SECURITY COUNCIL

STUDY GUIDE :
THE PROTECTION OF GLOBAL
CYBER SECURITY

GRAND SIMULATION 3.0

 STUDY GUIDE :
THE PROTECTION OF

GLOBAL CYBER SECURITY

SECURITY COUNCIL
CONTENT
I General Background:
COUNCIL & TOPIC

II HISTORY AND CURRENT SITUATION

INTERNATIONAL THREATS OF
III CYBER SECURITY

IMPORTANT EVENTS AND MORE

IV INFORMATION

QUESTIONS AND CHALLENGES

V TO CONSIDER

VI REFERENCES

GRAND SIMULATION 3.0

 General Background
The Council:
Six principal organs were established by the United Nations Charter: one of
them is the Security Council. It was created following the end of World War II,
and it held its first session on 17 January 1946.
This council has fifteen members who are obligated to comply with its deci-
sions: 5 permanent members (China, France, The United Kingdom, The
United States of America, and The Russian Federation), that dispose of the
Veto power, and 10 non-permanent members elected by the General As-
sembly of the United Nations for a term of two years. The election of these
members is based according to a specific pattern set by the General As-
sembly.
The Security Council is primarily responsible for maintaining international
peace and security in accordance with the purposes and principles of the
United Nations. It takes in lead determining any threats to international
peace and tries to settle it by recommending methods of adjustments, and
if required, it can resort to imposing sanctions or authorize the use of force.

Topic Description:
The digital world plays an important role in the improvement of human life.
However, its unintended effects represent a risk to the security of people and
countries around the world. Due to the increase in the severity, frequency,
and sophistication of cyber-enabled threats, global cybersecurity remains
at risk as policy and legal frameworks stand inconsistent and communica-
tions technologies are most vulnerable.

The term Cybersecurity is the technological, professional, and controllable

acts to recover data, protect computer systems, devices, and networks from
multiple threats such as:

- Malware: a software designed to cause damage to a computer, server,

client, or computer network.

- Phishing: a type of social engineering often used to steal user data. It is

where an attacker uses the identity of a trusted entity to trick a user into re-
vealing sensitive information or even deploying hostile software on the vic-
tim’s infrastructure.

GRAND SIMULATION 3.0

 - Ransomware: malware that locks up access to a victim’s personal data
and threatens to publish it or block access to it, unless the ransom de-
manded gets paid usually in cryptocurrency.

- Data breaches: the intentional or unintentional leakage of secure confi-

dential information to an untrusted environment.

- Man-in-the-middle-attack: a cyber-attack on two parties who believe

they are directly communicating with each other by relaying or altering their
communication.

However, digital espionage and cyber-attacks are not the only challenges to
global cybersecurity, as cybercriminals have built a developed marketplace
trading confidential information, people, and illicit goods going against na-
tional and international law.

In addition, terrorist groups are exploiting the power of social media to at-
tract new recruiters, making governments and individuals grow as targets
for cybercrime.

To effectively address the increasing challenges of cyber threats on the

global security and development, the United Nations considers the ensuring
of the good usage of technology is a critical point to its mandate to improve
human lives around the globe and emphasizes the importance of coopera-
tion of all stakeholders.

GRAND SIMULATION 3.0

 History And Current Situation
History of Cyber Security:
Throughout the entire existence of the advanced world of technology:
In 1969, the first electronic message was sent from UCLA SDS Sigma 7 host
computer to a programmer, at the Stanford Research Institute. The sent
message from UCLA was the word "login." When they typed the first two let-
ters "lo." the system crashed. Since then, this story has been a belief that the
programmers typed the beginning message "lo and behold." While factually
believed that "login" was the intended message.
In 1970s, Bob Thomas who was a researcher and a developer for BBN Tech-
nologies in Cambridge, Massachusetts, wrote a program that used PCs on
the network to print the message: “I’m the creeper; catch me if you can.” This
was the first time a program moved starting with one computer then onto
the next all alone. This was a harmless experiment, but we can now say this
was the first computer worm or virus. He understood that it was possible for
a computer program to move across a network, leaving a progression of
signs wherever it went. He named the program Creeper and designed it to
go between Tenex terminals on the early ARPANET.

Fittingly, the appearance of the first computer worm led to the first cyberse-
curity effort to eliminate an unapproved program. An American computer
programmer named Ray Tomlinson, the inventor of the first networked mail
messaging system was also working for BBN Technologies at the time. He saw
this idea and liked it. He tinkered with the program and made it self-recrea-
ting "the first computer worm." He named the program Reaper, the first anti-
virus software which would discovered copies of The Creeper and erase it.

Current Situation:
On this day, almost 3 billion individuals (40%) have access to the Internet.
The endless possibilities combined with the immense amount of users have
made the Internet an ideal spot for cybercrime. The scope of hacking attacks
can range from small-scale personal websites to national security informa-
tion.
As conventional online protection programs that distinguished potential dan-
gers based on their "signature" started to fail, the first "next-gen" antivirus pro-
gramming started using big data analysis to identify malware by taking a
broad, holistic view of user behaviours, network traffic, and application actvity.

GRAND SIMULATION 3.0

 In 2018, because of worries around the volume and security of personal data
held by organizations, the European Union started enforcing the General
Data Protection Regulation (GDPR), a regulation establishing an obligatory
data protection baseline. In addition to other things, it established that com-
panies should have a response plan in case of a data breach.

Starting at 2020, it is estimated that there are generally 6.8 internet-connec-

ted (IoT) devices per individual around the globe. As the amount of personal
data turns out to be more available, cybersecurity concerns continue to
grow.

In addition, nowadays, the number of malware being produced exploded.

From a few tens of thousands of known samples in the early 90s to around
500,000 unique malware samples were being produced every day in 2014. A
new type of malware is being used more and more which is the fileless one.
The system vulnerabilities are just a number of common ways that permit
attackers to bypass traditional antivirus.

GRAND SIMULATION 3.0

 International Threats
Of Cybersecurity
International threats of cybersecurity on the
global economy:
With the digitalization of global enterprises supported by data analytic,
cloud computing and other evolving technologies, the importance of data
as an input to industries has increased, making digital data flow the founda-
tion of the global economy. This digitalization does not apply only to infor-
mation industries but also to manufacturing and traditional ones. According
to a report made by “McKinsey & Company”, an American worldwide mana-
gement-consulting firm, traditional industries are responsible for 75 percent
of the value created by the internet. It has also mentioned in its report that
the internet influenced economic wealth for the masses, increased stan-
dards of living, and contributed to growth, creating a bond of reinforcement
between economic development and the internet.

The importance of cyberspace in shaping the global economy is unde-

niable. Therefore, it is considered vital to protect it against unauthorized
breaches and illegal activities. However, the lack of protection resulted in
multiple attacks on organizations and individuals causing enormous mone-
tary losses.
According to the 2019 Official Annual Cybercrime Report by Cybersecurity
Ventures, sponsored by Herjavec Group, cybercrime is one of the most signi-
ficant threat to all countries around the globe. It predicted that by 2021, cy-
bercrime would cost the world in excess of 6 trillion dollars annually.

- Percentages of cybercrimes and their effect on global economy:

33% 78% 0.8%

Increase in Mobile Increase in the mobile of the Global economy

Ransomware 2018-2019. chain attacks 2018-2019. was lost due to cybercrime

in 2019.

GRAND SIMULATION 3.0

 International threats of cybersecurity on
global trade:
Cybersecurity and trade are progressively intertwined. International Trade is
transforming by the expansion of the internet including the concept of
E-commerce. E-commerce representing a factor of increase to the volume
of international trade (the activity of buying or selling products via online
services). The advancement of the internet is also playing an important role
in the increase of global connectivity of businesses, governments, and
supply chains. However, with the growth of global interconnectivity, the ex-
posure to cyber threats and attacks increases. The use of Formjacking to
steal credit card details from e-commerce sites, supply chains hacking and
the lack of cybersecurity undermines customers and businesses’ trust in en-
gaging in digital trade, as the outcomes of these attacks can lead to mil-
lions of dollars losses.

Another issue is cyber theft, where trade secrets and intellectual property
rights are stolen.
With the United States proclaiming that China is violating its commitments
under the WTO Agreement on Trade-Related Aspects of Intellectual Property
Rights (TRIPs) by failing to protect trade secrets, around the years of
2014-2015, the issue of cyber theft and cyber espionage is becoming more
common in the global trade arena.

In addition to that, cybersecurity also plays an important role in, payment

security, free data flow to enable information sharing, and protection
against malicious attacks. Therefore, it is considered crucial to set new trade
rules that support risk-based effective cybersecurity regulations.

GRAND SIMULATION 3.0

 International threats of cybersecurity on
individuals:
These attacks could range from data thefts and ransomware to personal
attacks that aim to cause distress. In addition, recovering from a cyber-at-
tack is harder on individuals, as most individuals often do not have the re-
sources to recover from such attacks. Although, some criminals aim only to
cause chaos in an individual’s personal life. With the increase of apps and
accounts connected these days, it is easier than ever for hackers to com-
promise multiple accounts.

Cyber-attacks have a large range of targets, including individuals. Accor-

ding to a survey done by Symantec where 20.000 were interviewed across
24 countries, 69% reported being the victim of a cyber-attack in their life-
time. Symantec also calculated that more than one million attacks occur
every day. While industries have their dedicated cybersecurity team, the
average person has to be responsible for the protection of their devices,
which makes them vulnerable targets to cyber-attacks.

GRAND SIMULATION 3.0

 Important Events And
More Informations

Important events:
We cannot talk about events in Cybersecurity without mentioning the events
that radically changed cybersecurity:
1) First computer Virus, the 1970s: “Creeper” a self-replicating program and
led to the creation of the first antivirus.
2) Largest insider attack, 1976-2006: for over thirty years, ‘Greg Chung Boeing’
stole 2 $ billion worth of aerospace documents and gave them to the
Chinese government.
3) The Snowden effects, 2013: ‘Edward Snowden’, a former contractor for the
US government, copied and leaked classified information from the national
security agency.
4) Largest data breach, 2013-2014: Yahoo reported a breach that jeopar-
dized the accounts of all 3 billion users.
5) OPM data breach, 2015: the US office of personnel management fell victim
to an attack that stole 4.2 million personal files of formal and current go-
vernment employees.

More information about cybersecurity:

-trade implications of national cybersecurity policies
The global cybersecurity Index (GCI) build on five pillars, which key cyber se-
curity measures relevant to the Member States
.
Capacity
Leg al Technical Organizational development Cooperation

GRAND SIMULATION 3.0

 GCI
-CGI 2 0versus
2018 1 8 veWFE
rsuGlobal
s WEFcompetiveness
Glo b a l Co m pIndex
e tive2019
n e ss In d e x 2 0 1 9

GCI-CGI
2 0 2018
6
1 8 generally
g e n e racorrelates
lly co rrewith
la te s wBank
World ith Doing
Wo rld Ba nScore,
Business k Doexcept
in g
for in the Americas
Bu sin e ss sco re s, e xce p t fo r in th e Am e rica s

7
- National cybersecurity strategies (NCS) rarely address trade issues
- An NCS defines the maintenance of resilient and national critical informa-
tion infrastructures including the security and the safety of citizens
- 104 Member States have national strategies related to cybersecurity
- Common features identified in cybersecurity policies include:
* The protection of critical information infrastructure
*A national resiliency plan
*Some have a clear action plan for government implementa
tion on cybersecurity governance
*Cybersecurity Responsible Agencies are responsible for imple
menting the national cybersecurity strategy/policy

GRAND SIMULATION 3.0

 Position Of Countries
United States of America:
The USA's mission statement concerning cybersecurity is," United States
Cyber Command plans, coordinates, integrates, synchronizes and
conducts activities to: direct the operations and defense of specified De-
partment of Defence information networks and; prepare to, and when di-
rected, conduct full-spectrum military cyberspace operations in order to
enable actions in all domains, ensure the US/Allied freedom of action in
cyberspace and deny the same to our adversaries.” This mission statement
shows the USA's full help for cybersecurity.

Russia:
By presenting a resolution to the UN First Committee in 1998 Russia was the
first country to address cybersecurity in the UN formally. In 2010, Russian de-
legates considered the issue of cyber-attacks the most genuine of difficul-
ties in the 21st century and followed up in 2011 by publishing a convention on
International Information Security. However, Russia was accused, in 2008, of
hacking various eastern European nations. It was once again under the
spotlight after the events of Edward Snowden and WikiLeaks.
In December 2018, UN General Assembly adopted 2 important Russian-pro-
posed resolutions on international information security -- “Developments in
the field of information and telecommunications in the context of interna-
tional security” and "Countering the use of information and communica-
tions technologies for criminal purposes", thus opening a new chapter in
the global discussion on international cyber security.

France:
France's mission statement is as follows: “operational cooperation needs to
be stepped up between EU Member States. The aim is to build up pan-Euro-
pean instruments to share technical data on dangers, supporting planning
and quick reaction in the occasion of cyber assaults. The creation in 2017 of
the EU Cyber Diplomacy Toolbox (CDT) to battle cyber-attacks is an unde-
niable part of this participation."
The French Prime Minister introduced, in October 2015, the French national di-
gital security strategy, which was designed to support the digital transition of
French society. Such innovative strategy has placed France as a leader, offe-
ring a guidline for European digital strategic autonomy.

GRAND SIMULATION 3.0

 Germany:
Germany’s mission statement shows full compliance with previous en-
deavours: “federal government aims at making a significant commitment
to protected cyberspace, in this manner maintaining and advancing fi-
nancial and social success in Germany. Cybersecurity in Germany must be
ensured at a level commensurate with the importance and protection re-
quired by interlinked information infrastructures, without hampering the
opportunities and the utilization of cyberspace. In this setting, the level of
cybersecurity came to is the sum of all public and worldwide measures re-
quired to secure the accessibility of information and communications
technology and the integrity, authenticity and confidentiality of data in cy-
berspace.”

UK:
UK members of parliament have stated the following, “Cyber is a Tier 1
threat to the UK’s economic and national security. The policies, institutions,
and initiatives developed under the previous strategy have helped to esta-
blish the UK as a leading global player in cybersecurity. However, the scale
and dynamic nature of cyber threats, and the expanding reliance of our
economy and society on digital items and services mean that our current
way to deal with cybersecurity should be additionally reinforced. Therefore,
the Government is today distributing the new five year National Cyber Se-
curity Strategy, which characterizes our vision and desire for accompli-
shing a UK that is secure and tough to cyber threats; prosperous and
confident in the digital world.”

China:
China has been blamed for cyber warfare on countries including Australia,
India, Canada and the USA. Recently, China has suspended the Cybersecu-
rity Cooperation with the USA subsequent to being accused of cybercrime.
China was really one of the 20 primary nations alongside Russia to raise the
issue in the first place. Moreover, it has carried out numerous laws too to
keep this from occurring.

GRAND SIMULATION 3.0

 Questions And Challenges
To Consider
Increasingly, it has been contended that the Internet should be represented
by a global organization which is mindful to offering an explanation to the
worldwide framework as a whole and not individual parties. The Non-Aligned
Movement has explicitly expressed the need for autonomous control of cer-
tain parts of their internet to ensure the protection of defense secrets just as
the capacity to ensure internet use for the development of their economy.
However, the makeup of such a body is still being debated.

Another major problem with guaranteeing cybersecurity is the issue concer-

ning how to hold nations and international actors accountable for their ac-
tions. Countries like Russia and China believe cyberspace ought to be
controlled locally by different public governments and ought to respect
social standards and public policy plans if a state decides the requirement
for this. In much of the West, individuals trust in a free Internet, yet in less de-
mocratic countries, leaders may feel threatened by a free web and wish to
control it directly.

Circumstantially, this has started debate around the world about how much
freedom people will give up to keep up securely online: Initially, the Internet
was totally free where people could express themselves and feel free to
come up with applications never thought of before. As the innovation has
gotten more accessible, dangers have arisen. There is a huge discussion
concerning how much freedom ought to be permitted in cyberspace. If go-
vernments took more control over cyberspace, they could most assuredly
be more successful in improving cybersecurity; however, there is a risk they
would decrease the level of freedom permissible on the Internet. This
debate is especially pertinent in the European Union where individuals are
asking where to draw the line between security and freedom of expression.

GRAND SIMULATION 3.0

 In the field of cybersecurity, this extremely dynamic field, there are always
new challenges to face as everything is on the internet, from cute kitten
videos to our credit card information. We have to keep innovating to ensure
that our data remains safe which is not an evident mission as cybersecurity
challenges come in many forms. For example, India ranks 11th globally in
terms of local cyber-attacks and has witnessed 2,299,682 incidents in Q1 of
2020 already so we can imagine how hard it is to control the safety of our
data.
In 2021, IoT attacks , Blockchain and cryptocurrency attacks and machine
learning attacks are new elements to the list of the Top 10 Challenges of
Cyber Security . Therefore, the industry of Cybersecurity has to adapt its so-
lutions to these new technologies.

Questions to consider:
• What measures can be taken to improve the monitoring of cyberspace?

• How can international actors be held accountable when they are found to
have taken part in cybercrimes?

• What steps can be taken to ensure a free, but safe Internet?

• How can Cybersecurity adapt to the new machine learning and Artificial
intelligence attacks?

• IoT devices are devices that can autonomously transmit data over a
network. Attacking these devices can cause the loss of sensitive user data
and gaining access to these devices can trigger other hostile attacks. So
will the cybersecurity be able to prevent the user data attacks in the upco-
ming years?

GRAND SIMULATION 3.0

 REFERENCES
- https://www.un.org/en/ga/62/plenary/election_sc/bkg.shtml
- https://www.un.org/securitycouncil/content/what-security-council
- https://unite.un.org/digitalbluehelmets/cyberrisk
- https://www.itgovernance.co.uk/what-is-cybersecurity#:~:text=-
Cyber%20security%20is%20the%20application,of%20systems%2C%20network
s%20and%20technologies
- https://onlinedegrees.und.edu/blog/types-of-cyber-security-threats/
- https://www.brookings.edu/research/cybersecurity-and-digi-
tal-trade-getting-it-right/
- https://www.weforum.org/agenda/2015/09/what-cybersecu-
rity-means-for-global-trade/
- https://www.isaca.org/resources/news-and-trends/isaca-now-blo-
g/2019/cybersecurity-and-its-critical-role-in-global-economy
- https://www.enisa.europa.eu/publications/enisa-posi-
tion-papers-and-opinions/cybersecurity-as-an-economic-enabler
- https://www.ecpi.edu/blog/how-cyber-attacks-affect-indivi-
duals-and-how-you-can-help-keep-them-safe
- https://www.sciencedirect.com/science/article/pii/S0022000014000178
- https://unite.un.org/digitalbluehelmets/cyberrisk
- https://www.javatpoint.com/history-of-cyber-security
- https://www.coursehero.com/file/92080193/4-Compu-
ter-Networks-Security-pdf/
- https://www.futureoftech.org/cybersecurity/1-what-is-cybersecurity/
- https://www.varonis.com/blog/cybersecurity-statistics/
- https://economictimes.indiatimes.com/news/politics-and-na-
tion/united-nations-adopts-two-russia-sponsored-resolutions-backed-by-i
ndia-on-international-information-security/articleshow/67298500.cms?utm
_source=contentofinterest&utm_medium=text&utm_campaign=cppst

GRAND SIMULATION 3.0

Email: [email protected]

@TIMUNSFAX

@TIMUN Sfax

GRAND SIMULATION 3.0