FIRST COMMITTEE OF THE GENERAL

ASSEMBLY FOR DISARMAMENT AND

INTERNATIONAL SECURITY

T A B L E O F C O N T E N T S

1. Welcome letter
2. Introduction to the committee: about DISEC
3. Topics
3.1 The role of technology in international security
o Current situation regarding treaties
o Study case (government and people’s
exposure)
o Qarmas
o Support links

3.2 State and non-state actions against cyber terrorism

o Historical Background
o Actions taken in the past by UN bodies.
o Qarmas
o Support links
4. References
 1. WELCOME LETTER

Delegates, it is an honor for us to serve you as your chairmen for this, the first edition of the Model
of United Nations of the Pepa Castro school in what will be an intense session of debate in the first
committee of the General Assembly for Disarmament and International Security. In the model
days, we will encourage you to seek further beyond your own worldview in order to accomplish a
profound solution not only limited to one exclusive position, but open to a wide variety of
conceptions of reality. Stay strong on the matter at hand, prioritize and most importantly,
understand that peace in the world is our ultimate goal. Enjoy!

Most sincerely,
Juan José and Samuel.

It’s a pleasure for us to welcome you into the committee at Pepa Castro´s first United Nations
simulation, PECMNUN. We remain anxious for the event and expect highly of you. Any question
you may have, feel free to contact us here:
Juan José Mejía
Gimnasio Campestre
the8thartmejo@gmail.com

Samuel Barrera
Colegio San Carlos
samuelbalo88@gmail.com
 2. INTRODUCTION TO THE COMMITTEE

The Disarmament and International Security Committee (DISEC) is the first committee of the
General Assembly of the U.N. The task of the committee is handling disarmament situations and
ensuring the international peace. It does this by looking for solutions to the difficulties or problems
that the international community faces (or may face) in terms of global security, within the
framework of the UN Charter. DISEC operates in collaboration with the United Nations
Disarmament Commission and the Geneva-based Conference on Disarmament. It manages issues
that may affect worldwide peace and attempts to forestall weapons proliferation. The nature of the
committee restrains its power to the generation of recommendations on what actions should be
taken by the UN, and the international community in certain situations that may affect peace. These
recommendations are given to organisms within the UN that have the authority to execute the
recommended measures.
The history of the DISEC committee dates to January 1952, when the General Assembly adopted
the resolution 502 (VI) which approved the creation of the UNDC (The United Nations
Disarmament Commission). Until the year 1959, the UNDC was under the power of the Security
Council, but during this year it became an independent commission. After this year, the committee
met infrequently, however, this changed in 1978 when the General Assembly, in its first special
session committed to disarmament, created the DISEC committee, which was created as a
subsidiary organ of the General Assembly, making it the first committee of the GA. As weaponry
issues and threats to global peace are problems that the international community presents
constantly, the DISEC committee has gained much importance inside the U.N, as its
recommendations are key to maintain the security of the world. The majority of DISEC’s funding
is derived from the United Nation’s organ, the General Assembly. The General Assembly’s
Administrative and Budgetary Committee allocates funds for political affairs, international justice
and law, cooperation for development, humanitarian affairs, support services, and capital expenses
that all contribute to the General Assembly’s work in the international community. The delegates
of the DISEC committee must be ready to present new solutions to the topics that will be discussed,
bearing in mind that the solutions proposed should help to ensure international peace, and preserve
security around the globe. Delegates should also keep the popular international political division
in the back of their minds. Outside of the Security Council, DISEC is a committee that typically
sees polarization between traditional rivals, like the United States and Russia, due to controversial
security matters brought to the floor. Because of this, blocs should make sense, in policy and
politics.

3. TOPICS

3.1 The role of technology in international security

Nowadays, the internet is the most influential form of technology, as it has accelerated the world’s
growth and the way that people communicate. These technology was first created in the 1960s in
the United States. With the creation of computer science laboratories, inside these nation it was
possible performing and sending messages into another computer; this new invention was named
as “ARPANET”. The cyberspace notably increased together with its users, which leaded to the
appearance of new information and data that is shared and stored in the cyberspace. So, the need
for governments, companies and criminal groups to monitor it was just a matter of time. It can be
said that since the creation of the internet different forms of monitoring have been implemented.
For example, when ARPANET was first created, there was already an interest of the the National
Security Agency (NSA) and other intelligence agencies of the United States to monitor this new
web. At that point in time, what history knows today is that the internet was still in development
and was not widely used. In 1978, an act known as “FISA” was passed in the US which made it
more difficult for agencies to monitor and surveill the information of people without a justification
or suspicion. Other countries also started to monitor certain parts of the cyberspace. From the year
2000 to the actuality, governments all around the world started to monitor a big portion of the
cyberspace. In the US, after the 9/11 incident occurred, a program of mass monitoring was
implemented, in which emails and messages send from certain operators could be obtained by the
government. In the same way, in the European Union from 2007 to 2014, the “Data retention
directive” forced to retain phone calls and messages and give them to the government if needed.
That later became invalid as it violated private life. In the actual time, most governments use
several mechanisms to control and monitor the cyberspace, some do it legally and some illegally.
Illegal monitoring has tried to seek the cyberspace since the very beginnings, from intercepting
emails and messages when the internet was first created to accessing important government
information stored in the cyberspace.
The term “monitoring of the cyberspace” refers to the capacity a government, group, person or
organization has of gathering and observing different types cybernatical activities performed solely
in digital platforms. This implies that the information within the device is impossible to acquire
through usual mediums or is unavailable to the general public. As it was mentioned before,
monitoring the cyberspace can be performed by a series of people, however, it is possible to divide
them into two categories, monitoring done legally or done illegally.
Legally: In some cases governments have bylaws and legislations that let them monitor
certain parts of the cyberspace in order to stop cybercrime, protect national security and
obtain any useful information for intelligence and federal agencies.
Illegally: There are cases in which governments obtain information illegally because they
don't have the regulations needed or they abstain to follow the restrictions and
specifications needed on the monitoring of the cyberspace.

Governments all around the world have the necessity to protect their own people and make sure
that laws and regulations are followed. As it is well known, the cyberspace connects millions of
people, and for this reason, all sorts of criminal activities are currently observable in the
cyberspace. As governments are in the necessity to protect their legislations and assure the well
being of their people, they need to monitor the cyberspace so they can track down people, groups,
or other States that are involved in illegal monitoring activities in order to take the necessary
actions to stop them. In today's world, lots of the information about a person, government,
institution, or organization is contained in the cyberspace. This information can have few
importance or it can be highly compromising for the integrity, the image, or the well being. For
this reason, monitoring the cyberspace can be used to directly affect someone or a group of people.
As compromising data is obtained through different forms of monitoring, it can be published or
uploaded into disclosure to a wide range of people which can potentially change public opinion
upon the person or institution. It is important to state that this reason is why the need for more
effective regulation for monitoring is needed, emphasizing the one done by governments in the
will of causing harm to other Nations by spying and damaging their image.
Privacy related laws and rights: Nearly all countries around the world have agreed upon the
importance of people's privacy. To ensure people's privacy is protected each country has a set of
laws and there are several international agreements such as the 12 article of the human rights that
also pursue this purpose. People's privacy can be deeply vulnerated because of governmental
monitoring of the cyberspace which puts their private life into full exposure for government
officials and intelligence agencies. In many occasions countries violate their own legislation and
agreements by deliberately monitoring the cyberspace.

CURRENT SITUATION REGARDING TREATIES:

European Union data retention directive: This agreement involving the European Union was
drafted in 2004 and was ceased in 2014. It stated that all telephone companies should keep record
of all telephone calls and messages for upto a year and that they should be up to the disposal of the
national government at any given time. After around 10 years of function in the EU, the directive
was abolished in april of 2014 by the European Court of justice, after a case brought by a Irish
digital rights group against the Irish authorities showed the law had certain inconsistencies with
the rights of privacy. This led the court to review this law again and then declaring it abolished,
stating it violated respect for private life and protection of data.
The International Covenant on Civil and Political Rights (article 17): The international
covenant on Civil and political rights was a treaty drafted in 1966 in the General Assembly, which
was signed and ratified by almost every country in the United Nations including Russia, United
States and the UK. Article number 17 stated: “No one shall be subjected to arbitrary or unlawful
interference with his privacy and everyone has the right to the protection of the law against such
interference or attacks”, it is possible to state that this agreement has not worked, taking into
account lots of countries still use unlawful methods of monitoring of cyberspace that jeopardize
privacy.
USA freedom act (2015): After many claims that the Patriot Act (important privacy law before
the freedom) was violating in several ways the privacy of american people, the freedom act was
created, it states that the NSA still has the capacity to monitor the cyberspace in search of national
security, protection and law enforcement, however, it puts certain restrictions to the government,
for example, if the NSA wants to access a phones data it has to go to a court named “FISA” with
some evidence of suspicion. Certain limitations that it has shown are long amounts of time before
the NSA is given permission which could lead the NSA to ignore the court in cases of urgency.
The law has partially worked as monitoring the cyberspace has led to some important information
and preventions taken for the american government, however, there are still many claims of
privacy violations and the number of valuable information compared to useless data is too low.

STUDY CASE (GOVERNMENT AND PEOPLE’S EXPOSURE):

The United States of America: Although high monitoring of the cyberspace from the United States
and companies within this territory has helped with the prevention of some illegal activities, and
has partially helped to protect national security, it has already been used negatively, violating in
this way the very important right of privacy. Public figures can also have their image deeply
affected when opposite governments or organizations expose compromising information. An
example of this violations happened in 2016 during the presidential elections, The Republican
National Committee hired an Internet research firm named Deep Root Analytics with the purpose
of helping Donald Trump to win. The firm obtained information of around 200 million Americans
in order to target political preferences of each person. Some of the data gathered included phone
numbers, race, what people liked and their family names, they were able to illegally obtain this
information through several algorithms including one of the world's largest social media platforms,
Facebook. Also, there were exposed several emails send by democrat party figures, which
ultimately affected Hillary Clinton's campaign to presidency. It is unclear if the information was
gathered by the Russian government, but the fact that it was done illegally is certain. After this
kind of events, people in the United States and all around the world are concerned about the effects
that a total monitoring of the cyberspace from governments and companies could assemble on their
rights and their privacy.

QARMAS

● Has your nation perpetuated or been victim of an illegal monitoring?

● Is there any organism inside your country in charge of viewing over monitoring doings?
● Has your nation…(treaties regarding espionage)
● How should countries act in order to ensure that States don’t use cyberspace as a tool for
affecting foreign countries’ private politics?
● How should the International Community act over a presumptive act of illegal monitoring?
● How is the International Community going to penalize Nations that use monitoring of the
cyberspace for illegal purposes?
● Does the committee ought to think over the creation of a new treaty in order to determine
which are the parameters of monitoring use?
● How could a new treaty lead to assure the maintenance of the correct use of monitoring?

SUPPORT LINKS
➢ The Consequences of Cyber Attacks (Interview with Toomas Hendrik Ilves JUN
23, 2017) https://jia.sipa.columbia.edu/consequences-cyber-attacks

➢ Jensen, Eric Talbot. "Cyber warfare and precautions against the effects of
attacks." https://papers.ssrn.com/sol3/papers.cfm?abstract_id=1661218

➢ Cyberwarfare quick explanation

https://www.techopedia.com/definition/13600/cyberwarfare

➢ Cyberwarfare detailed explanation https://www.itpro.co.uk/security/28170/what-

is-cyber-warfare

➢ Espionage in International Law (Analisis from Oxford Bibliographies)

http://www.oxfordbibliographies.com/view/document/obo-9780199796953/obo-
9780199796953-0173.xml#obo-9780199796953-0173-bibItem-0004

➢ General Assembly resolutions on the questions relating to information

http://un.org/en/ga/coi/documents/garesolutions.shtml
 ➢ Question on legality of espionage carried out through Diplomatic Missions
https://iapss.org/2015/02/16/question-on-legality-of-espionage-carried-out-
through-diplomatic-missions/

➢ Vienna Convention on Diplomatic Relations, 1961

http://legal.un.org/ilc/texts/instruments/english/conventions/9_1_1961.pdf
➢ Vienna Convention on Consular Relations, 1963
http://legal.un.org/ilc/texts/instruments/english/conventions/9_2_1963.pdf

References
● International Covenant on Civil and Political Rights (Retrieved from
https://www.ohchr.org/en/professionalinterest/pages/ccpr.aspx )

● Ophardt JA. Cyber warfare and the crime of aggression: The need for individual
accountability on tomorrow's battlefield. Duke L. & Tech. Rev.. 2010: NATO.
(2019). Available at: https://scholarship.law.duke.edu/dltr/vol9/iss1/2

● Cyber defence. Retrieved from

https://www.nato.int/cps/en/natohq/topics_78170.htm

● Defence Cyber Command. (2019). Retrieved from

https://english.defensie.nl/topics/cyber-security/cyber-command

● Nicholson, A., Webber, S., Dyer, S., Patel, T., & Janicke, H. (2012). SCADA
security in the light of Cyber-Warfare. Computers & Security (2019) Available
at: https://scinapse.io/papers/2094741359

3.2 State and non-state actions against cyber terrorism

Historically, warfare has always been targeted in one main objective, physically occupying territory.
This threat of occupation or the possibility to do so has motivated several nations to create a large
array of military tools to achieve superiority in respect to those that pose a threat to their existence.
However, since the last decades, this mentality of warfare has evolved, to the point that nowadays
there is no need to involve in physical contact in order to fight a battle. This is what some experts
call the cyber defense era of warfare, where the real battlefield is the World Wide Web. It all began
when cyberspace was labelled by the United States government as a top priority for National
Security. With this act, cyberspace became the fifth domain of war, equally important as war in land,
sea, air and space are.
Cyberspace became a coined term to group the virtual world, composed by links between computers,
and all the devices that could connect to what is now known as the internet. This term, that was
actually first used by science fiction author William Gibson in the year 1982, was used to describe
cyberspace as the creation of a computer network in a world filled with artificially intelligent beings
(“Cyberspace”. 2019)
Initially, people wanted cyberspace to be a place without laws, and free from any governmental
regulation, documents as “A Declaration of the Independence of Cyberspace” got to be widely
accepted, specially, because people noted that contrary to the physical world, in the internet they
could hide their identity and their physical location, and nobody could really get to know you unless
you permitted it. However, the potential of computing and of the World Wide Web was very well
known to governments, and therefore, attempts of regulation, agreements, and restrictions have been
carefully placed in the internet, so what actually started as a free world with no restraints later became
as another dimension where governments could still exercise control over the individuals.
With technological advances, the infrastructure of cyberspace began to grow, until the point that now
this environment is fundamental to the functioning of national and international security systems,
trade networks, emergency services, basic communications, and other public and private activities
(“Cyberspace”. 2019). Yet, the real concern started when nations noticed that the reliability of
humans in technology could be exploited to cause harm without needing to directly be involved in
an armed conflict. Nations noticed that there could be potential threats to their stability and to their
citizens with an open cyberspace, and that was when the governments gave birth to the term cyber
warfare.
The idea of conducting war through computers and the networks the connect them was a result of
the dependence that Western nations have now on computers for the everyday function of their
societies, but also, on the fact that developing countries are currently developing technologies that
are making them reliant on the correct functioning of the cyberspace.
The threat of cyberwarfare and its effects are of important concern to governments, because nations
haven’t yet engaged in a direct “digital crossfire”, but cyber-attacks that have already occurred have
given nations a bigger picture of what could happen if a real war engages online. Considering the
lack of international regulation and of mechanisms to ensure cybersecurity it is of uttermost
importance that the DISEC committee takes an approach to cyberwarfare, and moreover, to
determine if effectively there must be an international regulation on computers to ensure that world
peace and stability prevail.
Even though computing and the internet date to the 90s, it is important to note that there were specific
geopolitical events that catapulted the world from an era of physical dangers to a mix of both physical
and digital perils. Before deepening in these events, it is important to understand how does the
cyberspace work, in order for the committee to establish pertinent solutions to what could be one of
the worst crisis that humanity has ever faced.
Cyberspace is composed of three layers:
The physical: The layer that includes all the hardware, which are all the physical components of the
computers, and also includes the satellites, the servers, and all other parts that are necessary for
humans to enter to the cyberspace
The syntactic: It is the layer where all the software is placed, including the instructions for the
equipment, and all the collections of data that indicate the computers or the devices how to work.
The semantic: The human interaction with the information, and what is denominated the cyber-
cognitive nexus.
It is important to note that controlling one of these three layers doesn’t ensure the control of the
others, and that for example, controlling the semantic layer doesn’t means that the physical layer is
being controlled. Crimes in the cyberspace, also known as cybercrime, are achieved through the
semantic layer, because it is through the connection of humans into the cyberspace that criminal acts
can take place. Yet, all the three layers can be attacked, because for example, the physical
infrastructure (computers) can be destroyed with conventional weaponry, as well, the networks can
be interfered through the human personnel that interacts with them, so contact is possible at different
ways, but at the three levels. To narrow down the topic, this committee shall only focus on the ways
to ensure that the syntactic layer is kept safe, because it is the one prone to cyber-attacks, but also
take considerations on what happens in the other two, the individual actions and the hardware.
There are several ways to interfere, destroy, corrupt, damage, or monitor the software of computing
systems, malware, which is malicious software, is the most common of all. Examples of these are
wide known, viruses, trojans, worms, and spyware are some of the most known forms to insert
corrupted code into existing software, or to cause a computer to malfunction and to perform tasks
that are not intended by its operator. Other cyberweapons include distributed denial-of-service, or
DDoS, attacks, in which attackers, using malware, hijack a large number of computers to create
so-called botnets, groups of “zombie” computers that then attack other targeted computers,
preventing their proper function (“Cyberspace”. 2019). However, all these technical aspects are
not what is fundamental, but rather, the way in which these technologies are used, and therefore,
it is important to look at what has happened, and how the misuses of these technologies have made
them an important topic of discussion because of the risk they pose to the majority of corporations,
states, but most importantly, individuals and their fundamental rights.
a. Historical Background
Cybersecurity concerns, and the consideration of regulating certain technologies is as old as the
creation of computing and the internet. In 1998, humanity witnessed the first cyber attack ever,
Chinese hackers accessed to Indonesian government sites and used this to get funds in exchange
of leaving the sites. Thousands of attempts to access to digital networks belonging to corporate
and public institutions, defense ministries and militaries have been reported since 1999. However,
there are three cases that could be analyzed that can explain why is it a matter of the DISEC
committee to debate whether computers could be considered as potential weapons or not, including
which actions could be taken to ensure that cyberwarfare doesn’t escalate into tensions, and that
cybersecurity can be preserved.
1. Estonia and NATO Hack of April 2007
The Estonian government had decided to move a Soviet memorial because it was considered
offensive to some sectors of society. In response to this, hackers started to interfere in the websites
of the government of Estonia by denying services to the populations. Sites took users to images of
Soviet soldiers, and the Estonian government could not effectively respond to this attack, giving it
a duration of about a month. Banks and newspapers got also affected. Estonia is what is called an
e-government, that allows its citizens to vote digitally, and that relies heavily on technology to
provide its citizens with essential services, so affecting websites actually made the State to get near
to a collapse point, because people couldn’t access to indispensable services. The Estonian
government said that this attack was the same as if a conventional military force had closed down
Estonia’s ports and referred to the episode as ‘cyber-war’ (O’Connell. 2017). It was the first time
where cyberwarfare was actually compared to a physical attack, and moreover, it instigated
NATO’s response, not under article five of collective defense of the Washington Treaty, but it
established an internet defense center in Estonia named the Cooperative Cyber Defense Center of
Excellence (CCDCOE). Also, after this attack, several nations, including Estonia, created
programs dedicated to research for ways to end with interference of the cyberspace by external
threats. It is widely believed that this attack was perpetrated with help from the Russian
government.
1. Georgia-Russia Hack of 2008
The first time that internet played a key role in the development of a conflict occurred in the year
2008 in the Georgian enclave of South Ossetia. Georgia prompted the conflict when the
government attacked Russian troops that made part of a peacekeeping unit that was established in
South Ossetia in accordance with a bilateral Treaty established by Russia and Georgia in 1991. In
August 7, 20018, Georgia did a military attack, in which it killed more than twelve Russian
soldiers. The response that Russia gave was to take the conflict to the capital of Georgia. Georgia
reported that Russia had developed distributed denial of service attacks (DDoS), in which several
websites of Georgia, including governmental pages and commercial sites got blocked. The attack
lasted around a month, while the armed attacks lasted less than a week.
1. Stuxnet 2009-2010
A computer worm, (a malware that is able to reproduce itself and spread into other devices) named
Stuxnet, infected computers owned by German enterprise Siemens that were being used in the
Nuclear Program that Iran was developing. The worm is thought to be developed by the National
Security Agency of the US, with the help of the State of Israel in conjunct with scientists
specialized in Siemens computing. The consequence of the dispersion of the worm in Iran was that
it caused centrifuges, a key component in nuclear machinery, to spin quicker than they should
have, making the program to malfunction, and actually causing physical damage to the
installations. However, contrary to what it was expected, Stuxnet did not only affect the nuclear
program of Iran, but also computational devices in India, Indonesia and Russia. Recent statistics
have revealed that actually 40% of the computers affected by Stuxnet were outside Iran and had
nothing to do in the Iranian Nuclear Program. In the other hand, Stuxnet is also transcendental
because it was the first worm created to affect physical infrastructure such as power plants,
water systems and industries. The resources needed for the creation of such a complex worm
certainly require the involvement of a State. Stuxnet opened a new phase in conflicts and in
technologies used to sabotage nations, because it showed that a cyberattack could cause just as
enough, or even more damage than a physical attack. Modern day attacks use similar techniques
as the ones used in Stuxnet, and it is said that it showed the hacking community what were the
capabilities of cyberspace.
a. State of the art

Figure above: Denotes some of the most recent cyberattacks that have occurred globally. Obtained
from: https://www.globalsign.com/en/blog/industrial-internet-of-things-cyber-attacks-
infographic/

In recent years, cyberwarfare has played a key role in armed conflicts around the world, from the
conflict between Israel and Hezbollah in Lebanon in 2006 to the WannaCry attack perpetrated by
the North Korean government in 2017. Nowadays cyberwar is not only a feature or a medium of
expression for conflicts, but it will also be one of the opening phases of them.
The most concerning problem that the international community is currently facing are the
implications on the openness for cyberwarfare. In most countries around the world, computers and
software are available and accessible to everyone. This implies, that with the proper software,
civilians could be able to participate in cyberattacks against state agencies, individual targets, or
even nongovernmental organizations as the UN itself. Also, until today, there is no legal status of
those civilians that wish to cooperate using their computers. Under the Geneva Conventions, there
is no clarity of what the legal role of these persons is.
Even if cyberattacking techniques have been constantly improving, cyberdefense structure has
evolved in an equally fast pace. The development of firewalls to filter network traffic, data end to
end encryption, tools of detection for intruder or suspicious entries, and improving the physical
security of the structures where computers are held have been fundamental to ensure that these
attacks don’t occur so easily.
Nations around the globe have established special commands to ensure that their systems are kept

safe from this kind of threats. For example, the Unites States has established the 24 th Air Force,

which is in charge of protecting Air Force networks from cyberattacks, the US Navy has also
formed the Fleet Cyber Command, and mainly, has established the US Cyber Command, which is
in charge of engaging all US military cyberoperations, and of ensuring that the United States is
safe and protected from any type of cyberthreat. However, the real purpose of this agency is not
clear at all, some also say it is an organization aimed at developing tools that could be used for
cyberwarfare, and to secretly spy on individuals globally. It is important to note that the rights of
privacy of people could be violated if the United States is doing this. However, the US has not
been the only nation with plans of developing Cyber programs, the United Kingdom, for instance,
has created a Cyber Security Operations Centre (CSOC), and France set up its Network and
Information Security Agency in the year 2009. China and Russia also have agencies dedicated to
this task, and also have units to respond if their nations security or sovereignty can be imperiled
by an online attack.
Recent attacks done using cyberweapons have had common targets: Critical Infrastructure. Critical
infrastructure are all the services or entities that are necessary for the correct working of States, as
for example are the electrical grid, financial system, the hospital databases, transportation,
telecommunication, and water supplies. All of the previously mentioned have been common
targets of cyberattacks. These sites normally lack technologies that can protect them from
cyberattacks which makes them an easy target for those committing these wrongful acts.
As in several countries critical infrastructure is privately owned, especially in developed countries
it is harder to enforce laws or to apply measures to ensure that these essential services don’t get
attacked. Experts agree that without insight into the government's cyberdefense strategy, the
private sector is not able to be proactive and take the proper precautions (Wheeler, T., Stavridis,
G., Weinstein, H., & Groll, K. 2018). Here below are some cases of study the committee could
consider discussing.
North Korea
It is wide known that North Korea has one of the most restricted countries in terms of internet
freedom, especially because it has a national intranet called Kwangmyon which is completely
controlled by the North Korean regime. Since 2011, the DPRK’s government has increased its
cyber operations capabilities and has developed its digital offensive capabilities. There have been
several recent cases that link North Korea with cybertheft, website vandalism, including several
attacks to the banking sector globally, with reported attempts of North Korean hackers trying to
steal monetary resources digitally from Polish banks and from the World Bank. The Bureau 121
is the main hub for North Korean illegal operations, with having around 3000 to 6000 (estimates).
The government targets talented students at schools and then they are trained in local university,
and even in Russia and China. It is wide known that a large amount of North Korean hackers live
in other countries, in order to take advantage of the digital advances of other nations.
Wide known cases of North Korean misuse of computers are for example the hacking of Sony
Pictures Entertainment in 2014, because they were trying to publish a movie that “offended” a
public figure of the regime, and the WannaCry cyberattack, which happened on May 2017, in
which organizations globally reported ransomware infections that were affecting their computers
and servers. For instance, several of the databases of the public hospitals in London stopped
working, because they had unpatched versions of Windows XP, which apparently was vulnerable
to a security breach called EternalBlue, which was detected and stolen from the National Security
Agency of the US. Through phishing attacks, North Korean hackers were able to disperse an
infection that affected around 300,000 computers. IP addresses in China that are publicly known
to be used by the Bureau 121 were the ones that evidently were used for launching the WannaCry
cyberattack according to US reports. Also, North Korea apparently stole $81million dollars from
a bank in Bangladesh and also have used malware known as DarkSeoul to evade South Korean
cybersecurity. North Korea is considered a threat to international cybersecurity because it is
suspected that the regime has developed capability to carry large-scale attacks on critical
infrastructure.
United States
Since the year 2010, the United States has increased its cyber capabilities greatly, by establishing
the Cyber Command, which is not only in charge of protecting the US and its allies from
cyberthreats, but also of ensuring that the US can respond with another cyberattack if one is done
to it. Some argue that the Cyber Command is used as a deterrent to ensure that others do not try to
attack the US. In the year 2014, the United States faced a major cyberattack from North Korea,
that was attacking Sony, which costed the Japanese company more than $100 million dollars.
Experts have also concluded that the U.S health care system is at a very high-risk form cyberattacks
because of the updated firmware under which the majority of computers run. President Obama
addressed the cybersecurity question with another approach of strengthening the reconnaissance
of where these threats come from, and published the executive order Taking Additional Steps to
Address the National Emergency with Respect to Significant Malicious Cyber-Enabled Activities.
However, under the Trump administration, cybersecurity has been a minor issue, Trump has
prompted the privatization of security at US public services making them less secure in some cases
because no standard protocol defines which techniques should companies use to ensure the correct
protection of critical infrastructure.

It is also fundamental to recognize that the US law which talks about cyberattacks is the 1986
Computer Fraud and Abuse act, which cybersecurity experts consider poor drafted and arbitrarily
enforced. Lastly, it is important for the committee to consider the developments that the United
States is carrying out currently, the US has plans of using quantum computing, computers that use
quantum-mechanical phenomena, making them extremely fast and powerful computers for
military warfare. The development of Artificial Intelligence, extremely secure encryption and
navigation without GPS signals are some of the plans the US has with this technology. There is
currently a competition with China to see which nation develops faster quantum computing for
cyberwarfare purposes. This committee should also consider the findings that WikiLeaks (Vault
7) made about the CIA and its cyberwarfare plans in 2017, in which allegedly, the US has already
the ability to compromise Smart TV’s, cars, and the operating systems of most smartphones and
computers for cyberespionage and cyberwarfare.

Russia
In recent years Russia has developed very complete policies to protect itself from external
cyberthreats, through internet regulation and governmental supervision, both methods which have
been several times questioned by human rights organizations. In Russia the Federal Security
Service (FSB) and the Ministry of Defense are the agencies dedicated for cyberwarfare. Currently,
The Russian parliament, with the help of the government, are working in a project to create an
internal internet exclusive to Russia, this means, try to disconnect from the world, but still running
a local internet. This law, known as the Sovereign Internet Law, is very polemic, especially because
the public fears that this will be another tool used by the Russian government to censor the internet
access and restrain it to the pages desired by the government. Russia plans to create their own DNS
roots, with this, Russia could have control of all the internet within its borders and therefore, block
itself of any external cyberthreats. The Duma just approved the law, and it is waiting the approval
of Putin and the upper chamber, but it will probably pass, especially because it is seen as a national
security issue and as a must, to ensure that Russia can make counterefforts to the "aggressive US
strategy on national cybersecurity". The Russian opposition is deeply concerned because it sees
this as one further step to restrict democracy as freedom press and free speech.
It is also important to note that the Russian government has been linked to several hacking groups.
Sandworm, the most known group to be used and aided by the Russian government, has already
spied on NATO activities, on governmental agencies of Poland and Ukraine, on the Organization
for the Prohibition of Chemical Weapons and in several industries around the world. Named
Sandworm because of excerpts of Frank Hebert’s Dune in their coding. Sandworm is one of the
most powerful hacking groups around the world, being able to execute attacks in versions of
Windows Vista until Windows 10, even if they are up to date. Their methodology is very simple,
they detect security holes in the software, and they insert malware through them. They are experts
at managing Trojans and of creating “zombie” computers. The greatest concern is that this group,
allegedly with the help of the Russian government, is trying to target European governments to get
involved in the election process that will take place on May. Sandworm is using spear phishing
(Sending emails that look real but are fake to obtain info) to obtain information from the
governments. Governments belonging to NATO are preoccupied because they think Russia is
trying to meddle in their parliamentary elections.
China
The development of cybersecurity is China and has a will of also providing China with offensive
capabilities. During Obama’s administration, Chinese military personnel belonging to the Ministry
of defense was indicted of committing industrial cyberespionage on American enterprises.
Germany, the United Kingdom and Germany have also reported that they could have been victims
of cyberespionage from Chinese entities. In the international community, China has been an
advocate of maintaining state sovereignty and that internal law of each state should be used to
control cyber activity, not international law. APT 10, is a hacking group, which supposedly works
in behalf of the Chinese Ministry of Defense to use specialized computers to steal intellectual
property and data from governments. It is very undercover, and it normally does not leave traces
behind. Hypocritic as it may sound, China wants to create norms to ensure that a Nation can be
held accountable of attacking another’s critical infrastructure and also wishes to forbid
cyberespionage.
European Union
Currently, cybersecurity measures in the EU are fragmented, due to differences in priorities and in
the military capacity of the member states. Currently, the EU has been target of several
cyberattacks because of its permissive internet laws. The European Union is currently debated if
responses to cybersecurity should be mandatory but there are too many fragmented divisions,
especially because some nations are looking forward for regulating the internet and the access to
specialized technologies as microchips, while others think that these measures will only vulnerate
human rights and limit technological progress. However, the discussion of these topics has been
postponed, and the Members of the European Parliament recently approved the The Cybersecurity
Act in which the European Union Agency for Cybersecurity obtained a permanent mandate, and
where the EU compromises to give software’s a cybersecurity certification to ensure that
costumers feel safe, and with the objective of reducing the possibility of the technology sold in the
EU from being prone to cyberattacks.
a. Actions taken in the past by UN bodies.
The actions taken by the United Nations to address this rising threat to international security have
been precarious, even though The Russian Federation was the first country that raised the concern
about the role that the United Nations should play in guarantying cybersecurity through the UN
General Assembly Resolution A/RES/53/70 (Click in the resolution).
Possibly, the most important action taken by the International Community regarding the
cybersecurity issue was The Budapest Convention on Cybercrime that was promoted in the year
2001 by the Council of Europe. The Council of Europe is an International Organization, bigger in
composition than the European Union, and which the clear objective of preserving the rule of law,
protecting human rights and democracy. The Convention on Cybercrime is the only binding treaty
currently in force that actually embraces some of the challenges that the cyberspace represents.
The convention talks about the misuse of devices, a key topic that must be discussed in this
committee, because some technologies with an original good intent can be modified to promote
crime and illegality. System interference, data interference, computer related fraud, mutual
assistance & cooperation, and sanctions are some of the topics this treaty approaches to create a
policy alignment between the European Nations, which has helped to construct a clear mechanism
of response that state parties should follow in case they are affected by a cyber-attack. The
Convention text is available here. However, things are not as good as they sound. Researchers
have noted that current cybersecurity approaches in the EU have been very different, which has
created gaps in operational capabilities as well as strategic priorities of Member States regarding
cybersecurity. Whether the EU response to cybersecurity should adopt a formal and mandatory
character is also debated. Currently, the European Union does not have a legally binding document
that forces nations actions to take preventive actions, making European countries very vulnerable
to cyberthreats.
International Court of Justice
In the Militarv and Paramilitary Activities in und against Nicaragua (Nicaragua v. United States
of America). Judgment of the International Court of Justice, the ICJ clarified that State must be
proven of having “effective control of the military or paramilitary operations in the course of
which the alleged violations were committed” What this means for the case being studied in the
committee is that a Nation cannot be linked to the development of cyberattacks if it is not proven
that it had an “effective control” over the groups and the technologies that did the attacks.
Decisions made by the International Court of Justice have set a precedent in which simply
financing or providing the tools to a group to commit a an attack, wouldn’t be enough proofs to
determine that a State had “effective control” over the groups that made the attack, which would
mean that the result of taking to trial a country that has endorsed cyberattacks would probably that
the nation wouldn’t be found guilty because the lack of evidence showing effective control.

According to previous decisions of the court, it would happen what occurred in (Nicaragua v.
United States of America): The Court will not consider that the assistance given by nations to an
illegal group warrants the conclusion that these forces are subject to the State to such an extent
that any acts they have committed are imputable to that State. What this implies, is that the ICJ
will probably not be an useful tool to solve disputes over cyberattacks even if the State has
supported the group, because a State cannot be found guilty by the actions of others, regardless if
these were financed or aided by the state, unless that the State had “effective control”, which is
hard to prove as the dispute of the USA v. Nicaragua showed.
UN Group of Governmental Experts (GGE) in the Field of Information and
Telecommunications in the Context of International Security
The United Nations GGE is a working group that was established by the General Assembly in the
year 2004 to deepen the reach of the united Nations and of the International Law in the global
cybersecurity Policies. This group has had 2 major breakthroughs, it determined that international
law does apply to the digital space and therefore to the cyberattacks, and it has established that:
States should not conduct or support cyberoperations that damage or impair critical
infrastructure or harm information systems used by another state’s computer emergency
response teams; and that States should respond to requests for assistance by other states
whose critical infrastructure experiences malicious cyberacts (Fidler, David. 2017)
Some of the questions this working unit has faced is how to apply state responsibility in digital
issues, if a cyber-attack can be considered an use of force or an armed attack, if whether is a need
to create new norms international law or just apply current ones, and what the responsibility of
states should be with regards to acts of non-state actors against the cyber infrastructure of other
states (“United Nations GGE”. 2019).
It is also important to note that the GGE falls under the authority of the DISEC committee, so the
actions taken by the delegations can have implications on the mandate of this working group. The
GGE works as well with the UN Office for Disarmament affairs, and with the UN Institute for
Disarmament Research (UNIDIR).
Currently, this is the sixth GGE in force, and its mandate was approved from 2019 until 2021
through the GA resolution A/C.1/73/L.37. Previous GGE’s in the field of communications have
been established through resolutions A/RES58/32 (2004-2005), A/RES/60/45 (2009-2010),
A/RES/66.24 (2012-2013), A /RES/68/243 (2014-2015), and A/RES.70237 (2016-2017).
Nations as the Unites States have endorsed the labor of the Group of Governmental Experts and
have promoted it, while Russia and China have recently both stood against them, as they consider
that each nation should be held accountable and that instead of using current International Law, a
New Treaty regulating cyberspace should be done in order to prevent cyber-attacks.
General Assembly Resolutions That the Committee Should have in Mind:
■ Resolution A/68/98 (2013): It is the first UN Resolution that recognizes that the UN
Charter and the International law can be applied to acts that governments do or sponsor in
 the cyberspace. It also acknowledges the fact that the sovereignty of a Nation can be
vulnerated by cyberattacks, and that States have obligations to wrongful acts committed in
the cyberspace. The report also includes a set of voluntary measures, that are not legally
binding that might help to improve cybersecurity specially in developing countries. The
resolution also calls for the need of cooperation between states to face cybersecurity threats
and provides some guidelines to do so.
■ Resolution A/70/174 (2015): Recognizes that States cannot, under their consent, allow their
territories to be used for making cyberattacks. This resolution also contemplated a proposal
made by Russia and China of establishing an International Code of Conduct for
Information Security, however, this proposition was just left in this state, nor discarded nor
approved.
■ Resolution A/73/27 (2018): Establishes that to attribute a State of committing a
cyberattack, substantial proofs must be gathered. It also recalls that States are forbidden of
using proxies to commit cyberattacks. The resolution also emphasizes on the obligations
of the Nations of protecting the human rights of the people on the Internet bearing in mind
Human Rights Council resolutions 20/8 of 5 July 2012 and 26/13 of 26 June 2014.
International Law
Under international law, States are allowed to take countermeasures for breaches to international
law that can be attributable to a government, as it is in the case of some cyberattacks.
Countermeasures are acts by an injured state against another state that would ordinarily be
unlawful but are legally justified as responses to the offending state’s unlawful activity (“Can state
cyber-attacks be justified under international law?”, 2018). The objective of this countermeasures
is not to punish, but rather to make States stop the wrongful acts. Proportionality is a fundamental
principle for exercising this right, and the use of force is not considered as a mechanism of
countermeasure. The ICJ in the Gabčíkovo- Nagymaros case determined four elements on a lawful
countermeasure that could be applied in this case:
In the first place it must be taken in response to a previous international wrongful act of another
state and must be directed against that state. Second, the injured state must have called upon the
state committing the wrongful act to discontinue its wrongful conduct or to make reparation for it.
Third, the effects of a countermeasure must be commensurate with the injury suffered, taking
account of the rights in question. And last, its purpose must be to induce the wrongdoing state to
 comply with its obligations under international law, and the measure must therefore be reversible
(O’Connell, 2017).
UN Charter
Article 2(4) of the UN Charter stipulates that all Members shall refrain in their international relations
from the threat or use of force against the territorial integrity or political independence of any state, or in
any other manner inconsistent with the Purposes of the United Nations.
Experts agree that Article 51 of the UN Charter will not apply in the case of an attack made using
computational technology, as an armed attack refers to any kind of physical damage. As
cyberattacks do not make tangible damages, applying article 51, or restraining the states response
to it in the case of cyberattacks is inappropriate. Considering that it is not the faculty to determine
if Article 51 can be used or not, the committee shall focus in locking for other approaches as the
creation of a treaty, a protocol, or a resolution that can determine what is the correct response that
States should give to cyberattacks, and what measures could be taken to prevent them. If cyber-
attacks imperil a state’s security but do not account to an armed attack as Article 51 if the UN
charter stipulates, a state could ask the UN Security Council to intervene. The Council has
established sanctions in an array of situations for years. Its faculties would allow the UNSC to be
one of the few mechanisms to find Nations accountable of committing cyberattacks.

Proposals of Creating of a Treaty

Russia, with the support of China has been in recent years promoting the necessity of creating a
treaty that regulates cyberspace. Russia’s propositioned accord would forbid a country from
secretly inserting malicious codes or circuitry that could be later activated from afar in the event
of war. However, western support of this proposal has been few, nations believe that imposing a
treaty would only make the internet a more regulated environment and not necessarily a safer one.
Experts believe that the US does not agree with the creation of a treaty because of plans of the
Department of Defense to use the Internet for offensive purposes. The US denies this claim, but
the reluctance of the Trump administration has put in doubt if really the cyberspace command only
has a defensive objective. NGO’s as the Cyber Peace Foundation, an Indian based civil society
organization have also proposed the formulation of a document similar to the Geneva Conventions
for the lawful use of the Internet, but it doesn’t agree with the Chinese and Russian idea because
of the extremely restrictive policies that both countries have in regards to the freedom of expression
and regulation in the Internet. As a think tank for proposals of cybersecurity, the Cyber Peace
Foundation has explained the need for an International Framework to harmonize legal responses
of countries, as well as to ensure that governments do not restrain freedom of speech or other
internet rights using the excuse of the need to protect themselves from cyberattacks.

QARMAS
1. Has your nation instigated or been victim of a cyberattack?
2. How should countries act in order to ensure that non-state actors don’t use computers as a
weapon?
3. How should the United Nations proceed in the case where a nation’s sovereignty is at risk
by a cyber-attack?
4. Is a cyber-attack equitable to an armed attack?
5. Is there a special program dedicated to attend cyberthreats in your country?
6. May a state respond to cyber-attacks with military force or another cyber-attack?
7. Must cyber-attacks comply with rules of distinction, proportionality, etc.?
8. Should a ban or restriction of computers to countries such as to North Korea be an option
to ensure that this group stops its governmental hacking programs?
9. Should the international community consider the creation of a treaty determining which
are the parameters of lawful and unlawful internet and computer use?
10. Should this committee advocate in the banning of specific technologies that pose a threat
to international security?
11. What measures could a cyber space disarmament treaty take to ensure the correct use of
technology?
12. What mechanisms could be used, alternate to Article 51 of the UN Charter to punish nations
that use computers for wrongful purposes?
13. What policies has your nation taken to protect itself from cyberwarfare?
Interesting additional information
Delegates, we think the panorama that has been offered in this guide about the two topics is very
complete, but if you want to deepen your knowledge, or get to an in-depth analysis of the situation
that will be discussed, please feel free to consult all these links:
● About Vault 7 and the US: https://wikileaks.org/ciav7p1/
● Assessment of Cybersecurity in the European Union (Read Chapter 4) and Assessment of
Cybersecurity in the US (Read Chapter 5)
https://www.rand.org/pubs/research_reports/RR1354.html
● Cyber Peace foundation and its work: https://citizenlab.ca/cybernorms2012/cyber-peace-
itu.pdf
● Cyberspace and accountability:
https://www.rand.org/multimedia/video/2019/01/14/accountability-in-cyberspace-the-
problem-of-attribution.html
● http://theconversation.com/why-international-law-is-failing-to-keep-pace-with-
technology-in-preventing-cyber-attacks-111998
● https://www.atlanticcouncil.org/blogs/new-atlanticist/it-s-time-for-a-cyber-geneva-
convention
● More about the Treaties on Cyberspace:
http://guides.ll.georgetown.edu/c.php?g=363530&p=4821478
● Quantum Computing Explained https://www.youtube.com/watch?v=QuR969uMICM
● To understand how North Korean hacking works: https://youtu.be/UsoQTKXt_Wk
(English) https://youtu.be/0zYdljUHo0A (Spanish)
● To understand more on Sandworm: https://youtu.be/k3mxMgkiyj8
https://mobile.reuters.com/article/amp/idUSL8N1WP37F
https://www.wired.com/story/russian-hacking-teams-infrastructure/amp
○
4. References
1. Can state cyber attacks be justified under international law?. (2018). Retrieved from
https://www.weforum.org/agenda/2018/04/can-offensive-cyber-attacks-be-justified-under-
international-law/
2. Carlini, J., Molleda, J., Cowell-Meyers, K., Gallaher, C., Hallinan, C., & Kampmark, B. et al.
(2017). Geneva Convention in Cyberwarfare? Don't Count on It. Retrieved from
https://intpolicydigest.org/2017/08/06/geneva-convention-cyberwarfare-don-t-count/
3. Chanlett-Avery, E., Rosen, L. W., Rollins, J. W., & Theohary, C. A. (2017). North Korean Cyber
Capabilities: In Brief. Congressional Research Service, 3-4.
4. Countries arming for cyberwarfare. (2009, November 18). CPI Financial. Retrieved from
https://link.galegroup.com/apps/doc/A212253500/GPS?u=campestre&sid=GPS&xid=2e4f9659
5. Cyberspace. (2019). In Encyclopædia Britannica. Retrieved
from https://school.eb.com/levels/high/article/cyberspace/600888
6. Erwin, S. (2019). Pentagon sees quantum computing as key weapon for war in space -
SpaceNews.com. Retrieved from https://spacenews.com/pentagon-sees-quantum-computing-as-
key-weapon-for-war-in-space/
7. Fidler, David P., "The U.S. Election Hacks, Cybersecurity, and International Law" (2017). Articles
by Maurer Faculty. 2607. http://www.repository.law.indiana.edu/facpub/2607
8. GabCikovo-Nagymaros Project (HungarylSlovakia), Judgment, 1.C.J. Reports 1997, p. 7
9. Jee, C. (2019). Russia wants to cut itself off from the global internet. Here’s what that really means.
Retrieved from https://www.technologyreview.com/s/613138/russia-wants-to-cut-itself-off-from-
the-global-internet-heres-what-that-really-means/
10. Militarv and Puramilitary Activities in und aguinst Nicaragua (Nicaragua v. United States of
America). Merits, Judgment. I.C.J. Reports 1986, p. 14.
11. O'Connell, M. (2012). Cyber Security and International Law. Retrieved from
https://www.chathamhouse.org/publications/papers/view/184529
12. Payne, C., & Finlay, L. (2019). Why international law is failing to keep pace with technology in
preventing cyber attacks. Retrieved from https://theconversation.com/why-international-law-is-
failing-to-keep-pace-with-technology-in-preventing-cyber-attacks-111998
13. Rose, G. (2018, September-October). WORLD WAR WEB. Foreign Affairs, 97(5). Retrieved from
https://link.galegroup.com/apps/doc/A554041530/GPS?u=campestre&sid=GPS&xid=7a7fd3a7
14. Waxman, M. (n.d). Cybersecurity & International Law. Presentation, Columbia Law School, New
York, NY, USA.
15. Wheeler, T. (2018, September). IN CYBERWAR THERE ARE NO RULES: WHY THE WORLD
DESPERATELY NEEDS DIGITAL GENEVA CONVENTIONS. Foreign Policy, (230), 34+.
Retrieved from
https://link.galegroup.com/apps/doc/A556838649/GPS?u=campestre&sid=GPS&xid=f905070d
16. Wheeler, T., Stavridis, G., Weinstein, H., & Groll, K. (2018). In Cyberwar, There are No Rules.
Retrieved from https://foreignpolicy.com/2018/09/12/in-cyberwar-there-are-no-rules-
cybersecurity-war-defense/