Letter from Secretary General
Hello again, I am Sreekar Reddy, a fourth year mechanical engineering student of CBIT, I was introduced to MUNs at CBIT beginning as a director in the 2011 edition and currently serving my second term as Secretary General of this great conference , needless to say it is indeed an honour and a privilege. For two years we have stood up and redefined MUN conferences in India, For two years we have led the way with innovation. We wanted to deliver a phenomenon We wanted to be the difference. For two editions now we have been and done all that but we come back for the third time promising the same and even more. When a team creates something spectacular it leaves a greater responsibility in the hands of the next team, it leaves a legacy, a legacy that must continue. Moving forward with this responsibility on our shoulders we would assure the participants who have supported us since 2011 that the best is yet to come and to those who have missed the last two editions we would like to tell you that it’s never too late to be a part of something that shall become a collection of memories to cherish. To put it simply, hello delegate, welcome to CBITMUN. Sreekar Reddy Secretary General CBITMUN
Overview of the Mandate The International Telecommunication Union (ITU) is an agency of the United Nations (UN) whose purpose is to coordinate telecommunication operations and services throughout the world. Originally founded in 1865, as the International Telegraph Union, the ITU is the oldest existing international organization.The ITUs main objective is to protect everyone’s fundamental right to communicate. ITU headquarters are in Geneva, Switzerland. The ITU consists of three sectors: ·∙ Radiocommunication (ITU-‐R) -‐ ensures optimal, fair and rational use of the radio frequency (RF) spectrum ·∙ Telecommunication Standardization ( ITU-‐T ) -‐ formulates recommendations for standardizing telecommunication operations worldwide ·∙ Telecommunication Development (ITU-‐D) -‐ assists countries in developing and maintaining internal communication operations The ITU sets and publishes regulations and standards relevant to electronic communication and broadcasting technologies of all kinds including radio, television, satellite , telephone and the Internet . The organization conducts working parties, study groups and meetings to address current and future issues and to resolve disputes. The ITU organizes and holds an exhibition and forum known as the Global TELECOM every four years. Another important aspect of the ITU's mandate is helping emerging countries to establish and develop telecommunication systems of their own. Although the recommendations of the ITU are non-‐binding, most countries adhere to them in the interest of maintaining an effective international electronic communication environment. Enabling environment, cybersecurity, ICT applications and Internet-‐related issues National telecommunication policies and strategies which best enable countries to benefit from the impetus of telecommunications/ICTs as an engine of sustainable growth, employment creation and economic, social and cultural development, taking into account matters of priority to developing countries. The work will include access policies to telecommunications/ICTs, in particular access by persons with disabilities and with special needs, as well as telecommunication/ICT network security. Tariff policies and tariff models for next-‐generation networks, convergence issues, universal access to broadband fixed and mobile services, impact analysis and application of cost and accounting principles, taking into account the results of the studies carried out by ITU-‐T and ITU-‐R, and the priorities of developing countries. Information and communication
infrastructure and technology development, emergency telecommunications and climate-‐ change adaptation Methods and approaches that are the most suitable and successful for service provision in planning, developing, implementing, operating, maintaining and sustaining telecommunication services which optimize their value to users. This work will include specific emphasis on broadband networks, mobile radio communication and telecommunications/ICTs for rural and remote areas, the needs of developing countries in spectrum management, the use of ICTs in mitigating the impact of climate change on developing countries, telecommunications/ICTs for natural disaster mitigation and relief, conformance and interoperability testing and e-‐ applications, with particular focus and emphasis on applications supported by telecommunications/ICTs. The implementation of information and communication technology, taking into account the results of the studies carried out by ITU-‐T and ITU-‐R, and the priorities of developing countries. History The International Telecommunication Union (formerly International Telegraph Union (ITU)) is the world's oldest international body. The telegraph, invented in the 1820s and commercialized by the American Samuel Morse in the 1930s, was a revolutionary discovery. It allowed for long-‐ distance communication through the making and breaking of electrical connections (Morse code). International telegraphy was complicated, however, by national rivalries and technical difficulties, prompting the creation of the ITU. It was formed in 1865 at the Paris Telegraph Conference, and illustrates the centrality of communications in the historical evolution of globalization. Napoleon III convened the conference to harmonize the workings of the two existing European telegraph unions, the Austro-‐German Telegraph Union and the Western European Union. More broadly, the formation of the ITU meant that states no longer had to negotiate separate telegraph agreements with all neighboring states. The ITU was created as an international body which would oversee developments in telegraph technology, harmonize telegraph rates and tariffs, and establish Morse code as the international standard in telegraphic communication. a) While the ITU, informally known as the Berne Bureau, had no formal jurisdiction, it became an international clearing house for telecommunications information. It continued to provide a venue for the global regulation of new technologies, including telephony and radio-‐telegraphy, into the early twentieth century. The ITU is the forerunner of the modern International Telecommunications Union. The latter body has continued to regulate new technologies with an eye to global harmony, such as its regulatory work regarding satellite communications.
b) The ITU was a forerunner of modern international organizations. It articulated a sense of global community, recognition that shared interests and problems required international cooperation. The original twenty member nations of the ITU were European, but the ITU soon welcomed nations from the non-‐Western world, including India (1869), Egypt (1876), Brazil (1877), Thailand (1883), and Argentina (1889). Its membership continued to grow in the twentieth century, particularly from the 1950s through the 1970s as many of the world's new post-‐colonial states became members. The ITU has provided a model for transnational cooperation on issues of mutual interest, and its organizational structure was copied by many later international organizations. ITU, based in Geneva, Switzerland, is a member of the United Nations Development Group. Its membership includes 193 Member States and around 700 Sector Members and Associates. History of the “Internet” The Internet is a global system of interconnected computer networks that serves several billion users worldwide. It is a network of networks that consists of millions of private, public, academic, business, and government networks, of local to global scope, that are linked. The history of the Internet began with the development of electronic computers in the 1950s.The origins reach back to research commissioned by the United States government in the 1960s to build robust, fault-‐tolerant communication via computer networks. While this work together with work in the United Kingdom and France lead to important precursor networks, they were not the Internet. There is no consensus on the exact date when the modern Internet came into being, but sometime in the early to mid-‐1980s is considered reasonable. Since the mid-‐1990s the Internet has had a tremendous impact on culture and commerce, including the rise of near instant communication by email, instant messaging, Voice over Internet Protocol (VoIP) "phone calls", two-‐way interactive video calls, and the World Wide Web with its discussion forums, blogs, social networking, and online shopping sites. The Internet's takeover over the global communication landscape was almost instant in historical terms: it only communicated 1% of the information flowing through two-‐way telecommunications networks in the year 1993, already 51% by 2000, and more than 97% of the telecommunicated information by 2007.The Internet continues to grow, driven by ever greater amounts of online information and knowledge, commerce, entertainment and social networking. During the late 1990s, it was estimated that traffic on the public Internet grew by 100 percent per year, while the mean annual growth in the number of Internet users was
thought to be between 20% and 50%. This growth is often attributed to the lack of central administration, which allows organic growth of the network, as well as the non-‐proprietary open nature of the Internet protocols, which encourages vendor interoperability and prevents any one company from exerting too much control over the network. As of 31 March 2011, the estimated total number of Internet users was 2.095 billion (30.2% of world population).It is estimated that in 1993 the Internet carried only 1% of the information flowing through two-‐ way telecommunication, by 2000 this figure had grown to 51%, and by 2007 more than 97% of all telecommunicated information was carried over the Internet. Agenda A -‐ Possibility of U.N. governance of the Internet History No one person, company, organization or government runs the Internet. It is a globally distributed network comprising many voluntarily interconnected autonomous networks. It operates without a central governing body with each constituent network setting and enforcing its own policies. Its governance is conducted by a decentralized and international multi-‐ stakeholder network of interconnected autonomous groups drawing from civil society, the private sector, governments, the academic and research communities and national and international organizations. They work cooperatively from their respective roles to create shared policies and standards that maintain the Internet's global interoperability for the public good. However, to help ensure interoperability, several key technical and policy aspects of the underlying core infrastructure and the principal namespaces are administered by the Internet Corporation for Assigned Names and Numbers (ICANN), headquartered in Los Angeles, California. ICANN oversees the assignment of globally unique identifiers on the Internet, including domain names, Internet Protocol (IP) addresses, application port numbers in the transport protocols, and many other parameters. ICANN is governed by an international board of directors drawn from across the Internet's technical, business, academic, and other non-‐ commercial communities. A key starting point for examining internet governance is the World Summit on the In-‐formation Society (WSIS) which took place in Geneva in 2003 and Tunis In 2005. At WSIS governments,businesses, civil society and academics from across the world gathered for the first time to discuss the internet, what it was doing to their societies and how to shape it.During the process it became necessary to develop a concept of governance which was tailored to the particularities of the internet. A Multi-‐stake-‐holder working group,the Working Group on Internet Governance, was set up by the UN Secretary General in October 2004 to ‘investigate and make proposals for action, as appropriate, on the governance of the internet’. The key achievement of the WGIG was to develop a broad and inclusive understanding of internet governance which was incorporated into the final Tunis Agenda for
the Information Society,signed onto by 174 governments. The oft-‐quoted definition is as follows: ‘Internet governance is the development and application by governments, the private sector and civil society, in their respective roles, of shared principles, norms, rules, decision-‐ making procedures, and programmes that shape the evolution of the internet.Since WSIS, the term "Internet governance" has been broadened beyond narrow technical concerns to include a wider range of Internet-‐related policy issues. During 1979 the Internet Configuration Control Board was founded by DARPA to oversee the network's development. During 1984 it was renamed the Internet Advisory Board (IAB), and during 1986 it became the Internet Activities Board. The Internet Engineering Task Force (IETF) was formed during 1986 by the US Government to develop and promote Internet standards. It consisted initially of researchers, but by the end of the year participation was available to anyone, and its business was performed largely by email. During 1992 the Internet Society (ISOC) was founded, with a mission to "assure the open development, evolution and use of the Internet for the benefit of all people throughout the world". Its members include individuals (anyone may join) as well as corporations, organizations, governments, and universities. The IAB was renamed the Internet Architecture Board, and became part of ISOC. The Internet Engineering Task Force also became part of the ISOC. The IETF is overseen currently by the Internet Engineering Steering Group (IESG), and longer term research is carried on by the Internet Research Task Force and overseen by the Internet Research Steering Group. Current Situation At present the internet is governed by a wide range of institutions and actors, each responsible for processes across different geographical, technical and social dimensions. While it is generally accepted that this dispersed and complex model has been working very well at the technical level, at the policy level there is much greater disagreement. It is unclear how challenges – from privacy, to cybercrime and network neutrality – can be dealt with under the present regime. On the one hand there are governments threatened by an empowered citizenry that seek to enforce greater control over the environment as access to the network proliferates. On the other hand there are governments, and some civil society groups, who argue that the current regime is dominated by the global north and serves to facilitate greater business (and hence, non-‐democratic) control. How to develop policy for an area which is global, decentralised and extremely fast-‐changing is an enormous and increasingly controversial challenge. On the one hand there are governments threatened by an empowered citizenry that seek to enforce greater control over the environment as -‐access to the network proliferates.On the other hand there are governments, and some civil society groups,who argue that the current
regime is dominated by the global north and serves to facilitate greater business(and hence, non-‐democratic) control.The current regime is coming under increased pressure to either step up to the challenges of the internet age,or else risk being replaced for more centralised and top -‐down governance alternatives. How to develop policy for an area which is global, decentralised and extremely -‐fast-‐changing is an enormous, and increas-‐ingly contro-‐versial,-‐challenge. It Is Imperative that civil society acts promptly to shape a process that will -‐pro-‐tect and further the public interest. In December 2012, the ITU facilitated the The World Conference on International Telecommunications 2012 (WCIT-‐12) in Dubai. WCIT-‐12 was a treaty-‐level conference to address International Telecommunications Regulations: international rules for telecommunications, including international tariffs.The previous conference to update the Regulations (ITRs) was held in Melbourne in 1988. In August 2012, ITU called for a public consultation on a draft document ahead of the conference.It is claimed the proposal would allow government restriction or blocking of information disseminated via the internet and create a global regime of monitoring internet communications – including the demand that those who send and receive information identify themselves. It would also allow governments to shut down the internet if there is the belief that it may interfere in the internal affairs of other states or that information of a sensitive nature might be shared. The current regulatory structure was based on voice telecommunications, when the Internet was still in its infancy.In 1988, telecommunications operated under regulated monopolies in most countries. As the Internet has grown, organizations such as ICANN have come into existence to manage key resources such as Internet Addresses and Domain Names. Some outside the United States believe that the United States exerts too much influence over the governance of the Internet.Current proposals look to take into account the prevalence of data communications. Proposals under consideration would establish regulatory oversight by the U.N. over security, fraud, traffic accounting as well as traffic flow, management of Internet Domain Names and IP addresses, and other aspects of the Internet that are currently governed either by community-‐based approaches such as Regional Internet Registries, ICANN, or largely national regulatory frameworks. Various Country/Stakeholders’ Positions USA In a document released on 3 December 2003 the United States delegation to the WSIS advocated a strong private sector and rule of law as the critical foundations for development of national information and communication technologies (ICT). Ambassador David Gross, the US coordinator for international communications and information policy, outlined what he called "the three pillars" of the US position in a briefing to reporters 3 December.
1. As nations attempt to build a sustainable ICT sector, commitment to the private sector and rule of law must be emphasized, Gross said, "so that countries can attract the necessary private investment to create the infrastructure." 2. A second important pillar of the US position was the need for content creation and intellectual property rights protection in order to inspire ongoing content development. 3. Ensuring security on the internet, in electronic communications and in electronic commerce was the third major priority for the US. "All of this works and is exciting for people as long as people feel that the networks are secure from cyber attacks, secure in terms of their privacy," Gross said. As the Geneva phase of the meeting drew closer, one proposal that was gaining attention was to create an international fund to provide increased financial resources to help lesser-‐ developed nations expand their ICT sectors. The "voluntary digital solidarity fund" was a proposal put forth by the president of Senegal, but it was not one that the United States could currently endorse, Gross said. Gross said the United States was also achieving broad consensus on the principle that a "culture of cybersecurity" must develop in national ICT policies to continue growth and expansion in this area. He said the last few years had been marked by considerable progress as nations update their laws to address the galloping criminal threats in cyberspace. "There's capacity-‐building for countries to be able to criminalize those activities that occur within their borders...and similarly to work internationally to communicate between administrations of law enforcement to track down people who are acting in ways that are unlawful," Gross said. Many governments are very concerned that various groups use U.S.-‐based servers to spread anti-‐semitic, nationalist, or regime critical messages. This controversy is a consequence of the American position on free speech which does not consider speech as criminal without direct appeals to violence. The United States argues that giving the control of Internet domain names to international bureaucrats and governments may lead to massive censorship that could destroy the freedom of the Internet as a public space. Ultimately, the US Department of Commerce made it clear it intends to retain control of the internet's root servers indefinitely. Russia A Russian-‐led coalition has withdrawn a controversial proposal to turn Internet governance over to a United Nations agency, a plan opposed by Western governments during ongoing talks over an international communications treaty. The proposal, supported by China, Saudi Arabia, the United Arab Emirates, and others, would have called on the U.N. to help member states seize control of key Internet engineering assets, including domain names, addresses, and numbering. The United States, Canada, France,
Sweden, and others opposed the proposal, fearing that it could do grave harm to the current free and open Internet. The International Telecommunication Union summit of December 2012 tasked with rewriting a multilateral treaty that governs international communications traffic. The treaty, which was last updated in 1988, could have a direct impact on the Internet. Details of the proposal leaked out one month ahead of the summit, forcing Russia to revise it to tone down some anti-‐Internet rhetoric, but it continued to propose the addition of a new article to the treaty giving the ITU specific authority over the Internet, something the agency has never had. Google The world's leading search company has come out swinging against an effort by the International Telecommunications Union (ITU), the telecommunications arm of the United Nations, to seize a larger role for itself in Internet governance. "There is a growing backlash on Internet freedom," Google says on its website. "Forty-‐two countries filter and censor content. In just the last two years, governments have enacted 19 new laws threatening online free expression." Google worries that these censorious governments could have used the World Conference on International Telecommunications, as an opportunity to grab more authority over the Internet. "The ITU is the wrong place to make decisions about the future of the Internet," Google argues. Google and other critics object to that approach because ITU is a strictly inter-‐governmental body, with no representation for private companies like Google, non-‐profits, or ordinary citizens. Google isn't alone in opposing a growing ITU role in Internet governance. Two activist groups that played a key role in the debate over the Stop Online Piracy Act, Fight for the Future and Access Now, have launched a website of their own warning that "the ITU could put the Internet behind closed doors." "If some proposals at WCIT are approved, decisions about the Internet would be made by a top-‐ down, old-‐school government-‐centric agency behind closed doors," the groups warn. "Some proposals allow for access to be cut off more easily, threaten privacy, legitimize monitoring and blocking online traffic. Others seek to impose new fees for accessing content, not to mention slowing down connection speeds." Case Study : PRISM
PRISM is a clandestine mass electronic surveillance data mining program operated by the United States National Security Agency (NSA) since 2007.PRISM is a government code name for a data-‐collection effort known officially by the SIGAD US-‐984XN. PRISM began in 2007 in the wake of the passage of the Protect America Act under the Bush Administration.The program is operated under the supervision of the U.S. Foreign Intelligence Surveillance Court (FISA Court, or FISC) pursuant to the Foreign Intelligence Surveillance Act (FISA).Its existence was leaked six years later by NSA contractor Edward Snowden, who warned that the extent of mass data collection was far greater than the public knew and included what he characterized as "dangerous" and "criminal" activities.The disclosures were published by The Guardian andThe Washington Post on June 6, 2013. A document included in the leak indicated that PRISM was "the number one source of raw intelligence used for NSA analytic reports." The leaked information came to light one day after the revelation that the FISA Court had been ordering a subsidiary of telecommunications company Verizon Communications to turn over to the NSA logs tracking all of its customers' telephone calls on an ongoing daily basis. U.S. government officials have disputed some aspects of the Guardian and Washington Post stories and have defended the program by asserting it cannot be used on domestic targets without a warrant, that it has helped to prevent acts of terrorism, and that it receives independent oversight from the federal government's executive, judicial and legislative branches. President Barack Obama defended the program, arguing that “”The programs are secret in the sense that they are classified. They are not secret, in that every member of Congress has been briefed… These are programs that have been authored by large bipartisan majorities repeatedly since 2006…Your duly elected representatives have consistently been informed.” While Congress championed privacy rights in reference to the new technology of Google Glass, it is clear that opinions may differ in regards to government, versus corporate, information collection. Of course the constitutionality of such surveillance, given the provisions of the Fourth Amendment, is debatable. The Fourth Amendment protects “the right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures…” The government can convincingly argue that the provisions of FISA and the Patriot Act permit surveillance only where it can be reasonably justified in accordance with the Fourth Amendment. The right to privacy cannot be violated except with the issuance of a warrant “… upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.” Privacy advocates may point to the emergency powers of the Attorney General to authorize electronic surveillance without a court order as contrary to the Fourth Amendment. However, this authority is limited to emergencies and the procedure for obtaining a warrant is required to be initiated within 7 days thereafter. Government is required to desist from surveillance within 7 days of the issuance of the
emergency order or when the information sought is obtained or the warrant is denied. The emergency powers are consistent with government’s policy to provide rapid response in emergency situations. Notwithstanding the arguments for surveillance, the right to privacy must be balanced with the need to protect national security and combat terrorism. Consequently, absolute privacy cannot be guaranteed especially when terrorism constitutes a real security challenge. This Illuminate a growing concern among citizens for the protection of their privacy, which at times conflicts with the actions, needs, or desires of government and corporate entities. Case Study Questions A Resolution Must Answer What type of Governance should be present? How centralised or decentralised should the system of governance be? What powers and controls a Governing body should hold? Agenda B -‐ Global Cybersecurity History Cybersecurity or IT Security is information security as applied to computers and networks. The field covers all the processes and mechanisms by which computer-‐based equipment, information and services are protected from unintended or unauthorized access, change or destruction. Computer security also includes protection from unplanned events and natural disasters It is well established that the use of computers to manipulate markets, organisations and governments has been occurring now for decades and evidence of cyberwarfare is apparent from as early as the 1970s in the form of “worm” attacks which have taken the form of extremely invasive viruses over time. The same worm viruses began to be used again in 2003 to compromise computers which became part of botnet “farms”, whereby a virus would be under a command and control structure which turned each infected computer into a “bot”. Such botnet farms went on to attack Microsoft early in 2006. 2005 saw the beginning of a continued cyber attack on US computers attributed to efforts by the Chinese government. Attacks of this nature on government resources, including UK national interests, continue unabated. Of considerable note was the Chinese attack on the Pentagon in 2007. Hackers intruded into the NIPRNet system which, while not containing classified information, is crucial in the speedy
deployment of US troops if China were to attack Taiwan. This indicates the increasingly political motives behind such cyber attacks in the last decade. In 2008 another victim of the “worm” attacks was NASA, announcing that the worms had been found on laptops at the International Space Station. Also of note in 2008 was a group from Pakistan who hacked into the computer network of the State Bank of India, their largest bank. December 2009 saw one of the most widespread and serious cyberwarfare attacks to date; 34 American companies were compromised during these attacks where intellectual property was also stolen. Along with Botnet, Ghostnet was also discovered in 2009. Among those compromised were computer systems in embassies, foreign ministries and other governmental offices as well as the Dalai Lama’s Tibetan exile centres in India, London and New York. In 2009, President Barack Obama declared America's digital infrastructure to be a "strategic national asset”, a statement which serves to display the potentially severe consequences for nations should such cyber attacks continue. Current Situation At present, the term “cyber security” lacks definition as it is used to cover a vast range of concerns: in different contexts and by different actors the term is used to refer to security of national infrastructure; security of Internet infrastructure; security of applications and services; security of users (ranging from businesses to individual users); to the stability of the State and of political structures. This inexact terminology points to one of the primary concerns about this growing discourse: the terminology covers an agenda which is inexact, mixes legitimate and illegitimate concerns and conflates different types and levels of risk. This prevents genuine objective scrutiny, and inevitably leads to responses which are wide-‐ranging and can easily be misused or abused. Among the important issues that are obfuscated by the current lack of precision in cyber security debates is the fact that rivalries between States are among the chief security threats, with the narratives of cyber war and a cyber arms race rapidly gaining ground at the inter-‐state level. In particular, a number of countries are reportedly investing heavily in developing offensive capabilities. In recent weeks there have been reports that the Pentagon is fast-‐tracking cyber weapon development and acquisition through a process separate from that used for conventional 3 weapons . China too, in considered a major investor in cyberwarfare
capacity. And in the UK, official statistics show that 59% of the planned spend of the country's Cyber Security Strategy “is meant to go to the intelligence agencies”. According to a senior officer from Cheltenham, “GCHQ’s offensive capability gives the UK an edge... a large proportion of that money has [therefore] gone into those capabilities” Discourses of cyber war and a cyber arms race have also built a market with lucrative opportunities for the many private businesses that seek to provide the technologies to deal with such purported threats. Indeed, narratives of cyber security prop up not only government power but big business as well, and the influence of the security industry on these debates should not be underestimated. The cyber security sector is estimated to be worth tens of billions of US dollars every year6 , and they are investing huge amounts of funds in lobbying politicians. A report by the Center for Responsive Politics found that in the US the number of lobbying reports which mentioned the term “cyber security” more than doubled from 2011 to 2012. Despite the prevalence of the language of cyber war, it is important to remember, however, that the cyber domain is very different from the offline domains (earth, air, sea, space) that the terminology of war comes from, and loaded terms such as “war” and an “arms race” are frequently inappropriate to describe what is going on. It is far more difficult to localise damage or attribute responsibility online than offline. Furthermore, what is often reported in the media as examples of “cyber wars” do not entail violence and should more appropriately be referred to as instances of “cyber espionage”. Acts of espionage are usually governed by different legislation than acts of warfare. In fact, the only cyber attack so far that has caused (or is believed to have caused) physical damage offline, and that therefore is almost unanimously agreed to be an act of war fare, is Stuxnet, pointing to the duplicitous role that the USA is playing in the cyber security arena. Where governments actively foment reasons for their citizens to fear for their safety unless they accept extensive surveillance measures and offensive capabilities on the part of the State, this is irresponsible governance.
Various Country Positions USA The United States provides security plans strictly in the response to cyberwarfare, basically going on the defensive when they are being attacked by devious cyber methods. In the U.S., the responsibility of cybersecurity is divided between the Department of Homeland Security, the Federal Bureau of Investigation, and the Department of Defense. In recent years, a new department was created to specifically tend to cyber threats, this department is known as Cyber Command. The United States Department of Defense sees the use of computers and the Internet to conduct warfare in cyberspace as a threat to national security. The United States Joint Forces Command describes some of its attributes: “Cyberspace technology is emerging as an "instrument of power" in societies, and is becoming more available to a country's opponents, who may use it to attack, degrade, and disrupt communications and the flow of information. With low barriers to entry, coupled with the anonymous nature of activities in cyberspace, the list of potential adversaries is broad. Furthermore, the globe-‐spanning range of cyberspace and its disregard for national borders will challenge legal systems and complicate a nation's ability to deter threats and respond to contingencies.” However, The United States has used cyberattacks for tactical advantage in Afghanistan. China While China continues to be held responsible for a string of cyber-‐attacks on a number of public and private institutions in the United States, India, Russia, Canada, and France, the Chinese government denies any involvement in cyber-‐spying campaigns. The administration maintains the position that China is not the threat but rather the victim of an increasing number of cyber-‐ attacks. Iran In June 2010, Iran was the victim of a cyber attack when its nuclear facility in Natanz was infiltrated by the cyber-‐worm ‘Stuxnet’. Stuxnet destroyed perhaps over 1000 nuclear centrifuges. The worm spread beyond the plant to allegedly infect over 60,000 computers, but the government of Iran indicates it caused no significant damage. Iran crowdsourced solutions
to the worm and is purportedly now better positioned in terms of cyber warfare technology. No government has claimed responsibility for the worm. The Iranian government has been accused by western analysts of its own cyber-‐attacks against the United States, Israel and Gulf Arabs, but deny this, including specific allegations of 2012 involvement in hacking into American banks. The conflict between Iran and the United States have been called "history’s first known cyber-‐war" . Case Study : Stuxnet Stuxnet is a computer worm that was discovered in June 2010. Initially, Stuxnet spreads via the Microsoft Windows form of operating system. However, Stuxnet is particularly interesting as it has been developed to target Siemens industrial software and equipment. Although this is not the first time that hackers have targeted industrial systems, it is the first discovered type of malware that both actively spies on and actively subverts industrial systems. In terms of how Stuxnet operates, at first the worm spreads indiscriminately. However at all times the worm includes a highly specialised malware ‘payload’ that is designed to target only Siemens ‘supervisory control and data acquisition’ systems that are in fact configures to control and monitor specific industrial processes. Different variants of Stuxnet targeted five Iranian organisation, with the target being uranium enrichment infrastructure in Iran. In August 2010 it was noted that 60% of the computers infected with Stuxnet (worldwide) were located in Iran. Whilst also, on 29 November 2010 Siemens stated that the worm has not caused any damage to its customers, but that the Iranian nuclear program (which uses embargoed Siemens equipment that has been procured secretly) has in fact been damaged by Stuxnet. It is interesting to note that despite the uncertainty regarding the source of Stuxnet when it was first discovered (it has since come to light that it was developed by the United States and Israel, as outlined below) the immediate general consensus was that a worm as complex as Stuxnet would require nation state support. Different variants of Stuxnet targeted five Iranian organizations, with the probable target widely suspected to be uranium enrichment infrastructure in Iran;Symantec noted in August 2010 that 60% of the infected computers worldwide were in Iran. Siemens stated that the worm has not caused any damage to its customers, but the Iran nuclear program, which uses embargoed Siemens equipment procured secretly, has been damaged by Stuxnet. Questions A Resolution Must Answer
Who will be the maintainers of Global Cybersecurity? What will be the measures taken to prevent a “Cyber War” from taking place?