Academic Guide

Security Council

Cyber espionage and intelligence gathering: Case of Russia

and Ukraine

SECURITY COUNCIL COMMITTEE

 INDEX

Content
1. Welcome Letter. 3 2. Introduction to the commission. 4 3. Explanation of the Topic. 5 4. Procedure. 6 5.
Glossary. 10 6. Guiding question. 10 7. Conclusion. 10 8. Recommended sources. 11 9. Bibliography. 11

SECURITY COUNCIL COMMITTEE

1. Welcome Letter.
Dear delegate,
It is an honour for us to welcome you to Munarb lV, thank you for
your participation in this commission, security council, we hope you
enjoy this experience.

We want to introduce ourselves , we are Luana Camila Hincapie Valencia and Andres
Gomez, your commission presidents, we will accompany you in this process and model, we
made this Dill require the delegates to read to
avoid inconveniences.

In this diplomatic context, you assume a fundamental role as an architect of solutions and
negotiator of agreements in a fictional but no less exciting world. As we embark on this
intellectual journey, we trust that your insight, diplomatic skills, and strategic vision will help
enrich the discussions and resolutions we will outline together.

Having this clear, we hope to make this commission the best of the
model together, our main objective apart from excellence is that
you enjoy what you do and learn from it.
You have our complete support in whatever You need before and
during the model, if you have questions you can contact us via
email or WhatsApp and if you have questions during the debates,
you can approach us to help you in any way we can.

FINALLY we wish you an excellent stay at the Gimnasio la arboleda

school, welcome to Munarb IV

Attentively,
Andres Felipe Gomez Luana Camila Hincapie CEL: 311 260 3995 CEL: 315 767
0896
Mail: andresgomez427@colegionuevayork.edu.co Mail:luancamhincaval@gmail.com

SECURITY COUNCIL COMMITTEE 2. Introduction to

the commission.
a. Historic Context.
The United Nations Security Council is an organ of the United Nations responsible for
maintaining international peace and security. It was established in 1946, along with the rest of the
United Nations. The Security Council originally consisted of 11 members, five of which were
permanent members (The popular Republic of China, France, the Soviet Union, the United
Kingdom, and the United States) and six non-permanent members elected by the UN General
Assembly for two-year terms. An amendment to the UN Charter in 1965 increased council
membership to 15, including the original five permanent members and 10 non-permanent
members. The presidency is held by each member in rotation for a period of one month.

The composition of the Security Council has been a contentious matter, particularly since
the end of the Cold War. Critics have argued that the Security Council and its five permanent
members reflect the power structure that existed at the end of World War II, when much of the
world was under colonial rule.

The conflict between Russia and Ukraine has been ongoing since 2014, and it has been
accompanied by a significant increase in cyber espionage and intelligence gathering activities.
Russia has been accdentify Russian spies involved in such activities since 2014. The spy war
has intensified as Western countries have sought to hit back and inflict lasting damage on the
ability of Russian intelligence to carry out covert operations. The recent expulsion of 500 Russian
officials from Western capitals is a symbol of this effort.

The cyber operations during the Russo-Ukrainian War have been a significant part of the
conflict. Russia has used cyber operations as part of a larger campaign or independently as an
instrument of coercion against Ukraine. The use of coded communications had also prompted
several states to mount concerted efforts to divine the secrets of those enciphering machines and
the codes they protected.

Also, the historical context of cyber operations in this conflict includes various incidents
and campaigns, such us:
 SECURITY COUNCIL COMMITTEE 2007 Cyberattacks on

Estonia: Though not directly related to the Russia-Ukraine

conflict, the 2007 cyberattacks on Estonia, which is a NATO member neighboring Russia,
demonstrated the potential of cyber warfare. The attacks targeted Estonian government
websites, banks, and media outlets. While Russia denied direct involvement, it raised concerns
about the use of cyber means in geopolitical conflicts.

Annexation of Crimea (2014): Following Russia's annexation of Crimea in 2014, there

were reports of cyber operations targeting Ukrainian government institutions and critical
infrastructure. These attacks included distributed denial-of-service (DDoS) attacks and more
sophisticated APT campaigns. Cyberattacks often accompany military actions as part of a hybrid
warfare strategy.

NotPetya Ransomware (2017): The NotPetya ransomware attack, which initially

targeted Ukraine but quickly spread globally, is wmpanies, and government systems. NotPetya
was seen as a demonstration of the potential for cyber tools to be used for destructive
purposes.

GRU Indictments (2018): In 2018, the United States indicted members of Russia's
military intelligence agency, theSome individuals were linked to cyber activities against
Ukraine.

Cyber Operations in Eastern Ukraine (Ongoing): The ongoing conflict in Eastern Ukraine
has seen continuous cyber operations. These include diss. The goal is often to gain
intelligence, disrupt communications, and sow confusion.

Election Interference: Both during the Ukrainian presidential elections and local
elections, therethe form of disinformation campaigns, hacking attempts, and efforts to
manipulate public opinion.

Energy Sector Targeting: The energy sector in Ukraine has been a frequent target of
cyberattacks. Incidents, such as attack on Ukraine's power grid, highlighted the vulnerability of
critical infrastructure to cyber threats. Such attacks can have significant real-world
consequences.

SECURITY COUNCIL COMMITTEE b. Commission

objectives.
 The Security Council Committee, also known as the United Nations Security Council
Committeçecurity Council Committee can vary based on the issues it addresses, but generally
include:

Maintenance of International Peace and Security:

● The primary objective is to contribute to the maintenance of international peace

and security, as mandated by the United Nations Charter.

Implementation of Security Council Resolutions:

● The committee is responsible for overseeing and ensuring the implementation of

resolutions adopted by the Security Council.

Monitoring Sanctions:

● In cases where the Security Council has imposed sanctions on a country or entity,
the committee monitors and assesses the implementation of these sanctions.

Conflict Prevention and Resolution:

● The committee may work on strategies and initiatives aimed at preventing

conflicts and facilitating the resolution of existing conflicts.

Counterterrorism Measures:

● Addressing and combating terrorism is often a key objective. The committee may
focus on implementing measures to counteract terrorism, such as sanctions or
other actions.

Non-Proliferation of Weapons of Mass Destruction:

● The committee may address issues related to the non-proliferation of nuclear,

chemical, and biological weapons, working towards preventing
their spread. Humanitarian Concerns.

SECURITY COUNCIL COMMITTEE

● In conflict situations, the committee may address humanitarian concerns, including
the protection of civilians, access to humanitarian aid, and human rights issues.

Peacekeeping Operations:
 ● Supporting and overseeing peacekeeping operations authorized by the Security
Council is another important objective. This may involve coordination with UN
peacekeeping missions.

Dialogue and Diplomacy:

● Promoting dialogue and diplomatic efforts to resolve conflicts peacefully is a

fundamental aspect of the committee's work.

International Cooperation:

● Fostering international cooperation and collaboration among member states and

regional organizations to address security challenges is a key objective.

The Security Council Committee adapts its focus and objectives based on the evolving
international security landscape and specific issues on its agenda. The committee's work is
guided by the principles of the United Nations Charter and aims
to prevent and address threats to global peace and security.

SECURITY COUNCIL COMMITTEE

3. Explanation of the topic.

The case of cyber espionage and intelligence gathering between Russia and Ukraine is complex
and multifaceted, involving various incidents and strategies.

Hybrid Warfare Strategy:

● Russia has been accused of employing a hybrid warfare strategy, which combines
conventional military tactics with non-military tools such as cyber operations,
disinformation, and economic coercion.
● Cyber espionage and intelligence gathering are integral components of this strategy,
aiming to gain a strategic advantage, disrupt communication, and gather information
about military and political developments.

Political and Military Objectives:

● Cyber operations serve political and military objectives in the conflict. This includes
gaining insights into the opponent's plans, capabilities, and intentions.
● Intelligence gathered through cyber means can inform military strategies, influence
 decision-making processes, and provide a competitive edge in the geopolitical arena.

Targeted Attacks:

● Both Russia and Ukraine have been involved in targeted cyberattacks against each other.
These attacks may focus on government institutions, military organizations, critical
infrastructure, and other strategic targets.
● Techniques such as spear-phishing, malware deployment, and exploiting vulnerabilities in
software or hardware are commonly employed to gain unauthorized access to systems.

Disinformation Campaigns:

● Beyond traditional cyber espionage, both sides engage in disinformation campaigns

using social media platforms and other online channels. These campaigns aim to
manipulate public opinion, create confusion, and influence the narrative surrounding the
conflict.
● False narratives and misleading information are
disseminated to shape perceptions both domestically
and internationally.

SECURITY COUNCIL COMMITTEE

Critical Infrastructure Targeting:

● Cyberattacks on critical infrastructure, such as the energy sector, have been a notable
feature. These attacks can disrupt essential services, sow fear, and create economic
instability.
● Ukraine, in particular, has experienced cyberattacks on its power grid, demonstrating the
potential real-world impact of cyber operations on critical infrastructure.

Attribution Challenges:

● Attribution in the cyber domain is often challenging. While there may be strong indicators
of state-sponsored activities, proving direct involvement by a specific government or
organization can be difficult.

● Cyber operations often involve the use of proxies and tactics to mask the identity of the
perpetrators.

International Implications:
 ● The use of cyber tools in the Russia-Ukraine conflict has international implications. It raises
concerns about the blurring lines between conventional warfare and cyber warfare, as
well as the potential for escalation in conflicts.

Counterintelligence Measures:

● Both Russia and Ukraine invest in counterintelligence measures to protect their own
networks and information. This includes improving
cybersecurity, conducting threat assessments, and
actively monitoring for signs of intrusion.

SECURITY COUNCIL COMMITTEE

4. Procedure.

MUNARB MOTIONS

Motion: Motions are the tools that the delegate has to carry out an action within the
committee. They should only be proposed when the committee is open to them (this
moment is identified with the phrase “the floor is open to motions” stated by the
chairperson). Motions must be voted on by the committee; however, the chairperson has
the authority to introduce motions on their own initiative.

Opening Motions

Call to order: This is the first motion that arises in the model, indicating the start of
activities
within the UN format.

Roll call: (not voted on) In the roll call, the chairperson will name the delegations
that must
be present in the committee in alphabetical order. Each delegate will respond to the call

with present or present and voting. The difference is that in the second option (present
and
voting), the delegate waives their right to abstain during a vote.

Open agenda: Indicates the theme of the debate. When there are two topics in the
committee, the agenda is opened with topic A or B, but MUNARB only handles one topic
per committee.
Read opening speeches: Each delegate will come forward to read their previously
prepared
opening speech.

Debate Motions

SECURITY COUNCIL COMMITTEE

Formal debate: In formal debate, after the motion has been formulated and voted on,
the chairperson will ask the delegates who want to be part of a list of speakers with a
specific time per speaker (“delegates who wish to join the list of speakers”). Delegates
who join may request a personal point of privilege to speak first or last without being
abusive or hindering the work of the chairperson. (The time per speaker is determined by
the delegate when presenting the motion, but if the chairperson considers a different
time, they can modify the motion). Delegates cannot be on a list of speakers twice, but it
will be up to the chairperson's discretion, considering the disposition of time, to allow a
possible second intervention through the use of a personal point of privilege. If the
delegate has time left after their intervention, they have two options indicated by the
chair: to yield the time to the next speaker (the time of the next intervention is added), or
to yield the time to the chair. At the end of the intervention, any delegate in the
committee can request a point of information from the speaker, and the chairpersons will
handle this procedure when the occasion arises.

Informal debate: Informal debate is the most usual type of debate; the delegate
determines the time for it when presenting the motion, however, for time reasons,
the chairperson may modify it. The debate works like this: the delegate who
presents the motion will be the first to speak (this is a UN tradition), and when they
finish their intervention, the floor will be open to further interventions (“delegates
who wishes to speak”), at this point, the delegates will raise their placards, and the
chairperson will decide who to give the floor to.

Lobby time: Lobby time is considered for establishing relationships and clarifying
specific points between delegates, and it is important to continue using
parliamentary language and respect between delegates.

● Extend debate / lobby time: The time must be specified, which can be modified by
the chair.
● Extraordinary, and the debate will continue.
● Adding to the record: (not voted on) The president will keep a record of the
statements made during the meeting, which delegates can refer to when citing or
adding a statement. The process for adding a statement will be as follows: at the
end of a speee given, and then ask the delegate who
made the speech if it is correct, needs to be
corrected, or is not correct. The statement will be
added if it is correct or corrected, and will not be
added if it is not correct.

SECURITY COUNCIL COMMITTEE

● Dividing the agenda: This is used when a topic has many aspects to be
discussed, to address them in a specific order. The delegate must formulate this
motion very clearly, with the topics to be addressed and their respective time
limits, considering the previously established debate time.

Motion to introduce a press release or directive:

What is it about? It is done to inform the committee about the content of the press
release or directive.

How is it voted? Simple majority, meaning more than half.

Additional information: After the press release or directive has been presented and
debated, it can be opened for amendment.

Motion for working papers.

Reading of working papers: The reading of working papers refers to the moment
when the delegates who have formed a block present the written working paper. A
delegate (head of the block) will present it, but if they so choose, they may request a
point of personal privilege to present it along with another delegate (the author).

Stabling a working paper: The purpose of this motion is to discard a working

paper due to many grammatical, formatting, or writing errors. However, the motion is
unacceptable when used for political or personal differences.

Proceed to a voting process: The voting process will be used for papers and
amendments. For it to take place correctly, after the motion has been voted on, the
president will present the following conditions: “The committee is in the voting process,
no one enters or leaves, delegates who declared themselves present and voting in the
roll call do not have the right to abstain, and the voting will take place in order of the roll
call: delegate 1, delegate 2…” Delegates have the right to declare their reasons for being
in favor or against the motion, usually when a delegate considers the current state of the
vote to be irrational up to the point at which they vote. When this happens, the president
immediately concludes the voting, the delegate has two and a half minutes to explain the
reasons, and a new vote is
scheduled. This will only happen once per vote.

Motions to end the format.

SECURITY COUNCIL COMMITTEE

Resuming the session: After a break or at the beginning of the second

day. Closing the agenda: To end the topic of discussion.

Suspending the session: To take a break or at the end of the first day.

Ending the session: To end the established debate times in the entire

model.

SECURITY COUNCIL COMMITTEE 5. Glossary.

Cyber Espionage: The covert and unauthorized acquisition of classified or sensitive information
from computer systems and networks.

Intelligence Gathering: The systematic process of collecting, analyzing, and disseminating

information to gain a strategic advantage or insight into the activities of other entities.

APT (Advanced Persistent Threat):A sophisticated and long-term cyberattack orchestrated by

a well-funded and organized group with specific objectives, often associated with nation-states.
Zero-Day Exploit:A cyberattack exploiting a software vulnerability that is unknown to the
software vendor, making it difficult to defend against.

Social Engineering:Manipulating individuals to divulge confidential information or perform

actions that compromise security.

Malware:Malicious software designed to disrupt, damage, or gain unauthorized access to

computer systems.

Phishing:A deceptive technique to obtain sensitive information by masquerading as a

trustworthy entity in electronic communication.

DDoS (Distributed Denial of Service):Overloading a network or website with excessive traffic,

rendering it unavailable to users.

Cryptography:The practice and study of techniques for secure communication in the presence
of third parties, safeguarding information through encryption.

Cybersecurity Framework:A set of guidelines, best practices,

and standards designed to manage and enhance an
organization's cybersecurity posture.

SECURITY COUNCIL COMMITTEE

Attribution: The process of identifying the entity responsible for a cyberattack, often a
challenging task due to the use of false flags and anonymous techniques.

Nation-State Cyber Actor:A government-sponsored or government-affiliated entity engaged in

cyber activities for intelligence gathering, disruption, or strategic advantage.

Cyber Sovereignty:The concept that states have the right to govern and control the flow
of information within their borders, including the cyber domain.

Security Council:A principal organ of the United Nations responsible for maintaining
international peace and security.

Bilateral Relations:The diplomatic and political interactions between two nations, which can
influence the dynamics of cyber relations.

Non-State Actors:Entities other than nation-states, such as hacktivist groups or private

organizations, involved in cyber activities.
Incident Response:The coordinated effort to manage and mitigate the impact of a cybersecurity
incident, including investigation and recovery.

Stuxnet:A notorious computer worm discovered in 2010, believed to be a cyberweapon

designed to target Iran's nuclear program.

Cyber Diplomacy:The use of diplomatic channels and negotiations to address issues and
conflicts arising in the cyber domain.

Critical Infrastructure:Systems and assets, whether physical or virtual, that are essential to the
functioning of a society, economy, or government.

SECURITY COUNCIL COMMITTEE 6. Guiding Questions.

● What is the current state of cyber threats and activities in the Russia-Ukraine conflict? ●
How challenging is it to attribute cyber operations to specific state actors in the Russia-
Ukraine conflict?
● How do cyber espionage and intelligence gathering fit into the broader strategy of hybrid
warfare employed by the involved parties?
● What impact do cyber operations, including espionage and intelligence gathering, have on
the national security of both Russia and Ukraine?
● To what extent do cyber operations impact the civilian population in terms of privacy,
human rights, and access to essential services?
● What are the potential future trends in cyber warfare in
the Russia-Ukraine conflict?

SECURITY COUNCIL COMMITTEE

7. Conclusion.

The conflict between Russia and Ukraine has been a long-standing one, with espionage and
intelligence gather cyberattacks, poisonings, and sabotage in Europe. The spy war has
intensified in recent months, with Western countries seeking to hit back and inflict lasting damage
on the ability of Russian intelligence to carry out covert operations. The report also highlights the
unprecedented expulsion of 500 Russian officials from Western capitals, who are believed to be
undercover intelligence officers.

Another report by Dark Reading outlines how attackers have used seven different families of
malware A recent report by CBS News alleges that Russia-based hackers conducted a
sophisticated cyber campaign against American intelligence officials, including contractors at the
State and Defense Departments, as part of an international operation that included NATO
members and Ukraine.

Finally, a report by Stiftung Wissenschaft und Politik provides an overview of the cyber
operations in Russia’s war against Ukraine. The report highlights the use of cyber operations by
Russia in the conflict and the lessons learned so far.

In conclusion, the conflict between Russia and Ukraine has seen a significant escalation in cyber
espionage and intelligence gathering. The conflict holds
valuable lessons for cyberwar, and it is essential to remain
vigilant against such attacks in the future.

SECURITY COUNCIL COMMITTEE

8. Recommended Sources.

Ray, M. (2024, January 27). Russia-Ukraine War | Casualties, Map, Causes, & Significance.

Encyclopedia Britannica. https://www.britannica.com/event/2022-Russian-invasion-of-Ukraine

Masters, J. (2023, February 14). Ukraine: Conflict at the crossroads of Europe and Russia.

Council on Foreign Relations. https://www.cfr.org/backgrounder/ukraine-conflict-crossroads-

europe-and-russia Topic: Russia-Ukraine war 2022-2023. (2023, December 21). Statista.

https://www.statista.com/topics/9087/russia-ukraine-war-2022/#topicOverview Jazeera, A. (2023,

April 11). History Illustrated: Russia and Ukraine, a history of violence. Al Jazeera.

https://www.aljazeera.com/amp/gallery/2023/3/27/history-illustrated-russia-and-ukraine-a-

histor y-of-violence

JSTOR Daily. (2023). Ukraine, Russia, and the West: A background reading list. JSTOR Daily.

https://daily.jstor.org/ukraine-russia-and-the-west-a-background-reading-list/ Twelve myths

about Russia’s War in Ukraine exposed. (2023, March 8). European Commission Representation

in Cyprus. https://cyprus.representation.ec.europa.eu/news/twelve-myths-about-russias-war-
ukraine-exposed -2023-03-08_en

Mankoff, J. (2022). Russia’s War in Ukraine: identity, history, and conflict.

https://www.csis.org/analysis/russias-war-ukraine-identity-

history-and-conflict

SECURITY COUNCIL COMMITTEE

9. Bibliography.
The Editors of Encyclopaedia Britannica. (2024, January 26). United Nations Security Council |

History & members. Encyclopedia Britannica. https://www.britannica.com/topic/United-Nations-

Security-Council

Trahan, J. (2020). The origins and history of the veto and its use. In Cambridge University Press

eBooks (pp. 9–52). https://doi.org/10.1017/9781108765251.003

Staff, C. (2023, February 28). The UN Security Council. Council on Foreign Relations.

https://www.cfr.org/backgrounder/un-security-council

Mueller, G. B., Jensen, B., Valeriano, B., Maness, R. C., & Macias, J. M. (2024). Cyber

Operations during the Russo-Ukrainian War. https://www.csis.org/analysis/cyber-operations-

during-russo-ukrainian-war Russian cyber operations in the invasion of Ukraine on JSTOR. (n.d.).

www.jstor.org. https://www.jstor.org/stable/48703290

Cyber espionage and information warfare in Russia | Small Wars Journal. (n.d.).

https://smallwarsjournal.com/jrnl/art/cyber-espionage-and-information-warfare-russia

Corera, B. G. (2022b, May 14). Ukraine: The spy war within the war. BBC News.

https://www.bbc.com/news/world-61311026

Writer, R. L. C. (2023, December 8). Russia-Ukraine conflict holds Cyberwar lessons.

https://www.darkreading.com/threat-intelligence/russia-ukraine-conflict-holds-cyberwar-lessons

Legare, R., & Ott, H. (2023, December 7). Russian hackers accused of targeting U.S. intelligence

community with spear phishing campaign. CBS News. https://www.cbsnews.com/news/russian-

hackers-u-s-intelligence-community-spear-phishing-cam paign/
SECURITY COUNCIL COMMITTEE