Cyber Warfare (Cerritos 2023-2024)

Moderator for 1st DISEC Synopsis Memorize for Grilling

what is cyber warfare?

cyber attacks or a series of attacks on an individual or country

how destructive are cyber attacks?

Can affect a wide range intending to disrupt/damage a nation (infrastructure, economy, military information, and access to online services)

Who is typically involved in cyber warfare?

nation-state perpetrating cyber attacks

private actors or terrorists org.

How many cyber attacks are there in a year?

As of 2023, over 800,000 cyber attacks per year

What are the costs in repairs and damages from cyber attacks?

3 billion USD

From 2009-2018 cyber attacks have increased ________?

440%

95% of cyber attacks have increased in _________?

targeting governments

What ways are national companies being cyber attacked?

(64%) phishing, ransomware, or distributed denial of service attack (DDoS)

20% Global organizations admit that …?

cyber warfare was the number one threat to the security of their organization

Why are 5.18 billion internet users vulnerable to cyberattacks daily

Connections with the nation’s communications system

How many new users connected to the internet worldwide between April 2022-2023

147 million

Who were the most digitally connected

The US and Europe (80% of citizens)

How many Chinese citizens are connected to the internet

1.05 billion

What is crucial for the safety of a country’s citizens and government

Protect the digital spaces to prevent cyber attacks

What groups use cyber warfare to gather info or disrupt other countries’ services for their own benefit?

CIA, the Tehran, Fancy Bear, and the APT groups

What countries are known for cyber warfare strategies

China, North Korea, Iran, Russia, and the United States have been known for using cyberwarfare and cyber attacks the most between 2010-2022

How has Russia proven its ability to use cyber attacks

Ukrainian-Russian War; they have shut down power grids, informational sites, banks, and as if March 2023, over 4,800 cyber attacks were recorded from Russian intelligence trying to attack Ukrainian intelligence

Russian Government Espionage groups like Fancy Bear and Sandworm have caused havoc with viruses like NotPetya. What has this software disrupted?

Occured in 2016 (known as Petya) and encrypted local files. But in 2017, a new variant called NotPetya was created and disrupted 80 Ukrainian companies, most notably the Ukrainian National Bank. This politically motivated attack on Ukraine was to disrupt the Ukrainian Constitution Day. Cost was 10 billion dollars.

What is PRISM

program from the National Security Agency under the Protect America Act that collected internet communications from several US internet companies

What did Edward Snowden (former CIA systems administrator) leak

US had been collecting texts and information from Tsinghua University, one of china’s biggest research institutions. Collecting millions of citizens information in China and Hong Kong.

What is Stuxnet

virus that destroyed centrifuges that Iran was using to enrich uranium. Deployed in 2013 to halt nuclear and atomic weapon development. It destroyed 1,000 centrifuges and set back Iranian government’s development by 2 years. Also sabotaged 1/5 of nuclear enrichment and infected 200,000 Iranian computers.

What type of virus is the most commonly seen attack

worm virus; hurts governments and groups, spanning from email spam, to corrupting files in specific devices

What is the most vulnerable sector to cyber attacks

power grids (delivers electricity from power plant to homes and businesses); If compromised, electricity of that line is simply cut off or directly disconnected until repairs occur

What attack highlighted the weakness of power grid systems when dealing with cyber attacks (Feb. 2021)

advanced persistent threat (APT) RedEcho compromised 10 Indian Power sector facilities that provuded on demand electricity

What was the biggest power outage attack? (Dec. 2015)

variant BlackEnergy and KillDisk took offline dozens of Ukrainian substations causing about 225,000 civilians to lose power for several hours. Directed by Sandworm (Russian state-sponsored organization)

What is Industroyer 2?

Virus detected by Ukrainian government during the Ukraine-Russian conflict in 2022. Potentially, 2 million citizens would have been affected by a blackout.

First UN resolution for cyber threats

2010 (A/65/154) responding to Cuba’s condemnation of the United States’ continuous attacks on television and radio services

While the UN has passed resolutions to prevent cyber attacks …..

they are yet to provide a detailed measure in case of a digital war but does recognize its possibility

UNOCT

United Nations Officer of Counter-Terrorism

CT TECH Initiative

2022, UNOCT and INTERPOL aimed at strengthening the capacities of law enforcement and criminal justice authorities in selecting partner countries to counter the exploitation of new tech for terrorist purposes AND supporting Member States in leveraging new tech in the fight against terrorism

Work by the UNOCT

1. aware of ICT misuse by terrorists

2. trained 3300 officials from 150 countries in cyber security

Private Information and communication Tech (ICT) companies should cooperate in gathering digital information/evidence of cyber terrorism under…

Resolution 266

UN General Assembly resolution A/RES/64/211 focus

safeguarding information and bridging the digital divide among nations; est. secure online communication channels between nations that are challenging to breach

Resolution A/RES/72/284 addresses

prevent terrorists from finding refuge online (mitigate future cyber attacks)

resolutions A/RES/75/32 and A/RES/73/266 urge

International community to exercise responsibility in cyberspace and utilize tech stability and growth

After Russian cyber attacks, Ukraine’s_____

networks (government websites), infrastructure (ports and cargo ships), and telecommunications systems were rendered useless. (citizens can’t do basic jobs)

What did the Russian attacks on Ukraine exemplify

The lack of support on cyberinfrastructure is critical to the downfall of national security; how vulnerable cyberspaces were to attacks and how impactful it could be on citizens NOT just government agencies

What did NATO and EU to help Ukraine

reinforce and apply frameworks to further protect citizens

Europe and the US alone combine

1 billion of online users

Differences between US and Europe with cyber warefare

US: takes advantage of its digital capabilities and cyber security

EUROPE: regulator for internet issues; direct investments into infrastructure and legal frameworks.

What is Europe’s number one challenge

United States’ reliance on technological advancements

Problems in Latin America

Countries in conflict with each others and groups for hire attack other countries digitally

The attack in Costa Rica was ransomware (type of software designed to block access to computer systems until money is paid off) which

the country was ill-prepared and under-resourced to deal with attacks

What progress has been made in syber strategies in Latin America

Cyber strategy in 2003 by The Organization of American States (OAS) which became a key contributor to the cyber security initiatives

How is cybercrime a prevailing issue in African Countries

While only 22% have access to the internet, digital threats and warfare are still prevalent

The national security agencies in Nigeria and governments of Johannesburg have been

targets of large cyber attacks

In 2017, cybercrime costs in African nations was over _________ due to attacks focusing on critical infrastructure and threats the citizens

3.5 billion

The countries of china, North Korea, and Russia account for

80% of cyber crimes

South Eastern Asian countries have been aware of cyber attacks on

maritime technologies that control canals and trade ports (compromises them)

because there are countries that are both tech. advnaced and in their infacny stages of cyber security

gap between the necessary aid to those most vulnerable

cybersecurity and stable cyber infrastructure is

critical towards the promotion of safe webbing. They also provide healthier economies and stimulate economic growth

What is yet to be developed in developing countries

proper policies and frameworks to handle cyber attacks

How can this issue be tackled

world governments, businesses, and developers need to spread attention to threats of cyber attacks

Other solutions should focus on different

areas of cyber attacks impacting communities (ex: COVID-19)

Delegates should consider the importance of new generation learning along with

workshops and events to promote the knowledge of cyber security; gov. officials should gather new methods to protect citizens

What questions should delegates consider

country action, international community collaborate; condemn or acted upon attacks; cyber policies; UN decision to respect individual cyber rights affects