You are on page 1of 8

Draft Resolution 1.

2 Counter Terrorism Committee Countering Cyber-terrorism


Signatories: United Kingdom, United States of America, Palestinian Liberation Organization, Islamic Republic Pakistan, France, China, France, Iran, Israel, Libya, Norway, Pakistan and Syria.

Aware of the possible, immeasurable threat posed by cyber terrorism, Noting the difference between transnational cyber-terrorism and non-state actor perpetrated cyber-crime, Taking into account that the current Law of Armed Conflict only partially fulfills the criteria to govern inter-state conflicts caused by cyber-terrorism, Noting further the hindrances caused by the problem of attribution and identification, Expressing concern on the absence of an institutional framework to litigate against cyber terrorism, Realizing the need to reinforce cyber defense programs of various member states, Considers cyber espionage on national secrets of a sovereign country as an attempt to destabilize the country and hence is an attempt to initiate cyber war, Further believing that member states should also respect, as best as possible civil liberties and right to privacy, Fully believing that a speedy and effective response is imperative against the perpetrators of cyber terrorism, Recalling the clauses of the UDHR relating to basic human rights, Viewing with appreciation the steps and measures taken by states to date by combating cyber terrorism via internet and the social media, Bearing in mind the increase in resource expenditure on national cyber offensive and defensive strategies,

1. Resolves the definition of cyber-terrorism as An intentional act by an individual or group which seeks to compromise, attack, or infect a computer system or internet service with the aims of, retrieving confidential information to which the individual or group would normally not have access, causing panic, distress, terror or prevent freedom of speech, infringing upon rights of the people and property, and impending social administration;

2. Declares cyber space is a global domain within the information environment consisting of the interdependent network of information technology infrastructures, including the internet, telecommunications networks, computer systems, and embedded processors and controllers;

3. Considers an act of cyber-attack to constitute the following: a. Hacking into the cyber-space of the target state and manipulating it to the targets disadvantage, b. Sabotaging a cyber-based program, operation or facility being conducted by the target state and shutting it down, c. Gaining control over the national critical infrastructure of the target state via cyber-space and either distort them or use them against the target, d. The legitimacy of the cyber-attack is subject to the conditions set above;

4. Takes note of the negative impacts of cyber-terrorism on diverse areas of economy of a state as: a. It hinders the functioning of private corporations and National Stock Exchange Centres considering the loss of information data, b. It deteriorates the customer-client relationships that affect the market negatively;

5. Further considers cyber-espionage as an act of unauthorized probing into the cyber-space of the target state with the intention of obtaining information without the permission of the holder of this information, with the intention of causing physical damage leading to the dysfunction of the governmental networks, civil utilities, military defenses and financial regulators and markets of the target state;

6. Further proclaims cyber defense as an act taken to directly counter/hinder the aggressor tool of an attacking state;

7. Endorses that any act of cyber-defense is a legitimate form of response to an offence launched against the aggressor state which abides by the rules of engagement which are stated as follows: a. The member states are called upon to support and adhere to a no-first use policy, b. The cyber-defense response should not harm any civilian entity or organization, including government departments dealing exclusively with civilian affairs, c. The response must not directly, or indirectly, cause great inconvenience and harm to the civilian population or lead to civilian casualty; 8. Declares that non-state actors or groups conspiring, planning, carrying out, funding or aiding acts of cyber warfare shall be outlawed in/by all member states, and those member states will commit to prosecute the violators to the fullest extent possible in their jurisdiction; 9. Calls upon states to constitute cyber-attack as armed conflict only if it causes a substantial physical damage and loss of human life for which the committee shall refer to the Laws of Armed Conflict for the purpose of compensation and retribution;

10. Reaffirms that state-sponsored cyber-terrorism should be dealt with in the same manner as with state-conducted operations; 11. Supports non-proliferation polices and encourages member states to adopt such measures in their policy framework;

12. Emphasizes that attribution of and accountability for a cyber-attack is necessary for a resolution to the problem for which the following recommendations are made: a. Enhance the involvement of The Working Group on Internet Governance in this regard, b. On the national level, strengthen existing institutional and legal frameworks and the associated law-enforcement agencies, cyber-defense units and departments, c. On the international level, encourage intelligence sharing between states and regions to form a collective pool of information cyber-attacks and its instigators, in the form of a Global Joint Venture; d. The creation of a monitory body of the United Nations comprising of political, legal and technical experts from P5 nations and a neutral state rotated every three years which shall perform the following functions: i. Receive monthly reports from member states cyber-terrorism defense units on the status of cyber-activity in their respective regions, ii. Investigate instances of cyber-attacks to derive the patterns and trends of

cyber-attacks and establish a psyche profile of an offender,

iii. Pursue research and development in different areas of cyber technology to further enhance the capabilities of the member states to identify the perpetrator, iv. Publish reports on a monthly basis to update the member states of the progress and new information, v. Monitors the implementation and adherence of the legislation and framework derived by the proposed ad hoc committee; 13. Proposes the following exit strategy for the policy of combating cyber-terrorism globally: a. Establishment of Disaster Recovery and Backup Plans in order to restore the initial security systems in case of any cyber-attack, b. High-alert security to be provided to the cyber-defense units, c. Creation of more Data Centres to ensure that critical information is not at the risk of being leaked from one location, d. Making a reserve force, comprising of technical and cyber experts, that will remain in standby until an attack of magnitude that renders the primary system ineffective, is experienced; 14. Draws attention to international humanitarian law enshrined in AP I article 48, which will be referred to, in order to ensure respect for and protection of the civilian population and civilian objects, when dealing with state sponsored cyber-attacks; 15. Supports the formation of an ad-hoc committee for a period of six months which shall report to the United Nations Security Council for the required legislation and institutional framework to deal with the deliverance of justice to the affected country by cyber-terrorism:

a. Member states should be required to adopt this general framework into their respective cyber-departments, institutions and authorities to strengthen the respective departments, b. These laws should act as universal precedence and principles to ensure effective, transparent and timely justice, c. Further in case of attack, the affected country shall retaliate in accordance to the laws and framework established by this committee,

16. Encourages cyber-defense units to be strengthened and to be established where security measures need to be taken as follows: a. Deployment of vital security applications including Intrusion Detection Systems and firewalls in instate security systems, b. Regular monitoring to be carried out in order to ensure maximum security of these system; 17. Emphasizes that when dealing with non-state actors, legislature and plan of action to be adopted shall slightly different with regards to state actors: a. First, the perpetrators must be identified with regards to attribution clause eight, b. The host state of these cyber offenders is expected to locate the perpetrators, trial and prosecute them, c. If it is unable to trial a suspect then it is the responsibility of bodies such as the International Court of Justice to perform the stated tasks; 18. Takes note of the security concerns that come along with Cloud Computing Service and encourages to have checks and balances on verification of access controls and

monitoring of data and encourages the formulation of a Privacy Legislature to consider the following: a. The service consumer must be well informed whenever his or her personal data is accessed to prevent identity theft by terrorist to promote terrorism, b. Service providers must provide the users with to report compliance; 19. Encourages private IT firms to be incorporated into cyber development programs of member states: a. Firstly, collaboration with the private sector for the purpose of development in cyber security brings about greater expendable funds, b. Secondly, the effectiveness of the security systems shall be more dependent on result based results increasing their effectiveness, c. Thirdly, confidence building measures to be taken to bring back the lost confidence of the private corporations in the government, that adversely affected by cyber-attacks; 20. Emphasizing upon the need to have local security training programs to be carried out by state so as to train locals with skills to protect their computer systems and prevent them by getting hacked by cyber terrorists; 21. Requests member states of the developed world to provide funds for the development and sustenance of the cyber defense units and to look into the aspect of cyber research, under the following framework: a. Technical training shall be provided to states with their consent in order to enhance their security control systems by providing: i. ii. iii. Setting up training camps for the officials of underdeveloped nations by experts of the developed nations, Skills on securing a large database, Skills on finding and securing leaks in an information store,

iv. v.

Skills on resisting cyber-attacks through means of anti-hacking and defense software, Knowledge on creating their own unique software/defense through using programming languages;

b. States would be encouraged to provide financial aid if there are limited resources to combat cyber-terrorism, where its channelizing would take place under Transparency International; 22. Expresses the need to promote existing organizations built to counter cyber-terrorism, such as the Convention on Cyber Crime of Europe which is the only organization that lays down the guidelines for all governments wishing to develop legislation against cyber-crime, in order to avoid complexities involved in making new organizations; 23. Decides to remain actively seized of all matters.

You might also like