UNITED NATIONS GENERAL ASSEMBLY

FIRST COMMITTEE
DISARMAMENT AND INTERNATIONAL SECURITY
(DISEC)

Developments in the field of information and

telecommunications in the context of international
security

Study Guide

MACMUN’22
Table of Contents

Welcome Letter……………………..………………………………...……………………..………..…….…1
Introduction..…………………………………..………..……………………………………..…….…..…....2
Involved Countries and Organisations………………………………..………..………......3
Important Events and Chronology……………….………………………..………..………....6
Past and Failed Solution Events………………..…..….……………………..………..…………7
Possible Solutions……………………..…………………………..…....……………………..………..…8
Used Links…………………………………..……………………………….………………………..………..…9
Bibliography……………………..…………..………....……………..…………………………..………..…9
Welcome Letter

Highly Esteemed Participants of DISEC #2 for MACMUN 2022,

My name is Başer Gürsoy, and I am a 11th Grade student at Arı Anatolian High School. I have been
participating in MUNs since 9th Grade, and this shall be my 12th MUN overall, and my 4th time chairing a
committee. Very unfortunately, eleven of my twelve experiences have had to be in Online MUNs, due to the
global crisis we have faced and are still facing now, however, I should mention that I am very excited to return
to participating in face-to-face MUNs.

Overall, I believe that my entire MUN career has contributed significantly to my personality and has allowed
me to expand my horizons, in a variety of fields. Primarily, participating in MUNs has allowed me to be
considerably less nervous, when speaking to a crowd, and has improved my overall speaking ability, all in a
friendly and professional environment. Moreover, it has taught me how to engage in a debate, especially one
in a highly formal context, and how to better present arguments or points. On a more specific level, MUNs
have been convenient tools for keeping in touch with world conflicts and humanitarian issues, especially in
the middle of this pandemic, thus making me a more globally minded person. Finally, the process of writing
resolutions, amendments or other related material, has improved my vocabulary and writing skills, especially
in a formal manner, immensely. I genuinely hope that attending MUNs has and will be as useful and
important to you, as it has been to me.

I also hope that this study guide, and the information within, will be of good help to you, for your upcoming
research. Thus, I recommend that you thoroughly read it. However, please kindly note that this study guide
only serves as an introduction or basic research on the topic, at hand. As such, I would expect that each
delegate would come to the conference and committee, with appropriate knowledge and an understanding of
their assigned country’s position and past actions on the issue. However, I do also recognise that some of you,
attending this committee, may be first-timers. Thus, I would like to advise you that, even though you may be
anxious, try to make the most of the conference and enjoy it, and say that I hope that I will be able to inspire
you to continue your MUN journey, as I have tried to do so for every committee that I chaired. Finally, I would
like to note that I look forward to meeting all of you, and that I hope we will have an amazing MUN conference
together.

However, if there are any questions that you would like to ask, or any doubts that you wish to clear, me or the
other co-chairs would be more than happy to help you. Please do remember, that no inquiry is irrelevant. I
not only hope that we will enjoy our time together in MACMUN 2022, but also that this MUN is a stepping
stone for your participation in many other MUNs.

Before I conclude, I would also like to thank the MACMUN 2022 Team, for the honour of participating and
chairing a committee in their conference. I would also like to thank them for their professionalism and great
work ethic.

Best Regards,
Başer Gürsoy
Chair of DISEC #2

1
Introduction

In recent years, humanity has witnessed considerable progress in the development and application of
information and communication technologies. Even though these technologies were created to provide
a better future for humanity, they could also potentially be used for purposes that are against the
objectives of maintaining international stability and security. In an attempt to prevent possible negative
outcomes that may happen in the future, various discussions were held. The aims of these meetings were
both to raise awareness among the countries of the security issues and to initiate multilateral
discussions.

With the spread of information technologies in the 1980s, technological tools spread rapidly all over the
world and nearly the entire planet entered a digital age. This rapid development of technology has led to
various security problems. Especially in recent years technology has developed more and more and
therefore has become an essential part of our daily lives. Cyber security threats, which are increasing
day by day, are creating huge problems for governments as well as for individuals, organizations, and
companies. Governments, businesses, and the general public around the globe are using information
and communication technologies (ICTs) in almost every aspect of life and work. Therefore, ICTs have
become a constant of 21st-century society. As a result of the ever-evolving cyber threats against states,
information security was first added to the agenda of GA-1 by the Russian Federation in 1998. The
international community has been debating cyber security for the last two decades and the United
Nations (UN) system acknowledged that the efforts of the General Assembly to ensure international
peace and security need to focus particularly on securing critical cyberinfrastructure, information and
communications technologies (ICTs) that control everyday life. Problems such as cyberterrorism,
cybercrime, and cyberwarfare (which have become more crucial in the last decades) became a
transnational problem on the United Nations agenda due to the activities that occur as a result of
hacking and communication vulnerabilities by countries and non-governmental organisations.

2
Involved Countries and Organisations

Open-ended Working Group (OEWG)

The General Assembly established the Open-Ended Working Group (OEWG) to discuss the issue of
security in the use of ICTs, an organization in which all UN Member States are invited to participate. The
Group convened for the first time in 2019 and reported back to the General Assembly in 2020.

Group of Governmental Experts (GGE)

The Secretary-General was requested to establish a Group of Governmental Experts on Advancing

responsible state behavior in cyberspace in the context of international security.
The GGE held its first meeting in 2019 and submitted its final report to the General Assembly in 2021. The
group has 25 members and its Chair.
They hold two informal consultations with all UN Member States in between their sessions. The Group of
Governmental Experts comprises experts from 25 countries working in their capacity.

International Police (INTERPOL)

INTERPOL is committed to a global fight against cyberattacks and is the natural partner for any law
enforcement agency looking to investigate these crimes on a cooperative level. With its Collaboration
Services, INTERPOL is one of the toughest law enforcement agencies against cybercrimes.

Information Sharing and Analysis Center (ISAC)

An Information Sharing and Analysis Center (ISAC) is a nonprofit organization that provides a central
resource for gathering information on cyber threats to critical infrastructure, and providing two-way
sharing of information between the private and public sectors. Its goal is to help critical infrastructure
owners and operators protect their facilities, staff, and customers from cyber and physical threats and
other hazards.

International Multilateral Partnership Against Cyber Threats (IMPACT)

IMPACT is a part of the International Telecommunication Union (ITU) which is a specialised union of the
United Nations. IMPACT is the first UN based cybersecurity agency. IMPACT has been a key partner of the
UN, since 2008. The goal of IMPACT is to ensure a safe cyberspace for everyone.
The United States of America

The United States has major cyberwarfare capabilities; including its controversial practice of intercepting
civilian communications (collected from NATO partners and other allies). The US was put under
significant international pressure from some of its allies after assertions that it tapped the
communications of several world leaders.
The U.S. has strongly defended the National Security Agency as an important aspect of its national
defence plan, raising questions about whether it is important for itself or if it is ultimately about security
from foreign threats and internal security.

3
On the other hand, Multinational companies across the US have been increasingly targeted in cyber
attacks since November 2014. The quantity and quality of information leaked, stolen, or destroyed is one
of the major issues that companies and individuals have to cope with. Therefore, the US has developed
specific programs to tackle the problem of cyber threats.

Some of them are the following: Department of Homeland Security (DHS) Enhanced Cybersecurity
Services (ECS) Program, is intrusion detection, prevention, and analysis capability that is available to all
U.S. based entities as they improve the protection of their computer systems from unauthorised access,
exploitation, or data exfiltration.
Department of Defense (DoD) Defense Industrial Base (DIB) Cyber Security (CS) Program, which was
initiated in 2007 and established as a permanent DoD program in 2013 to enhance and supplement DIB
participants’ capabilities to safeguard DoD information that resides on, or transits, DIB unclassified
networks or information systems.
DHS Cyber Information Sharing and Collaboration Program (CISCP), which is DHS's flagship program
for public-private information sharing and complement ongoing DHS information-sharing efforts. In
CISCP, DHS and participating companies share information about cyber threats, incidents, and
vulnerabilities.

The United Kingdom of Great Britain and Northern Ireland

The United Kingdom has one of the most advanced cyber-warfare capabilities and follows the lead of the
U.S. in the cyber-area. However, the U.K. itself is being hit by millions of cyber-attacks a month, including
attempts by hackers around the world. Just like other countries, The National Cyber Security Center
(NCSC) of the U.K. is investigating and taking precautions against cyberattacks from overseas.

Russian Federation

Starting in 2007, the Russians commenced cyberattacks to former Soviet satellites like Estonia, Georgia,
and Ukraine; then branched out to Western nations like the U.S., Germany, U.K., France, and to BRIC
member states, Russia is the new emerging state in cyber-sense. In the past few years, the Russian
government has mounted more than a dozen significant cyber attacks against foreign countries, to help or
harm a specific political candidate and to always project Russian power.
Russia co-sponsored a resolution to give states a greater role in governing the role of the internet at a
meeting of the International Telecommunication Union in April 2013, joined by China, North Korea, and
Iran. This was rejected by the United States and other NATO allies, causing some friction.

Federative Republic of Brazil

As an emerging ‘BRIC’ economy, Brazil has become something of a spokesman for the concerns of
developing countries when it comes to cyber threats. Brazil’s first National Cyber Security Strategy (‘E-
Ciber’), was signed into force by President Jair Bolsonaro in early February 2020, which some experts
deemed well overdue. The revelation that the United States may have tapped the phone of the Brazilian
president Dilma Rousseff was met with anger in Brazil and other world capitals, and calls were made for
states to limit their online data collection activities or risk breaching international conventions on proper
targets of espionage.

4
People’s Republic of China

China’s hacker army, which is claimed to be supported by the government, is said to have 50,000-100,000
members. The Chinese government from 1995 to 2008 was involved in many high-profile cases of
espionage, primarily through the use of a decentralized network of students, business people, and
scientists. China is continuing to be held responsible for a string of cyber-attacks on several public and
private institutions in the United States, India, Russia, Canada, and France. The Chinese government is
denying any involvement in cyber-spying campaigns. And any of China's cyber warfare capabilities have
yet to be confirmed by the Chinese government.

Democratic People’s Republic of Korea

Due to a comedy film named “The Interview” that was released by Sony, a comedy about a plot to
assassinate North Korean leader Kim Jong-un; A hacker group from North Korea leaked into Sony’s digital
systems and released confidential data from Sony Pictures.

Again, North Korean hackers have engineered the WannaCry Ransomware which is responsible for the
hacking of 300,000 devices. WannaCry was one of the biggest Ransomware attacks throughout history and
a North Korean hacker group was arrested as a result of the investigations.

Republic of Korea

Through the last decade, South Korea was the target of many cyberattacks. Some of these are; the DDoS
attack in July 2009, which affected major government, news, media and financial services in South Korea.
In July 2011, South Korean telecommunication company SK communications was hacked, resulting in the
leak of the personal details of 35 million South Koreans. Although the South Korean defence minister says
that South Korea is powerful in cyberspace, the country still remains as the target of cyberattacks each
day.

People’s Republic of China

China’s hacker army, which is claimed to be supported by the government, is said to have 50,000-100,000
members. The Chinese government from 1995 to 2008 was involved in many high-profile cases of
espionage, primarily through the use of a decentralized network of students, business people, and
scientists. China is continuing to be held responsible for a string of cyber-attacks on several public and
private institutions in the United States, India, Russia, Canada, and France. The Chinese government is
denying any involvement in cyber-spying campaigns. And any of China's cyber warfare capabilities have
yet to be confirmed by the Chinese government.

Democratic People’s Republic of Korea

Due to a comedy film named “The Interview” that was released by Sony, a comedy about a plot to
assassinate North Korean leader Kim Jong-un; A hacker group from North Korea leaked into Sony’s digital
systems and released confidential data from Sony Pictures.

5
Again, North Korean hackers have engineered the WannaCry Ransomware which is responsible for the
hacking of 300,000 devices. WannaCry was one of the biggest Ransomware attacks throughout history and
a North Korean hacker group was arrested as a result of the investigations.

Republic of Korea

Through the last decade, South Korea was the target of many cyberattacks. Some of these are; the DDoS
attack in July 2009, which affected major government, news, media and financial services in South Korea.
In July 2011, South Korean telecommunication company SK communications was hacked, resulting in the
leak of the personal details of 35 million South Koreans. Although the South Korean defence minister says
that South Korea is powerful in cyberspace, the country still remains as the target of cyberattacks each
day.

Important Events and Chronology

1910s
ASDIC (Sonar) was invented in the United Kingdom

1930s
Walkie-talkie was invented in the United States
Early warning radar and air defense systems were invented in the United Kingdom

1940s
Ballistic missiles were invented in Nazi Germany

1957
The USSR launched the first artificial satellite, Sputnik 1

1970
Satellite navigation was invented by USA/USSR

1999
Adapted Conventional Armed Forces in Europe Treaty signed

2002
Strategic Offensive Reductions Treaty was signed between USA and Russia

2017
Treaty on the Prohibition of Nuclear Weapons signed

6
Past and Failed Solution Events

Initially conceived as a free and open space for interpersonal communication and sharing, free from state
regulation and interference, cyberspace has quickly become a key issue of global politics and one of the
key elements of political, social, economic, and military power.

The alleged state-sponsored cyberattacks against Estonia in 2007, Georgia in 2008, and Iran in 2010
played an important role in turning cyber security into a national and international security issue.

The North Atlantic Treaty Organization (NATO) established a Cyber ​Defense Center of Excellence in
Tallinn, the capital of Estonia, right after the attack in Estonia, and at the Warsaw Summit in 2016,
cyberspace was accepted as a form of war and its sphere of influence was determined to be equal to land,
air, sea and space. Thus, while NATO is developing a cyber defence strategy that includes cyber attacks,
member states have started to establish units that can fight in cyberspace within their military structures.

Today, more than a hundred states have established their cyber capabilities and more than fifty have
defined their national cyber strategies. More than thirty countries have developed military doctrines for
cyber operations and offensive cyber warfare programs, often using the terms "information operations"
and "information warfare".

As it is known, cyber threats and cyber-attacks are transnational and unconventional security problems
that remove the border between international and national security policies. Since these threats know no
borders, they have brought many countries together for a solution.

In this context, many initiatives involving norm-building and trust-building efforts have been carried out
in the last decade by the African Union (2014), the Association of Southeast Asian Nations (ASEAN, 2017),
the Council of Europe (2001), the European Union (2019), the G7 (2016), the G20 (2015), Organization of
American States (OAS, 2004), Organization for Economic Cooperation and Development (OECD, 2002;
2008; 2019), Organization for Security and Cooperation in Europe (OSCE, 2016a; 2016b; 2017), Shanghai
Cooperation Organization (SCO, 2009) and various international and regional organisations such as the
North Atlantic Treaty Organization (Schmitt, 2017).

These initiatives aim to reduce the risk of conflict arising from the use of cyberspace, define the response
when a cyber incident occurs above or below the threshold of armed conflict, strengthen the resilience of
critical infrastructures or global financial services, manage cyber risks, and respond to terrorist/criminal
use of the internet.

In addition, over the past decade, specialised norm processes composed of high-profile experts such as
the Global Commission on Internet Governance, the Global Commission for Cyberspace Stability, and
Carnegie's Cyber ​Policy Initiative, industry-led norm processes such as the Cybersecurity Tech Accord
initiated by Microsoft and the Trust Charter led by Siemens, Multi-stakeholder norm processes appear to
be emerging, such as the Paris Call for Trust and Security in Cyberspace, the Internet Governance Forum,
the Global Forum for Cyber ​Expertise, the NETmundial Initiative, and the Christchurch Call.

7
Many governments around the globe are investing in their own cybersecurity systems. North Korea has
assembled a separate army unit meant to tackle cyberwarfare, China is said to be building its own
cyberarmy and NATO allies are strengthening their cyber presence and cooperation.

These are just a fraction of the current investment in cybersecurity systems. With more countries
preparing themselves for cyberwarfare, we can safely say that cyberwarfare will be an important issue in
the future.

Possible Solutions

Global cooperation is needed to prevent cyber attacks. To date, a limited number of international
agreements have been signed, and few institutions have aimed to combat cyber-attack.

Cyber ​attacks on European countries have mobilised international organisations such as the EU and
NATO and revealed the necessity of acting together against the cyber threat. The text adopted by the
Council of Europe after the summit organised on November 23, 2001, to combat cybercrime is the first
international treaty in this field (Council of Europe, 2001). At the summit, whose main purpose was to fight
against cybercrime by developing a common policy, it was emphasised that the path to be followed in the
fight against cybercrime should be built with international cooperation and laws compatible with the
issue.

The treaty, which entered into force in 2004, was signed by the USA along with 22 Council of Europe
members. Illegal access to computer systems, interference to the system and the information in it, and
other computer-related fraudulent transactions are also considered crimes, and each state is asked to
share its evidence within the framework of cooperation in order to prevent this situation. However, it is
seen that a mechanism has not been established for the countries to fulfil their responsibilities and as
such, lack of safety is still present.

Member states should work together to come up with an efficient plan that holds countries responsible for
their cybercrimes. Without a system that is able to put pressure on states to act carefully, cybersecurity will
never be truly achieved.

Member states should also be focusing on educating the general public about cybersecurity. Even though
most of the population is now active online, there is a small amount of people who actually know how to be
safe in the digital world. The general public needs education on what being safe on the internet means, and
how to actually achieve that safety.

8
Useful Links

http://news.bbc.co.uk/2/hi/science/nature/6331897.stm
https://www.bbc.com/news/business-41188464
https://books.google.com.tr/books?id=lESrw3neDokC&pg=PA53&redir_esc=y#v=onepage&q&f=false

Works Cited

1. GÜRKAYNAK, Muharrem, Yrd.Doç.Dr., İREN, Adem Ali, Unreal Stalemate In The Real World:
International Relatıons In Cyber Space, Suleyman Demirel University The Journal of Faculty of
Economics and Administrative Sciences Y.2011, Vol.16, No.2, pp.263-279.
2. Ashmore, W. C. (2009), “Impact of Alleged Russian Cyber Attacks”, Baltic Security & Defence Review , 11,
s. 4-40.
3. NATO, Warsaw Summit Communiqué: Issued by the Head of States and Governments participating in
the meeting of the North Atlantic Council in Warsaw on 8-9 July 2016, Madde 70,
https://www.nato.int/cps/en/natohq/official_texts_133169. htm?selectedLocale=en Erisim Tarihi 20
Kasım 2019.
4. Melissa E. Hathaway ve Alexander Klimburg, ‘Preliminary Considerations: On National Cyber Security’
, içinde: A Klimburg (der) National Cyber Security Framework Manual (NATO CCD COE Publication,
2012) 2.
5. İbid 2; Ronald J. Deibert ve Rafal Rohozinski, ‘Risking Security: Policies and Paradoxes of Cyberspace
Security’ (2010) 4 (1) International Political Sociology 16, 17.
6. Kavanagh C. (2017). The United Nations, Cyberspace and International Peace and Security:
Responding to Complexity in the 21st Century, UNIDIR,
https://www.unidir.org/files/publications/pdfs/theunited-nations-cyberspace-and-international-
peace-and-security-en-691.pdf
7. Ruhl, C., Hollis, D., Hoffman, W. ve Maurer T. (2020). Cyberspace and Geopolitics: Assessing Global
Cybersecurity Norm Processes at a Crossroads. Carnegie Endowment for International Peace,
https://carnegieendowment.org/files/Cyberspace_and_Geopolitics.pdf
8. United States-China Economic and Security Review Commission (2008), “China’s Proliferation
Practices, And The Development Of Its Cyber and Space Warfare Capabilities” United States-China
Economic and Security Review Commission, Washington.
9. Billo, C., ve Chang, W. (2004). “Cyber Warfare Analysis of the Means and Motivations of Selected Nation
States”, Hanover: Institute for Security Technology Studies at Dartmouth College, Kasım 2004.
10. Schaap, M. A. (2009), “Cyber Warfare Operations: Development and Use under International Law”, Air
Force Law Review , 64, s. 121-173.
11. Billo, C., ve Chang, W. (2004). “Cyber Warfare Analysis of the Means and Motivations of Selected Nation
States”, Hanover: Institute for Security Technology Studies at Dartmouth College, Kasım 2004.
12. http://oag.ca.gov/system/files/12%2008%2014%20letter_0.pdf
13. https://www.usatoday.com/story/tech/2014/12/17/sony-hack-the-interview/20519545/
14. https://www.bbc.com/news/world-us-canada-42407488
15. http://news.bbc.co.uk/1/hi/world/asia-pacific/8142282.stm
16. http://www.commandfive.com/papers/C5_APT_SKHack.pdf
17. https://foreignpolicy.com/2010/03/03/chinas-hacker-army/

9
12. http://oag.ca.gov/system/files/12%2008%2014%20letter_0.pdf
13. https://www.usatoday.com/story/tech/2014/12/17/sony-hack-the-interview/20519545/
14. https://www.bbc.com/news/world-us-canada-42407488
15. http://news.bbc.co.uk/1/hi/world/asia-pacific/8142282.stm
16. http://www.commandfive.com/papers/C5_APT_SKHack.pdf
17. https://foreignpolicy.com/2010/03/03/chinas-hacker-army
18. https://www.npr.org/2011/06/03/136912848/-china-to-make-mastering-cyber-warfare-a-priority
19. https://web.archive.org/web/20110310171345/http://epublications.bond.edu.au/cgi/viewcontent.cgi?
article=1110&context=cm
20. https://www.iiss.org/blogs/analysis/2020/09/csfc-brazils-cyber-security-strategy
21. https://stratcomcoe.org/cuploads/pfiles/Nato-Cyber-Report_15-06-2021.pdf
22. https://www.fpri.org/article/2021/07/understanding-russias-cyber-strategy/
23. https://www.itu.int/en/action/cybersecurity/Pages/gca.aspx
24. https://www.itu.int/ITU-D/cyb/cybersecurity/docs/IMPACT_Factsheet_FA.pdf
25. https://www.cisa.gov/enhanced-cybersecurity-services-ecs
26. https://dodcio.defense.gov/Portals/0/Documents/DIB%20Fact%20Sheet.pdf
27. https://usun.usmission.gov/mission/
28. https://obamawhitehouse.archives.gov/the-press-office/2015/02/12/fact-sheet-executive-order-
promoting-private-sector-cybersecurity-inform
29. https://www.enisa.europa.eu/topics/national-cyber-security-strategies/information-sharing
30. https://www.itu.int/en/action/cybersecurity/Documents/gca-chairman-report.pdf
31. https://www.itu.int/en/ITU-D/Cybersecurity/Documents/cybercrime2014.pdf
32. https://www.unidir.org/sites/default/files/conferences/pdfs/summary-eng-0-25.pdf
33. https://www.un.org/disarmament/ict-security/
34. https://www.unidir.org/sites/default/files/conferences/pdfs/summary-eng-0-25.pdf
35. https://www.ncsc.gov.uk/
36. https://www.interpol.int/Crimes/Cybercrime
37. https://www.un.org/disarmament/group-of-governmental-experts/
38. https://www.un.org/disarmament/open-ended-working-group/

10