomas who was a researcher and a developer for BBN Technologies in
Cambridge, Massachusetts, wrote a program that used PCs on the network to print the
message: “I’m the creeper; catch me if you can.” This was the first time a program moved
starting with one computer then onto the next all alone. This was a harmless experiment,
but we can now say this was the first computer worm or virus. He understood that it was
possible for a computer program to move across a network, leaving a progression of signs
wherever it went. He named the program Creeper and designed it to go between Tenex
terminals on the early ARPANET.

Fittingly, the appearance of the first computer worm led to the first cybersecurity effort to
eliminate an unapproved program. An American computer programmer named Ray
Tomlinson, the inventor of the first networked mail messaging system was also working for
BBN Technologies at the time. He saw this idea and liked it. He tinkered with the program
and made it self-recreating "the first computer worm." He named the program Reaper, the
first antivirus software which would discovered copies of The Creeper and erase it.

Current situation:

3
On this day, almost 3 billion individuals (40%) have access to the Internet.

The endless possibilities combined with the immense amount of users have made the
Internet an ideal spot for cybercrime. The scope of hacking attacks can range from small-
scale personal websites to national security information.

As conventional online protection programs that distinguished potential dangers based on

their "signature" started to fail, the first "next-gen" antivirus programming started using big
data analysis to identify malware by taking a broad, holistic view of user behaviours,
network traffic, and application activity.

In 2018, because of worries around the volume and security of personal data held by
organizations, the European Union started enforcing the General Data Protection Regulation
(GDPR), a regulation establishing an obligatory data protection baseline. In addition to other
things, it established that companies should have a response plan in case of a data breach.

Starting at 2020, it is estimated that there are generally 6.8 internet-connected (IoT) devices
per individual around the globe. As the amount of personal data turns out to be more
available, cybersecurity concerns continue to grow.

In addition, nowadays, the number of malware being produced exploded. From a few tens
of thousands of known samples in the early 90s to around 500,000 unique malware samples
were being produced every day in 2014. A new type of malware is being used more and
more which is the fileless one. The system vulnerabilities are just a number of common ways
that permit attackers to bypass traditional antivirus.

INTERNATIONAL THREATS OF CYBERSECURITY

International threats of cybersecurity on the global economy

With the digitalization of global enterprises supported by data analytic, cloud computing and other
evolving technologies, the importance of data as an input to industries has increased, making digital
data flow the foundation of the global economy. This digitalization does not apply only to
information industries but also to manufacturing and traditional ones. According to a report made
by “McKinsey & Company”, an American worldwide management-consulting firm, traditional
industries are responsible for 75 percent of the value created by the internet. It has also mentioned
in its report that the internet influenced economic wealth for the masses, increased standards of
living, and contributed to growth, creating a bond of reinforcement between economic development
and the internet.

The importance of cyberspace in shaping the global economy is undeniable. Therefore, it is

considered vital to protect it against unauthorized breaches and illegal activities. However, the lack
of protection resulted in multiple attacks on organizations and individuals causing enormous
monetary losses.

4
According to the 2019 Official Annual Cybercrime Report by Cybersecurity Ventures, sponsored by
Herjavec Group, cybercrime is one of the most significant threat to all countries around the globe. It
predicted that by 2021, cybercrime would cost the world in excess of 6 trillion dollars annually.

Percentages of cybercrimes and their effect on global economy:

33% 78% 0.8%

Increase in Mobile Increase in the mobile chain of the Global economy

Ransomware 2018-2019. attacks 2018-2019. was lost due to cybercrime

in 2019.

International threats of cybersecurity on global trade

Cybersecurity and trade are progressively intertwined. International Trade is transforming by the
expansion of the internet including the concept of E-commerce. E-commerce representing a factor
of increase to the volume of international trade (the activity of buying or selling products via online
services). The advancement of the internet is also playing an important role in the increase of global
connectivity of businesses, governments, and supply chains. However, with the growth of global
interconnectivity, the exposure to cyber threats and attacks increases. The use of Formjacking to
steal credit card details from e-commerce sites, supply chains hacking and the lack of cybersecurity
undermines customers and businesses’ trust in engaging in digital trade, as the outcomes of these
attacks can lead to millions of dollars losses.

Another issue is cyber theft, where trade secrets and intellectual property rights are stolen.
With the United States proclaiming that China is violating its commitments under the WTO
Agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPs) by failing to protect
trade secrets, around the years of 2014-2015, the issue of cyber theft and cyber espionage is
becoming more common in the global trade arena.
In addition to that, cybersecurity also plays an important role in, payment security, free data flow to
enable information sharing, and protection against malicious attacks. Therefore, it is considered
crucial to set new trade rules that support risk-based effective cybersecurity regulations.

International threats of cybersecurity on individuals

Cyber-attacks have a large range of targets, including individuals. According to a survey done by
Symantec where 20.000 were interviewed across 24 countries, 69% reported being the victim of a
cyber-attack in their lifetime. Symantec also calculated that more than one million attacks occur
every day. While industries have their dedicated cybersecurity team, the average person has to be
responsible for the protection of their devices, which makes them vulnerable targets to cyber-
attacks. These attacks could range from data thefts and ransomware to personal attacks that aim to
cause distress. In addition, recovering from a cyber-attack is harder on individuals, as most
individuals often do not have the resources to recover from such attacks. Although, some criminals
aim only to cause chaos in an individual’s personal life. With the increase of apps and accounts
connected these days, it is easier than ever for hackers to compromise multiple accounts.

5
 IMPORTANT EVENTS AND MORE INFORMATION

Important events:

We cannot talk about events in Cybersecurity without mentioning the events that radically changed
cybersecurity:

1) First computer Virus, the 1970s: “Creeper” a self-replicating program and led to the creation
of the first antivirus.

2) Largest insider attack, 1976-2006: for over thirty years, ‘Greg Chung Boeing’ stole 2 $ billion
worth of aerospace documents and gave them to the Chinese government.

3) The Snowden effects, 2013: ‘Edward Snowden’, a former contractor for the US government,
copied and leaked classified information from the national security agency.

4) Largest data breach, 2013-2014: Yahoo reported a breach that jeopardized the accounts of
all 3 billion users.

5) OPM data breach, 2015: the US office of personnel management fell victim to an attack that
stole 4.2 million personal files of formal and current government employees.

More information about cybersecurity:

-trade implications of national cybersecurity policies

6
The global cybersecurity Index (GCI) build on five pillars, which key cyber security measures relevant
to the Member States

Capacity
Leg al Technical Organizational development Cooperation

-CGI 2018 versus WFE Global competiveness Index 2019

-CGI 2018 generally correlates with World Bank Doing Business Score, except for in the Americas

-National cybersecurity strategies (NCS) rarely address trade issues

7
- An NCS defines the maintenance of resilient and national critical information infrastructures
including the security and the safety of citizens

-104 Member States have national strategies related to cybersecurity

-Common features identified in cybersecurity policies include:

*The protection of critical information infrastructure

*A national resiliency plan

*Some have a clear action plan for government implementation on cybersecurity

governance

*Cybersecurity Responsible Agencies are responsible for implementing the national

cybersecurity strategy/policy

POSITION OF COUNTRIES

United States of America

The USA's mission statement concerning cybersecurity is," United States Cyber Command plans,
coordinates, integrates, synchronizes and conducts activities to: direct the operations and defense
of specified Department of Defence information networks and; prepare to, and when directed,
conduct full-spectrum military cyberspace operations in order to enable actions in all domains,
ensure the US/Allied freedom of action in cyberspace and deny the same to our adversaries.” This
mission statement shows the USA's full help for cybersecurity.

Russia

By presenting a resolution to the UN First Committee in 1998 Russia was the first country to address
cybersecurity in the UN formally. In 2010, Russian delegates considered the issue of cyber-attacks
the most genuine of difficulties in the 21st century and followed up in 2011 by publishing a
convention on International Information Security. However, Russia was accused, in 2008, of hacking
various eastern European nations. It was once again under the spotlight after the events of Edward
Snowden and WikiLeaks.

In December 2018, UN General Assembly adopted 2 important Russian-proposed resolutions on

international information security -- “Developments in the field of information and
telecommunications in the context of international security” and "Countering the use of
information and communications technologies for criminal purposes", thus opening a new chapter
in the global discussion on international cyber security.

France

8
France's mission statement is as follows: “operational cooperation needs to be stepped up between
EU Member States. The aim is to build up pan-European instruments to share technical data on
dangers, supporting planning and quick reaction in the occasion of cyber assaults. The creation in
2017 of the EU Cyber Diplomacy Toolbox (CDT) to battle cyber-attacks is an undeniable part of this
participation."

We can see that France even despite the fact that in the focal point of numerous allegations has
taken a position to additionally create infrastructure to protect member-states.

China

China has been blamed for cyber warfare on countries including Australia, India, Canada and the
USA. Recently, China has suspended the Cybersecurity Cooperation with the USA subsequent to
being accused of cybercrime. China was really one of the 20 primary nations alongside Russia to
raise the issue in the first place. Moreover, it has carried out numerous laws too to keep this from
occurring.

Germany

Germany’s mission statement shows full compliance with previous endeavours: “federal
government aims at making a significant commitment to protected cyberspace, in this manner
maintaining and advancing financial and social success in Germany. Cybersecurity in Germany
must be ensured at a level commensurate with the importance and protection required by
interlinked information infrastructures, without hampering the opportunities and the utilization of
cyberspace. In this setting, the level of cybersecurity came to is the sum of all public and
worldwide measures required to secure the accessibility of information and communications
technology and the integrity, authenticity and confidentiality of data in cyberspace.”

UK

UK members of parliament have synthesized the following, “Cyber is a Tier 1 threat to the UK’s
economic and national security. The policies, institutions, and initiatives developed under the
previous strategy have helped to establish the UK as a leading global player in cybersecurity.
however, the scale and dynamic nature of cyber threats, and the expanding reliance of our economy
and society on digital items and services mean that our current way to deal with cybersecurity
should be additionally reinforced. Therefore, the Government is today distributing the new five year
National Cyber Security Strategy, which characterizes our vision and desire for accomplishing a UK
that is secure and tough to cyber threats; prosperous and confident in the digital world.”

QUESTIONS AND CHALLENGES TO CONSIDER

Increasingly, it has been contended that the Internet should be represented by a global organization
which is mindful to offering an explanation to the worldwide framework as a whole and not

9
individual parties. The Non-Aligned Movement has explicitly expressed the need for autonomous
control of certain parts of their internet to ensure the protection of defense secrets just as the
capacity to ensure internet use for the development of their economy. However, the makeup of
such a body is still being debated.

Another major problem with guaranteeing cybersecurity is the issue concerning how to hold nations
and international actors accountable for their actions. Countries like Russia and China believe
cyberspace ought to be controlled locally by different public governments and ought to respect
social standards and public policy plans if a state decides the requirement for this. In much of the
West, individuals trust in a free Internet, yet in less democratic countries, leaders may feel
threatened by a free web and wish to control it directly.

Circumstantially, this has started debate around the world about how much freedom people will give
up to keep up securely online: Initially, the Internet was totally free where people could express
themselves and feel free to come up with applications never thought of before. As the innovation
has gotten more accessible, dangers have arisen. There is a huge discussion concerning how much
freedom ought to be permitted in cyberspace. If governments took more control over cyberspace,
they could most assuredly be more successful in improving cybersecurity, however there is a risk
they would decrease the level of freedom permissible on the Internet. This debate is especially
pertinent in the European Union where individuals are asking where to draw the line between
security and freedom of expression.

In the field of cybersecurity, this extremely dynamic field, there are always new challenges to face as
everything is on the internet, from cute kitten videos to our credit card information. We have to
keep innovating to ensure that our data remains safe which is not an evident mission as
cybersecurity challenges come in many forms. For example, India ranks 11th globally in terms of
local cyber-attacks and has witnessed 2,299,682 incidents in Q1 of 2020 already so we can imagine
how hard it is to control the safety of our data.

In 2021, IoT attacks , Blockchain and cryptocurrency attacks and machine learning attacks are new
elements to the list of the Top 10 Challenges of Cyber Security . Therefore, the industry of
Cybersecurity has to adapt its solutions to these new technologies.

Questions to consider:

 What measures can be taken to improve the monitoring of cyberspace?

 How can international actors be held accountable when they are found to have taken part in
cybercrimes?

 What steps can be taken to ensure a free, but safe Internet?

 How can Cybersecurity adapt to the new machine learning and Artificial intelligence attacks?

10
  IoT devices are devices that can autonomously transmit data over a network, attacking these
devices can cause the loss of sensitive user data and gaining access to these devices can
open the doors for other hostile attacks. So will the cybersecurity be able to prevent the
user data attacks at the first place in the upcoming years?

REFERENCES

https://www.un.org/en/ga/62/plenary/election_sc/bkg.shtml

https://www.un.org/securitycouncil/content/what-security-council

https://unite.un.org/digitalbluehelmets/cyberrisk

https://www.itgovernance.co.uk/what-is-cybersecurity#:~:text=Cyber%20security%20is%20the
%20application,of%20systems%2C%20networks%20and%20technologies

https://onlinedegrees.und.edu/blog/types-of-cyber-security-threats/

https://www.brookings.edu/research/cybersecurity-and-digital-trade-getting-it-right/

https://www.weforum.org/agenda/2015/09/what-cybersecurity-means-for-global-trade/

https://www.isaca.org/resources/news-and-trends/isaca-now-blog/2019/cybersecurity-and-its-
critical-role-in-global-economy

https://www.enisa.europa.eu/publications/enisa-position-papers-and-opinions/cybersecurity-as-an-
economic-enabler

https://www.ecpi.edu/blog/how-cyber-attacks-affect-individuals-and-how-you-can-help-keep-them-
safe

https://www.sciencedirect.com/science/article/pii/S0022000014000178

https://unite.un.org/digitalbluehelmets/cyberrisk

https://www.javatpoint.com/history-of-cyber-security

11
https://www.coursehero.com/file/92080193/4-Computer-Networks-Security-pdf/

https://www.futureoftech.org/cybersecurity/1-what-is-cybersecurity/

https://www.varonis.com/blog/cybersecurity-statistics/

https://economictimes.indiatimes.com/news/politics-and-nation/united-nations-adopts-two-russia-
sponsored-resolutions-backed-by-india-on-international-information-
security/articleshow/67298500.cms?
utm_source=contentofinterest&utm_medium=text&utm_campaign=cppst

12