CHEMUN 2013 Background Notes (DISEC)

CHEMUN 2013 Background Notes (DISEC)

Committee:

Disarmament and Security

Topic:

Combatting the emerging threat of cyber-warfare in the

international community

Student Officer:

Tae Ryoun Kim

Introduction
From the emergence of the first electronic computer in 1950s, humanity has
found a new dimension where everything can be created, stored, and destroyed: the
internet. After its first publication as the ARPANet, the internet developed
dramatically, becoming a crucial element for humans to live in the modern society.
This also applies to governments as the internet became the storage for militaristic,
governmental, and other private information. However, such reliance on the internet
evoked illegal organizations or terrorist groups to hack into other servers and steal or
paralyze their targeted network, including governments servers. To counter such
actions, governments created elite groups, such as USCYBERCOM and ENISA, to
protect ones network.
This issue became prominent in United Nations debate as the competition
between governments and terrorist organizations or opposing governments to conquer
the internet can lead to actual war in the future. According to the Economist, the
internet is the fifth domain of warfare which is a dimension as critical as military
operations in land, air, sea, and space. Thus, obtaining the control over the internet
can lead to the paralysis of an entire country, making it vulnerable to missile assaults
or other terrorist activities. As kinetic actions can be taken between nations, the
United Nations began to find a peaceful resolution to the issue but currently, there are
not any solid international laws restricting cyber warfare. Also, as cyber warfare does
not contain conventional weapons during the process, Geneva Convention and UN
Charters regarding sanctions over countries provoking war are ignored. Thus, all
nations, regardless whether or not they are involved, have to collaborate to create new

CHEMUN 2013 Background Notes (DISEC)

regulations for cyber warfare and weapons to pursuit cyber peace where civilian
threats are decreased to its minimum.

Definition of Key Terms

Cyber warfare
Cyber warfare literally means the conduct of warfare in cyberspace through
cyber means and methods; in other words, it is an information warfare. According to
the U.S. government security expert Richard A. Clarke, in his book Cyber War (May
2010), it is "actions by a nation-state to penetrate another nation's computers or
networks for the purposes of causing damage or disruption." However, there are no
concrete and clear international standards to identify cyber warfare.

Background Information
Major regions for the center of cyber warfare
Korean Peninsula
The struggle for dominance over the Korean peninsula between
democracy and communism dates back to the start of the Korean War in 1950.
Even after the armistice, the battle still continues as North Korea constantly
attracts attention through nuclear weapons, poverty, and assaults on South
Korean ships and territories. Recently, on March 20th 2010, North Korea has
changed its strategies and used cyber-attacks, which paralyzed 30,000
computers and servers at the national bank and broadcasters. Six computers
were used to access the South Korean server using more than 1,000 IP address
in which 13 were traced back to North Korea. Though there were several
attempts from North Korea, this cyber assault was very astonishing and
powerful to not only South Korea but also the United States, as this attack
proved North Koreas cyber warfare capability to rival the United States of
Americas. Also, it warned South Korea of the danger and the influences on
the Korean society if the assaults were to have targeted the nuclear plants and
major infrastructures. This signaled the involvement of other private

CHEMUN 2013 Background Notes (DISEC)

organizations, such as the Anonymous, to this cyber war which would later
determine the victor of the Korean War.

Middle East
Starting from the disagreement between Palestine and Israel regarding
the distribution of their territories in the late 19th century, the conflict
expanded to the cyber war between Iran and Israel, including the United States
who supports Israel. The United States and Israel first launched their attacks
on Iran by using a malware called Stuxnet which targeted centrifuges at Iran's
nuclear facilities in 2010. This degraded Irans nuclear technologies to its state
two years ago. Other malwares, such as the Shamoon and Gauss, and the cyber
espionage tool, Flame, sequentially damaged financial institutions and
universities in not only in Iran, but also in Lebanon, Saudi Arabia, and Syria.
To counter these attacks, Iran joined forces with its neighboring nations to
combine cyber warfare tactics and maritime war game in a drill. Also, Iran
started to hack infrastructures in Israel such as Sheba and Assuta hospitals.
From these conflicts, dreadful computer viruses and sabotages emerged,
introducing new combinations of malwares and methods of assaulting through
cyberspace.
Methods of Assaults
Malware
It is an abbreviated form of the term malicious software which is
used to disrupt computers and steal information through accessing private
servers. This program includes computer viruses, ransomware, worms, Trojan
horses, spyware, adware, etc. Sometimes malwares disguise themselves as
useful or attractive programs attached to official softwares. After malwares
start to operate on computers, they defect security and create user errors
through malicious Javascript codes. To prevent these programs, anti-malwares,
anti-viruses, and firewalls were created to strengthen the security of the
operating computers.
Denial of Service(DoS)
4

CHEMUN 2013 Background Notes (DISEC)

This is a method to disable a server or network by flooding it with a lot
information. The traffic created by this method will crash the computer, thus
rebooting the whole system to preserve the remaining data. Though this
method only prevents legitimate users from accessing the targeted system, an
attack on government or news sites can be critical as the paralysis of the
system can delay the execution of documents in banks and other institutes
responsible for financial matters. Thus, the systems targeted by the DoS
method are mostly high-profile web servers such as banks, credit card
payment gateways, and even root nameserver. Furthermore, the denial of
service becomes an excellent tool for propaganda through the internet by
confusing citizens of the afflicted country with accessible information
modified by the culprit. This will bring about civil unrest and turmoil within
the victimized nation, as it becomes vulnerable to external influences which
may include conventional weapons.

Relevant UN Documents, Treaties and Events

The following information is UN resolutions supporting the religious minorities.
More

Relevant

UN

resolutions

and

treaties

can

be

found

at

http://www.un.org/en/documents/index.shtml. However, this issue does not contain

any direct resolutions to combat the cyber warfare but releva

Stuxnet Attack (June 2010)

An attack believed to be from the United States and Israel to
disrupt Irans nuclear facilities and reverse the data and
programs to their state two years ago. This attack became
prominent as it was the first attack to target and subvert
industrial programs.
This attack infected the Windows, Step 7, and PLC, which did
not cause any damage to their customers except for the nuclear
programs secretly developed by Iran.

Tallinn Manual on the International Law Applicable to Cyber Warfare

The Tallinn Manual was created by the experts associated by
NATO Cooperative Cyber Defence Center of Excellence
5

CHEMUN 2013 Background Notes (DISEC)

(NATO CCD COE) to produce a manual on the law governing
cyber warfare. By focusing on the principles of jus ad bellum, it
stresses on the international law governing the resort to force
by States. Also, this manual does not focus on cybersecurity,
but rather on the implication of International Laws on
cyberspace.

Points to Consider
Considering the following points can contribute to creating comprehensive
resolutions or treaties. Also, please note that ideal resolutions or treaties can never
exist, and keep in mind that the point of resolutions or treaties is to create better
solutions to combat the given issue.
Do consider that there are no clear and solid definitions for cyber warfare. Thus,
creating a clear definition which can distinguish it from other issues such as cyber
terrorism can be a start for establishing appropriate resolutions or treaties to combat
international conflicts regarding cyber warfare.
Also, try to link cyber warfare to not only political conflicts between nations but also
to relevant issues such as religious conflicts or manipulations. By referring to such
issues, resolutions or treaties considering potential internal conflicts or cases violating
the Geneva Convention can be created.
Please note that the fundamental goal of creating resolutions or treaties for this issue
is to protect civilians from the influences of the cyber warfare. Thus, resolutions or
treaties to regulate the strength of the cyber weapons or to prevent civilians
involvement in cyber warfare would be effective. If civilians were to be involved,
measures to deal with casualties must be included.

Bibliography
http://www.icrc.org/eng/war-and-law/conduct-hostilities/informationwarfare/overview-information-warfare.htm
http://www.nytimes.com/2013/05/23/opinion/irans-view-of-cyberwarfare.html?_r=0
http://www.nytimes.com/2013/05/23/opinion/irans-view-of-cyberwarfare.html?_r=0
http://en.wikipedia.org/wiki/Cyber_warfare
http://www.koreatimes.co.kr/www/news/opinon/2013/04/202_133696.html
6

CHEMUN 2013 Background Notes (DISEC)

http://www.huffingtonpost.co.uk/2013/04/10/north-korea-cyber-war-threatens-realwar_n_3052026.html
http://www.unidir.org/files/publications/pdfs/cyberwarfare-and-international-law382.pdf
http://www.stonesoft.com/en/info_center/blogs/2013/20130322.html
http://thediplomat.com/2013/04/19/is-cyber-war-the-new-cold-war/
http://en.wikipedia.org/wiki/Stuxnet
http://www.cs.wustl.edu/~jain/cse571-11/ftp/cyberwar/
http://en.wikipedia.org/wiki/Malware
http://www.thenational.ae/business/industry-insights/technology/cyber-warfare-in-themiddle-east-is-no-game
http://www.israelnationalnews.com/News/News.aspx/163733#.UaJMT7XI2Sp
http://www.acus.org/event/tallinn-manual-international-law-applicable-cyber-warfare