Topic 1: International Standards For Medicinal Research
advertisement
CSTD PACMUN 2015 Pacific Model United Nations The Commission on Science and Technology for Development Director: Karthik Krishnan Chair: Alexandra Ash Assistant Director: Daljit Kaur 1 CSTD PACMUN 2015 TABLE OF CONTENTS Committee Introduction ................................................................................................ 4 Topic 1: International Standards For Medicinal Research ........................................ 4 Introduction ................................................................................................................ 4 History ......................................................................................................................... 5 Past UN Action ........................................................................................................... 6 Current Situation ........................................................................................................ 6 Bloc Positions ............................................................................................................ 7 North America: ........................................................................................................ 7 South America: ........................................................................................................ 8 Europe and Oceania: .............................................................................................. 8 Asia: ......................................................................................................................... 8 Middle East: ............................................................................................................. 9 Africa: ....................................................................................................................... 9 In General: ............................................................................................................. 10 Case Studies ............................................................................................................. 10 Case Study 1 .......................................................................................................... 10 Case Study 2 .......................................................................................................... 10 Guided Questions .................................................................................................... 10 Sources ..................................................................................................................... 11 Topic 2: Assessing Cyber Security ........................................................................... 12 Introduction .............................................................................................................. 12 History ....................................................................................................................... 12 Past UN Action ......................................................................................................... 13 Current Situation ...................................................................................................... 14 Bloc Positions .......................................................................................................... 15 North America: ...................................................................................................... 15 South America: ...................................................................................................... 15 Europe and Oceania: ............................................................................................ 15 Asia: ....................................................................................................................... 16 Middle East: ........................................................................................................... 16 2 CSTD PACMUN 2015 Africa: ..................................................................................................................... 17 In General: ............................................................................................................. 17 Case Studies ............................................................................................................. 17 Russia .................................................................................................................... 17 Cyber Attack on Ebay ........................................................................................... 18 Guided Questions .................................................................................................... 18 Sources ..................................................................................................................... 19 3 CSTD PACMUN 2015 COMMITTEE INTRODUCTION The Commission on Science and Technology for Development (CSTD) is a subsidiary of the Economic and Social Council (ECOSOC) and has been active since 1993. It specializes in advising the General Assembly (GA) and ECOSOC on issues having to do with science and technology in order to aid developing countries. This committee meeting will advise the GA and ECOSOC on the following topics: 1) International Standards for Medicinal Research and 2) Addressing Cyber Security. We are excited to see how the delegates will address and resolve these issues. We hope the discussions during committee sessions will be both diplomatic and thought-provoking. We hope delegates will find this Background Guide informing and they will have fun debating! The Dias welcomes any questions, and we look forward to seeing you at PACMUN. TOPIC 1: INTERNATIONAL STANDARDS FOR MEDICINAL RESEARCH INTRODUCTION While creating new medications, scientists must research and experiment with different ingredients to make sure that these medications are effective, and cause more benefit than harm to patients. Oftentimes, the medicine will be thoroughly researched before it is approved for animal testing, and once proven safe for animals, the medication will be tested on a relatively small number of humans in several trials for reliability, safety, and effectiveness. Once a medication passes the human test stage, it is released into the general public for prescription or over-the-counter (OTC) use. Multiple trials on a medication before release allow researchers to correct mistakes and prevent fatalities and injury. However, standards for the research and testing of new medications are not the same throughout the world. Poor standards for medicinal research can lead to significant loss of life, especially if a medication is being administered worldwide. However, delaying the release of a medicine so that each country planning to use it can test and retest it due to it not fitting their standards can have the same effect. Currently, many organizations such as the World Health Organization (WHO) and the International Standards Organization (ISO) have guidelines or standards set in place for medicinal research--however, these tend to be unenforced or nonspecific. This allows for differing standards in different countries, which is also a result of differing income levels, faculties, and access to tools and resources for medicinal research and testing. For instance, a state with a higher GDP can allocate more funds to researching and testing medicine, and will also have better facilities and more tools than a country with a lower income. Also, oversight on medications is less stringent in some states, which can allow for unsafe drugs to be released to the public. This dangerous situation occurs globally, and the implementation and 4 CSTD PACMUN 2015 enforcement of international standards for medicinal research can drastically reduce the number of lives lost to unsafe medication. HISTORY The history of patent medicine stems from the late 17th century when ruling class in many Western European countries declared certain proven types of medical elixirs legitimate in comparison to the others. Since 1925 however, the patenting of medicines has been emphasized for many reasons. One is that in order for a medicine to be deemed legitimate by the public, the creator had to disclose its ingredients for the public to approve (today, approval is done by various agencies such as the United States’ Food and Drug Administration). Another reason is that patenting medicine allows an individual to distinguish his or her medication amongst other products. This also means that his or her product would be patented and branded for consumer popularity. Lastly, the producer has proprietary control over the medicine he or she produces for a certain number of years. Even in Latin, patent medicine is nostrum remedium, or “our medicine,” emphasizing the importance companies place on owning a medicine/process they have pioneered for profit and popularity. The patenting of medicine evolved with the scientific method of medical production. Medicine emerged from a series of early pseudoscientific methods such as alchemy and work done by apothecaries in order to produce elixirs that would help the ailing patients of the time. While some of these elixirs worked, many were not reliable, nor were they scientifically legitimate. Before modern medicine emerged in the 19th and 20th century, “magical” methods, particularly the occult, allowed individuals to avoid patenting their methods for a while. In many ways this is a hazard due to the fact that elixirs and potions that are not scientifically tested can have drastic effects on human health or merely be utterly useless in terms of truly curing anything at all. The main issue with patent testing is that the process takes quite a long time. The patenting of medicines is a precursor to the numerous standards it needs to pass in order to be available on the market. Patenting is merely a way in which companies can have ownership over a chemical formula before it is tested. It may take months to years, depending on the importance of the medicine. Even a couple of months can be costly for testing medicine for the purpose of being used in areas that are currently plagued with disease. An example is the most recent Ebola Epidemic that occurred in West Africa in 2014. Since June 17th, 2015, the World Health Organization estimates around twenty-thousand people are suspected to have contracted this virus, and eleven-thousand have died from it. Even worse, the incubation, or process of catching a virus, for this period ranges from as little as two to twenty-one days. If medicines are efficiently approved throughout the world to cure rampant diseases, while still maintaining the scientific process of testing extensively, organizations such as CSTD and WHO can work together and spread the medicine to the nations that need it the most. CSTD’s role in the testing of medicines is that it is necessary to do so thoroughly, but in a time span in 5 CSTD PACMUN 2015 which lives can be saved. Patenting emphasizes the scientific method of testing medicines, which is highly important, but the lack of speed in testing allows millions of deaths to occur. PAST UN ACTION While the UN itself hasn’t necessarily pushed for faster testing techniques, they have certainly been a product of discussion in the medical world. Many agencies such as the FDA and the CDER (Center for Drug Evaluation and Research) have been looking into speeding up research in times of dire need. The FDA has created an accelerated development/review in which a medication is tested to a certain degree, and then tested even after its release into the market. This allows the individuals plagued by the disease to use whatever form of medication is effective and receive improved versions over time. Not only is this useful for taking care of outbreaks, this method is also effective in not compromising the safety of drugs on the market. The CDER also suggested using a wider range of experts to test medications in order to speed up the process and receive extensive study on the medication itself. Throughout pharmaceutical history, it has been tested under various standards and perspectives, including the microbiological, chemical, pharmaceutical, and toxicological effects of the drug. By increasing the testing range to a wider group of subjects, the CDER claims that they can speed up the process by not having to rely on one entity to accomplish all these tests in a longer period of time. The United Nations currently continues to supply medication that is commercially available to countries that are plagued by disease, but the United Nations cannot do so unless the medication is publicly available. By following the standards of the FDA and CDER and applying the methods at hand, it is possible to move closer towards testing medication more quickly and patenting it so that corporations have an incentive to create these medications. Furthermore, the UN can take actions and contact international agencies and involve everyone in understanding methods to speed up extensive medical research for use in plagued areas. CURRENT SITUATION Patenting is used today in many of the same ways in which it was utilized in the past. According to the European Commission, “patents are key in the pharmaceutical sector, as they allow companies to recoup their often very considerable investments and to be rewarded for their innovative efforts." Patents serve as a building block for companies to develop innovations and gain profit in order to continue developing medicines. In the long run, patents can be extremely useful. They allow companies to have proprietorship over the chemical formula in which they have put millions of dollars of research. Using basic economics, it is clear that unless companies gain a net profit on their research, they would be unlikely to continue it in the future. Therefore, the patenting of medicine works very well for the long term. 6 CSTD PACMUN 2015 The testing process for medication in more developed countries also follows the scientific method. For most of the drugs, the medicine is first tested on rodents in order to figure out how it is absorbed into the bloodstream. Then after it has been extensively tested on rodents, it is either tested on other animals or moved directly to humans, depending on the drug. When it is moved to humans, it is first tested on a select group of volunteers. If it passes this portion of testing, it is then moved into clinical trials where an early form of the medication is released into the market. If the medication was deemed as unsafe in the early trials, the CDER will place a clinical hold and prevent it from going into further trials. If it does pass these clinical trials, it is sold commercially and refined based on various factors such as side effects and effectiveness. Therefore, patenting is not really a problem (as many people assumed it was due to the monopoly a company holds by owning ownership over a chemical formula). Patenting allows companies to gain incentive to continue producing medicines. The true problem is that the testing process of medicines by organizations such as the Food and Drug Administration in the United States can be a lengthy one. Instead of patenting being much of the problem, it is the lengthy testing of the medicine at hand that can be a problem for developing nations that lack health-care for deadly diseases. Therefore, the focus should be on the testing method and how it can be efficiently performed in order to effectively to combat this problem. Depending on the medicine, it is first tested for any ingredients that have been banned by the FDA. These can include carcinogenic substances such as cadmium, mercury, and lead. Monographs are primarily used for this screening process. Once the FDA evaluates the ingredients of the medicine, they view the medical trials the company has completed on rats, humans, and other animals. This is often what may take a longer time by the company as they constantly tweak their medicine before testing it out on humans. Obviously, humans should not be given medicine that has not passed the aforementioned clinical trials. This is the complete dogma. How should a company go about testing their pharmaceutical patent in a manner which is thorough and responsive to a disease that breaks out in places without proper health-care, while not testing for too long? The first step would be for the United Nations and the CSTD to evaluate the methods used by the FDA in order to figure out if a process of testing can be faster while maintaining results that are thorough. This problem of lengthy testing has affected many serious outbreaks in the 20th and 21st centuries, such as Ebola, Swine flu, syphilis, HIV, and many others, which could be halted or prevented with fast-acting medicine and testing. BLOC POSITIONS NORTH AMERICA: The North American bloc position is largely interrelated with the the Food and Drug Administration as a large extent of medical research is completed and medicine is sold in the United States. This is based on population and frequency of research institutions. North 7 CSTD PACMUN 2015 American countries are likely not concerned with the speed of research methods/depth of testing because epidemics have been less common in North America in the last 50 years compared to many countries in Africa. SOUTH AMERICA: In South America, illegal and unregulated drug trials are becoming widespread. Many patients are coerced by hospital or clinical staff to sign papers with terms or agreements that they don’t understand. These papers are actually waivers and agreements to participate in dangerous experimental drug trials. The doctors, nurses, and staff members of medical facilities are often paid per patient who signs agreements to participate in trials, either knowingly or unknowingly. This malpractice has caused illness, permanent health problems, and even death. For example, in 2008, during unauthorized clinical trials for GlaxoSmithKline, a pneumonia drug, in Argentina, 7 babies died. Still, unregulated drug trials are an ongoing and increasing epidemic affecting more people than ever. Since people are likely to trust doctors most, many patients and caretakers sign papers without fully understanding their implications, and due to a lack of education and awareness of these drug trials, Unsanctioned drug trials like these are more easily accomplished in South America due to the unregulated health care. South American countries should focus on regulating and mandating health care and ensuring that patient rights are protected, and that all drug trials go through legal lanes. EUROPE AND OCEANIA: Europe has a similar position to North America in its views of speeding up medical research due to the fact that epidemics have not been as rampant as those in Africa since the Black Death. While Europe plagued other nations through colonization, it rarely had major internal epidemics to the degree of those in the New World (circa 1500) and West Africa today. Oceania on the other hand is exposed to multiple tropical diseases that are investigated less, therefore medications are prescribed less. If medical testing is sped up, tropical diseases could be cured more efficiently. The places in Oceania most plagued by disease are island nations, such as Micronesia, in contrast to more developed regions such as Australia and New Zealand. ASIA: Asia has a generally strong standing in terms of medicinal research. Recently, medicinal research spending has increased over United States spending, with Hong Kong at the center of this researching boom. However, less developed countries still are victim to disease and low 8 CSTD PACMUN 2015 medical supplies. More rural regions often resort to traditional medicines which may or may not be helpful in treating illness. These more rural areas don’t participate in research or trials because of a lack of facilities and knowledge. In order to increase participation, more areas must be made aware of new and potentially safer medications and vaccines, and be provided with education. In this way, medicine and research can be standardized throughout every part of Asia, regardless of level of development. MIDDLE EAST: In many Middle Eastern countries, regulations and standards exist and are enforced, but pale in comparison to international standards. In ten Middle Eastern nations studied, eight documents pertaining to medicinal research were found, three of which were from Saudi Arabia. The remaining documents were from Lebanon, Egypt, Jordan, United Arab Emirates, Kuwait, and Qatar. These countries had several ethical and medical research regulations, but lacked the detail and enforcement that similar international documents had. In addition to regulations of their own, many Middle Eastern countries also adhere to guidelines presented by the GCC (Gulf Cooperation Council). In the GCC Guidelines for Variation Requirements, many guidelines for medicinal research are presented, including alerting the public about changes to medication name and manufacturing, and which documents to supply in accordance to which change has been made to a medication. Given the Middle East’s growing standards for medicinal research, the goal of Middle Eastern nations is to continue and supplement this growth in order to manufacture on a larger scale and treat more patients more effectively. AFRICA: The standards on medicinal research vary depending on the development level of the country. A developing nation will have less stringent standards and less medicinal and medical research facilities and education available. Therefore, in Africa, medicinal research standards vary greatly. However, in a continent where HIV and AIDS has a long-standing epidemic, and more recent ones, such as Ebola, have stricken large populations, it is imperative that standards be raised and new medicines and vaccines are created to combat diseases. There are many organizations, both domestic and transnational, which are focused on improving standards, educating health workers and strengthening health systems, and fighting disease. Two such organizations are Amref Health Africa and The South African Medical Research Council. Amref is an organization dedicating to improving health and health practices across all of Africa, and one of its main priorities is Research and Advocacy. The South African Medical Research Council is in charge of South Africa’s medicinal research and education, ethics, and funding. Through the help of Amref, more councils like The South African Medical 9 CSTD PACMUN 2015 Research Council can be established so that more drugs and vaccines can be processed, tried, and distributed. IN GENERAL: An example of an organization that improves the efficiency of research by pharmaceutical companies is a contract research organization (CRO). A CRO provides assistance in the form of outsourcing labor such as the creation of certain biologic reports and biopharmaceutical development. In many ways, a CRO is a separate entity with the intention to help government agencies through profit and private spending. CASE STUDIES CASE STUDY 1 A widely known case is the Ebola virus epidemic in West Africa. This virus causes hemorrhages in the brain and has around a 70% mortality rate. When this outbreak occurred, individuals were desperate to find a vaccine and/or cure for the disease. While many were hospitalized and relieved of their symptoms, the Ebola virus has killed most of the individuals that it has touched. This is a large concern for the doctors that have been exposed to Ebola because they carry the risk of bringing the disease to North America. That being said, if the Ebola virus was hit with the most tested medication on the market today, we could have lowered the number of casualties of the disease altogether. Not only would the death toll have been lower, but the chances of it spreading would have substantially decreased as well. A tested disease needed to be used just then, as we could have saved millions of lives with a beta-drug that would have been further tested over time. CASE STUDY 2 The H1N1 (Swine flu) breakout in 2009 prompted many individuals to receive flu shots the following years in order to prevent the growth of the virus itself. This definitely worked in the developed countries as the H1N1 virus was almost completely curbed in the places where flu shots were ubiquitous. In a way, by effectively promoting a medication early on, many companies and organizations were able to effectively eradicate it from the United States for the most part. That being said, the strain may be able to come back in a stronger form (as it did come back in a stronger form from the 1919 H1N1 breakout) but if the nations afflicted by it act in the same way and grant vaccines and medications that are tested to a certain degree to the population, then countries will not be ravaged by the flu as they could have been. GUIDED QUESTIONS i. How can we make it so poorer countries can afford to meet new standards? 10 CSTD ii. PACMUN 2015 What specific standards can increase the safety of medicines and medical procedures? iii. How can we enforce these standards? iv. What might cause a country not to accept standards or restrictions? v. What are your country’s existing standards on medicine, if any? SOURCES http://www.fda.gov/ScienceResearch/AboutScienceResearchatFDA/ http://journals.plos.org/plosntds/article?id=10.1371/journal.pntd.0001755 http://www.fda.gov/Drugs/DevelopmentApprovalProcess/HowDrugsareDevelopedandAppro ved/ApprovalApplications/InvestigationalNewDrugINDApplication/ucm176522.htm http://press.princeton.edu/titles/880.html http://www.thenation.com/article/rise-unregulated-drug-trials-south-america/ http://www.usnews.com/news/articles/2014/01/02/us-medical-research-spending-dropswhile-asia-makes-gains http://www.sciencemag.org/site/products/HKBIO-feature_121221_lores.pdf http://www.ncbi.nlm.nih.gov/pmc/articles/PMC3576357/ http://www.clinsearch.net/dev/md_middle_east.html http://www.ncbi.nlm.nih.gov/pmc/articles/PMC4242697/ http://sgh.org.sa/Portals/0/PDF/Cen_registration/Thc%20GCC%20Guidelines%20for%20V ariation%20Requirements%20version%203.1.pdf http://www.mrc.ac.za/about/about.html http://amref.org/what-we-do/amref-strategic-directions/ 11 CSTD PACMUN 2015 TOPIC 2: ASSESSING CYBER SECURITY INTRODUCTION Through security measures, many states have increased domestic safety. However, while a state might be physically safe, many states are unprepared to deal with attacks to their cyber security. Cyber terrorism is becoming a much more prevalent form of attack as the world begins to depend more on the internet. A person’s use of the internet to gather knowledge, exchange goods and funds, and share information can be in danger when private information can be hacked into. Perhaps even more terrifying, state infrastructure can be affected as well. Currency, nuclear weapon launch codes, security hazards, and classified information are all at risk of being hacked into if the information is computerized. However, having computerized information can increase productivity and efficiency, allow for easier access and centralized files, making it a necessary component of information storage and sharing today. Yet as the risk of cyber terrorism increases, security measures to protect this computerized information must be addressed. Cyber terrorism can come in many forms. Whether it’s the stealing of currency from online banking systems or the acquisition and usage of sensitive military information, it can derail or otherwise negatively impact the growing or established infrastructure of a state. Some states have measures against cyber attacks, but others, especially those new to the usage of computerized information and the internet, don’t have the security needed to protect themselves from cyber terrorism. With several recent cyber security issues in many states, it has become urgent that the world assess what measures must be taken to prevent cyber terrorism attacks. HISTORY Upon the creation of the internet, very few people understood the impact it would have on people and states. The internet was first created by the United States’ Department of Defense’s Advanced Research Projects Agency (ARPA) as a method for computers to communicate amongst each other during the Cold War. The internet, which as that point was called the Arpanet, was made in case the nation’s telephone system was attacked, the government leaders would have another method of communication not so easily disabled. The network slowly grew over the years, adding other smaller company’s package sharing methods and connecting with more than just government officials. Arpanet slowly changed and was built upon, leading to the new World Wide Web being made public in 1981. This World Wide Web was not completely safe though, and an ominous warning was delivered by a group of hackers in May of 1998. This group, titled “L0pht”, told a panel of Capitol Hill senators that, “(they) are not safe, not the hardware, not the software, not the network that connected them. The companies don’t care,” the hackers continued to say, “they only want to meet deadlines, not secure their products. If you’re looking for computer security, then the Internet is not the place to be… The Internet itself could be taken down by any of the 12 CSTD PACMUN 2015 seven individuals seated before you with 30 minutes of well-choreographed keystrokes” stated one of the hackers. While those senators acknowledged these statements, nothing was done, and the world is still paying the price in rampant insecurity. In the world today, many threats come through cyberspace. Cyberattacks initially were directed towards a corporation and dealt with exposing risks, sabotaging systems or taking information, but today they have expanded the threaten countries and national infrastructure. International cyber strikes often range from stealing confidential information to destroying infrastructure to disabling governments. In one of the first recorded international cyber-attacks in 2007, Estonia's internet was completely disabled and all government sites were overloaded and taken down by an outside source for 24 hours. This attack closely followed a disagreement with Russia over the removal of an old war memorial, leading to a general assumption that the attack was executed by Russia. But because of the insecurity of cyberspace, the origin of this attack remains unconfirmed. Far above and beyond this attack is the virus Stuxnet, considered to be the first and most deadly cyber-weapon to this day. Stuxnet was sent by an unconfirmed source, highly suspected of being the United States and Israel, to attack Iranian nuclear facilities. This virus spread from computer to computer via USB memory devices, wreaking havoc and creating much damage. It was one of the first viruses that moved beyond virtual destruction, to the realm of physical destruction, which gave it the title the “world’s first digital weapon.”(Holden) All of these effective attacks have emphasized the deep need for increased cybersecurity in all countries. There has been little action in the past to address cybersecurity, but it is an issue that is becoming more prevalent in this century. PAST UN ACTION There has been very little international action towards securing cyberspace. There have been many United Nations publication that do document the concerns about cybersecurity and the lack thereof. In resolution A/RES/53/70, the need for more research and discussion about cyber/information security was introduced. This resolution later led to three separate Groups of Governmental Experts (GGE) that researched and published all potential threats to the cyber-sphere in 2010, 2011, and 2012/13.(UNODA…) Other publications documenting the threats and status of the cyber-sphere come from the International Telecommunications Union (ITU). (Touré) In the midst of these publications, the United Nations Economic and Social Council (ECOSOC) held a special event in December of 2011 on “Cybersecurity and Development” that worked towards building awareness of the problem and identifying and discussing aspects of the problem, as well as exploring options for a global response. Aside from ECOSOC, many other branches of the UN have held conferences or are exploring international cyber security options. These committees include but are not limited to the North Atlantic Treaty Organization (NATO), United Nations Office on Disarmament Affairs (UNODA), and United Nations Disarmament and International Security Committee (DISEC). 13 CSTD PACMUN 2015 CURRENT SITUATION The current situation for international defense against cyber-attacks is a sad one. Many nations lack the funding and the materials for securing their cyberspace, leaving their infrastructure vulnerable to any manner of attacks. Their infrastructure, banking, military, and governments are left at risk to cyberattacks and cyber-terrorism, in which the aftermath could be devastating. But many of these nations are unable to procure the necessary materials, which lets the threat stagnate and grow. Another concern of many nations is cyber-warfare. Cyber-warfare is a method of war that is being explored by many countries as a substitute to conventional warfare, It is a seemingly safer and easier alternative. In recent years the number of international cyberattacks has spiked, and the option of cyber warfare is becoming a real threat for many nations. The USA and Iran have been utilizing cyber espionage and sabotage for years in attempts to end their conflict, yet it has been unsuccessful and only resulted in more tension between Iran and the Western bloc. Meanwhile in war-torn Ukraine, Russia has been accused of waging a cyber-campaign against the country for the purpose of extracting classified military documents. While currently these campaigns still qualify only as attacks, they could easily escalate to warfare, resulting in destruction of infrastructure, banking, government, and countries, leaving disasters in their wake. This worry has instigated discussion about creating a convention, similar to the Geneva Conventions that would outline rules for cyber-attacks between nations and the legal responses and protocols. This proposal has varied reactions though, and no clear answer on how effective such a document could be in the future. The final concern in cyberspace is cyber terrorism. A broad term with many varied definitions, cyber-terrorism is most commonly described as a politically motivated attack targeting information, computers and sensitive data. Minor acts of cyber terrorism are common, and vulnerabilities in companies and governments are exploited daily by those outside aggressors. An example includes the 2013 hack of the New York Times, Twitter, and Huffington Post, which disabled their websites for multiple hours. A Syrian hacker group, who had a history of infiltrating organizations that it considers hostile to the Syrian president Bashar al-Assad, took credit for the attack shortly after its execution. The companies reassured their customers in a statement declaring that they had not taken any personal information, unlike cases in the past where they group had compromised sensitive information. But there has been an even more pressing question posed by countless states in the wake of attacks such as this: what would a large scale cyberterrorist attack look like, and what measures must be taken to defend against that unknown? These questions are the concerns of many nations and companies, and is something that greatly threatens developing nations. 14 CSTD PACMUN 2015 Cyberspace is vulnerable to many different natures of attacks, both physical and virtual. The need for protection against this cyber threat is growing more necessary as these weaknesses are exploited by terrorists, individuals, and opposing states. Governments, militaries, financial institutions, hospitals, they just begin the list of people who use the internet to process, store and share confidential data. Cybersecurity is utilized by countries to protect against the possibilities of cyber-attack or cyber warfare. BLOC POSITIONS NORTH AMERICA: Canada and the United States are well-versed with technology, and have complex systems put in place to combat cyber terrorism. However, that doesn’t mean that the threat of their cyber networks being hacked or sabotaged is nonexistent. The biggest threat is hacking done through cloud-based storage systems. However, as terrorist groups grow, the threat of cyber attacks is a prominent concern. Mexico’s cyberspace is still developing, but there are many issues with pirated software, which is prone to vulnerability. Due to all of the pirated software in use by devices in Mexico, cyber attacks have gone up 40% in 2012. SOUTH AMERICA: While its cyberspace is still growing, South America’s online presence has increased exponentially. As a result, Brazil, Chile, Colombia, Ecuador, and Peru have taken cyber security into their plans for the future. However, there is still much research to be done. The general trend in South American countries seems to be increasing protection, especially in cases of monetary or identity theft, but also protecting against spyware use in government operations. Columbia, Argentina, Chile, and Venezuela face the most risk based on their current standards of security and risks. EUROPE AND OCEANI A: The European Union (EU) is working to increase cyber security by creating cybercrime and alert platforms and reinforcing their Network and Information Security Policy. While the EU has strong plans against cyber security and most of its members have developed strong cyber networks, the European countries not included in the EU, such as Russia, Ukraine, and Turkey, are not included in its plans. Russia has a more private network with allegations of surveillance, even against memes, and has created Kaspersky Anti-Virus systems. Russia seeks to prevent information and communication tools being used for military purposes, and is against UN Charter Article 51, which guarantees a country’s right to use self-defense if attacked, being applied to cyberspace. 15 CSTD PACMUN 2015 Russia is allegedly also in a cyber conflict with Ukraine, which is trying to strengthen its defenses. Also, Russia and China have signed a pact to cooperate on cybernetic threats aimed at them. Turkey is seeking to build a national framework to defend against cyber attacks, and has a rapidly growing cyber network. Its biggest threats are information and identity theft, and a lack of awareness and infrastructure. In Australia, a country with a more developed cyber network, cyber security is a top priority. Their main concerns are attacks from other states as well as monetary loss from fraud. In New Zealand and other island states in Oceania, the cyber network is becoming much more developed, and the main threats are scamming, identity theft, and lack of awareness by citizens. ASIA: Population-wise, Asia has about 45.7% of all the world’s internet users, and that number is still growing. China, North and South Korea, and Japan have particularly developed cyber networks. China and North Korea have more private networks, where the information flow to citizens is more restricted and monitored, not unlike Russia. South Asian countries, in comparison, have cyber networks that are still developing. In these developing countries, identity theft and scamming is common, and has caused significant monetary losses through hacking and theft. China and North Korea have a very strong cyber security policy, but it restricts the information available to citizens. However, China has more information available and is looser in its restrictions than North Korea. This strategy is to protect against espionage and foreign attack. Meanwhile in Japan and South Korea, citizens have the freedom to use the internet how they wish as long as it doesn’t conflict with their laws. Both have several policies in place to prevent identity theft and fraud, and have had campaigns to promote citizen awareness of cyber security. The biggest threats to Japan are cyber crimes and hacktivism over cyber terrorism or warfare. However, South Korea has increased cyber security recently, with claims that its in order to defend against North Korea. MIDDLE EAST: In the Middle East, all nations have developed cyber networks except for Iran, Palestine, Saudi Arabia, Syria, and Yemen, which are still developing, and Iraq, which is still entering the cyber world with only 9% of its population using the internet. Majority-wise, most Middle Eastern countries have very developed cyber networks. However, there are also added terrorism threats coming from extremist factions that can be found lurking in war-torn areas. While many countries, especially more developed nations, do have policies protecting against cyber attack, others are just starting create these 16 CSTD PACMUN 2015 policies or have none at all. The biggest threats to these states are terrorism attacks, threats of espionage, or identity theft and monetary fraud. AFRICA: Most countries in Africa are still growing their cyber networks, with Madagascar and Malawi having developed cyber networks, and Egypt, Kenya, Morocco, Seychelles, and South Africa having an over 50% population usage of the internet. As many countries are still in the very early stages of development, cyber security is less of a threat. For other countries which are in the process of developing, focus on a cyber infrastructure is the biggest cybernetic priority. Madagascar, while having a developed cyber network, has few systems or organizations set in place to increase cyber security, but has criminalized it. Malawi also doesn’t have many organizations set in place to prevent cyber attacks, but does have a policy recognizing the importance of cyber security and is in the process of criminalizing cybercrime. However, as a whole, the African Union has published a resolution on cyber security that seeks to establish a framework for defending against cyber attacks and diminishing the gap between poorer countries with little internet usage and wealthier countries with a majority of the population using internet. IN GENERAL: Countries with developed cyber networks are concerned about attacks on identity, frauds and scams, and cyber terrorism and attacks from other states. They typically have systems and organizations set in place to combat cyber attacks, and citizens are often more aware of cybernetic dangers. However, cyber attacks against developed cyber networks are growing increasingly complex, and have not been eliminated. In countries with developing cyber networks, the number of internet users are often rising exponentially, but these users are often unaware of the potential risks that are present online, such as identity theft and scamming. Also, these states don’t usually have developed cyber infrastructure or protection, and are vulnerable to all forms of cyber attack. CASE STUDIES RUSSIA In October 2012, the Russian antivirus firm Kaspersky Lab uncovered a cyber-espionage malware dubbed “Red October” that had infiltrated Microsoft Word and Excel programs in order to steal governmental, scientific, and diplomatic secrets worldwide. Red October had been active since 2007. Not only did it steal sensitive and classified national security 17 CSTD PACMUN 2015 documents, it also stole personal and identity information as well. Thankfully, Kaspersky neutralized the threat, but information had already been stolen. Red October has targeted nuclear research facilities, embassies, and even encrypted and deleted files from Eastern Europe and Central Asia, but victims were also found in Western Europe, North America, and worldwide. It had specific targets, often leaders of institutions or companies or countries. The fact that this attack went on for so long, uninterrupted, means that any number of important documents could’ve been stolen. However, if more nations had a stronger cyber security platform, the attack might’ve been stopped earlier or could have never even happened at all. CYBER ATTACK ON EBAY Something that might be more familiar is the recent cyber attack on eBay on February March 2014. Over 145 million people had their private information, including names, address, purchase history, email, date of birth, and password, stolen. However, it’s been reported that no credit card information has been stolen. Despite the lack of financial data being stolen, enough information was stolen from customers that identity theft is a real concern. And sadly, it’s not the first time eBay has been hacked or threatened by hackers, or that similar firms and other retailers have been targeted. In fact, there are even YouTube videos that teach people how to hack into stores and steal credit card and identity information. This is a constant threat to not only online buyers, but also to anyone who has shopped anywhere. For example, in 2013 Target had a credit card breach that ended in over 40-70 million people impacted and a $10 million lawsuit against Target. Many companies don’t have cyber security systems in place, and when these companies are global, the effect of hacking can ripple across the world. Only with a proper, enforced cyber security infrastructure can we prevent attacks like this in the future. GUIDED QUESTIONS i. What are the biggest threats to cyber security globally and domestically (in the country you represent)? ii. How does your country currently address threats to cyber security? iii. How developed is your country’s cyberspace and security? iv. What methods of combatting threats to cyber security would be globally accepted? 18 CSTD v. PACMUN 2015 What are the effects, both positive and negative, of increasing cyber security either globally or domestically? SOURCES "African Union Convention on Cyber Security and Personal Data Protection." AFRICAN UNION CONVENTION ON CYBER SECURITY AND PERSONAL DATA PROTECTIONAFRICAN UNION (n.d.): n. pag. African Union Legal Instrument. African Union, 27 June 2014. Web. 28 Sept. 2015. <http://pages.au.int/sites/default/files/en_AU%20Convention%20on%20CyberSecurity %20Pers%20Data%20Protec%20AUCyC%20adopted%20Malabo.pdf>. Allen-Ebrahimian, Bethany. "The ‘Chilling Effect’ of China's New Cybersecurity Regime." Foreign Policy. Wordpress, 10 July 2015. Web. 28 Sept. 2015. <http://foreignpolicy.com/2015/07/10/china-new-cybersecurity-law-internetsecurity/>. "Australian Cyber Security Centre 2015 Threat Report." (n.d.): n. pag. Australian Cyber Security Centre. Australian Government, 2015. Web. 28 Sept. 2015. <https://www.acsc.gov.au/publications/ACSC_Threat_Report_2015.pdf>. "Australian Cyber Security Centre 2015 Threat Report." (n.d.): n. pag. Australian Cyber Security Centre. Australian Government. Web. <https://www.acsc.gov.au/publications/ACSC_Threat_Report_2015.pdf>. Bekdil, Burak Ege. "Turkey Seeks National Plan for Cyber Threats." Defense News. TEGNA, 21 Feb. 2015. Web. 28 Sept. 2015. <http://www.defensenews.com/story/defense/policybudget/cyber/2015/02/21/turkey-cyber-tubitak-cybersecurity-ssmsoftware/23636627/>. Bennett, Cory. "Romania Defending Ukraine's Cyberspace." The Hill. Capitol Hill Publishing Corp, 13 May 2015. Web. 28 Sept. 2015. <http://thehill.com/policy/cybersecurity/241889-romania-defending-ukrainescyberspace>. Chernenko, Kommersant Yelena. "Turkey Seeks National Plan for Cyber Threats." Russia Beyond the Headlines. Rossiyskaya Gazeta, 19 Aug. 2015. Web. 28 Sept. 2015. <http://www.defensenews.com/story/defense/policybudget/cyber/2015/02/21/turkey-cyber-tubitak-cybersecurity-ssmsoftware/23636627/>. "Cyber Security Issues in Asia." TaylorWessing. Taylor Wessing LLP, Jan. 2015. Web. 28 Sept. 2015. <http://unitedkingdom.taylorwessing.com/globaldatahub/article_cyber_security_asia.html>. 19 CSTD PACMUN 2015 "Cyber Security Primer." What Is Cyber Security? University of Maryland University College, n.d. Web. 28 Sept. 2015. <http://www.umuc.edu/cybersecurity/about/cybersecuritybasics.cfm>. "Cybersecurity: A Global Issue Demanding a Global Approach | UN DESA | United Nations Department of Economic and Social Affairs." UN News Center. UN, 12 Dec. 2011. Web. 28 Sept. 2015. <http://www.un.org/en/development/desa/news/ecosoc/cybersecuritydemands-global-approach.html>. "Cybersecurity." Digital Agenda for Europe. European Commission, 28 July 2015. Web. 28 Sept. 2015. <https://ec.europa.eu/digital-agenda/en/cybersecurity>. "Cybersecurity Overview." Homeland Security. Homeland Security, 22 Sept. 2015. Web. 28 Sept. 2015. <http://www.dhs.gov/cybersecurity-overview>. "Cybersecurity Policy." Council on Foreign Relations. Council on Foreign Relations, 28 Sept. 2015. Web. 28 Sept. 2015. <http://www.cfr.org/cybersecurity/cybersecuritypolicy/p27480>. "Cyberwellness Profile Madagascar." (n.d.): n. pag. International Telecommunications Union. United Nations Statistics Divison, 12 Aug. 2014. Web. 28 Sept. 2015. <http://www.itu.int/en/ITUD/Cybersecurity/Documents/Country_Profiles/Madagascar.pdf>. "Cyberwellness Profile Malawi." International Telecommunications Union. United Nations Statistics Divison, 12 Aug. 2014. Web. 28 Sept. 2015. <http://www.itu.int/en/ITUD/Cybersecurity/Documents/Country_Profiles/Malawi.pdf>. Davis, Joshua. "Hackers Take Down the Most Wired Country in Europe." WIRED. WIRED, 27 Aug. 2007. Web. 28 Sept. 2015. <http://archive.wired.com/politics/security/magazine/15-09/ff_estonia>. "EU International Cyberspace Policy." European Union. European Union, n.d. Web. 28 Sept. 2015. <http://eeas.europa.eu/policies/eu-cyber-security/>. Gjelten, Tom. "Security Expert: U.S. 'Leading Force' Behind Stuxnet." NPR. NPR, 26 Sept. 2011. Web. 28 Sept. 2015. <http://www.npr.org/2011/09/26/140789306/securityexpert-u-s-leading-force-behind-stuxnet>. Greenemeier, Larry. "Here's What a Cyber Warfare Arsenal Might Look Like." Scientific American Global RSS. Scientific American, 6 May 2015. Web. 28 Sept. 2015. <http://www.scientificamerican.com/article/here-s-what-a-cyber-warfare-arsenalmight-look-like/>. 20 CSTD PACMUN 2015 "The History of Cyber Attacks - a Timeline." NATO Review. NATO, n.d. Web. 28 Sept. 2015. <http://www.nato.int/docu/review/2013/cyber/timeline/EN/index.htm>. Holden, Dan. "Is Cyber-Terrorism the New Normal?" Wired.com. Conde Nast Digital, n.d. Web. 28 Sept. 2015. <http://www.wired.com/2015/01/is-cyber-terrorism-the-newnormal/>. "How Does Cyber Warfare Work?" Forbes. Forbes Magazine, 18 July 2013. Web. 28 Sept. 2015. <http://www.forbes.com/sites/quora/2013/07/18/how-does-cyber-warfarework/>. "Internet World Stats." Internet World Stats. Miniwatts Marketing Group, n.d. Web. 28 Sept. 2015. <http://www.internetworldstats.com/>. "The Invention of the Internet." History.com. A&E Television Networks, n.d. Web. 28 Sept. 2015. <http://www.history.com/topics/inventions/invention-of-the-internet>. Kang, Tae-jun. "South Korea Beefs Up Cyber Security With an Eye on North Korea." The Diplomat. The Diplomat, 1 Apr. 2015. Web. 28 Sept. 2015. <http://thediplomat.com/2015/04/south-korea-beefs-up-cyber-security-with-an-eye-onnorth-korea/>. "Kaspersky Lab Identifies Operation "Red October," an Advanced Cyber-Espionage Campaign Targeting Diplomatic and Government Institutions Worldwide." Kaspersky Lab. Kaspersky Lab, 14 Jan. 2013. Web. 28 Sept. 2015. <http://www.kaspersky.com/about/news/virus/2013/Kaspersky_Lab_Identifies_Opera tion_Red_October_an_Advanced_Cyber_Espionage_Campaign_Targeting_Diplomatic_a nd_Government_Institutions_Worldwide>. Krasavin, Serge, Dr. "What Is Cyber-terrorism?" Computer Crime Research Center. Computer Crime Research Center, 2002. Web. 28 Sept. 2015. <http://www.crimeresearch.org/library/Cyber-terrorism.htm>. "Latin America Cyber Security Market Research Report." Micromarket Monitor. MicroMarketMonitor, n.d. Web. 28 Sept. 2015. <http://www.micromarketmonitor.com/market/latin-america-cyber-security2019134744.html>. "Latin American and Caribbean Cybersecurity Trends and Government Responses." Organizations of American States (2013): n. pag. Trend Micro Incorporated. Trend Micro Incorporated, 2013. Web. 28 Sept. 2015. <http://www.trendmicro.com/cloudcontent/us/pdfs/security-intelligence/white-papers/wp-latin-american-and-caribbeancybersecurity-trends-and-government-responses.pdf>. 21 CSTD PACMUN 2015 Lee, Dave. "'Red October' Cyber-attack Found by Russian Researchers." BBC News. BBC News, 14 Jan. 2013. Web. 28 Sept. 2015. <http://www.bbc.com/news/technology21013087>. McSorley, Anita. "Seven Things You Need to Know about the EBay Cyber-attack." Independent.ie. Independent.ie, 24 May 2014. Web. 28 Sept. 2015. <http://www.independent.ie/business/technology/seven-things-you-need-to-knowabout-the-ebay-cyberattack-30301233.html>. Nakashima, Ellen, Greg Miller, and Julie Tate. "U.S., Israel Developed Flame Computer Virus to Slow Iranian Nuclear Efforts, Officials Say." Washington Post. The Washington Post, 19 June 2012. Web. 28 Sept. 2015. <https://www.washingtonpost.com/world/nationalsecurity/us-israel-developed-computer-virus-to-slow-iranian-nuclear-efforts-officialssay/2012/06/19/gJQA6xBPoV_story.html>. New Zealand's Cyber Security Strategy. Wellington, N.Z.: Ministry of Economic Development, 2011. New Zealand Government. New Zealand Government, June 2011. Web. 28 Sept. 2015. <http://www.dpmc.govt.nz/sites/all/files/publications/nz-cyber-securitystrategy-june-2011_0.pdf>. Nitta, Yoko. "Japan's Approach Towards International Strategy on Cyber Security Cooperation." (n.d.): n. pag. Japan Science and Technology Agency. Research Institute of Science and Technology for Society. Web. 28 Sept. 2015. <http://lsgs.georgetown.edu/sites/lsgs/files/Japan_edited%20v2.pdf_for_printout.pdf>. "Our Services." Cyber Security Africa. Cyber Security Africa, n.d. Web. 28 Sept. 2015. <http://www.cybersecurityafrica.com/services.html>. "Overview of NISC's Activities." National Center of Incident Readiness and Strategy for Cybersecurity. National Center of Incident Readiness and Strategy for Cybersecurity, n.d. Web. 28 Sept. 2015. <http://www.nisc.go.jp/eng/>. Parks, Miles. "Target Offers $10 Million Settlement In Data Breach Lawsuit." NPR. NPR, 19 Mar. 2015. Web. 28 Sept. 2015. <http://www.npr.org/sections/thetwoway/2015/03/19/394039055/target-offers-10-million-settlement-in-data-breachlawsuit>. Rueters, San Francisco. "New York Times, Twitter Hacked by Syrian Group." The Daily Star. DISQUS, 28 Aug. 2013. Web. 28 Sept. 2015. <http://archive.thedailystar.net/beta2/news/new-york-times-twitter-hacked-by-syriangroup/>. Saeed, Muhammad Arif, and Muhammad Anum Saleem. "Cyber Security and Data Privacy Law in Saudi Arabia." Financier Worldwide. Financier Worldwide Ltd., Apr. 2015. Web. 28 22 CSTD PACMUN 2015 Sept. 2015. <http://www.financierworldwide.com/cyber-security-and-data-privacy-lawin-saudi-arabia/#.VgmoWHpVhBd>. "Should There Be an International Treaty on Cyberwarfare?" US News. U.S. News & World Report, n.d. Web. 28 Sept. 2015. <http://www.usnews.com/debate-club/should-therebe-an-international-treaty-on-cyberwarfare>. Sonneland, Holly K. "Mexico City 2015 Blog: The State of Cybersecurity." Americas Society/Council of the Americas. Americas Society/Council of the Americas, 13 May 2015. Web. 28 Sept. 2015. <http://www.as-coa.org/blogs/mexico-city-2015-blog-statecybersecurity>. Timberg, Craig. "These Hackers Warned the Internet Would Become a Security Disaster. Nobody Listened." Washington Post. The Washington Post, 22 June 2015. Web. 28 Sept. 2015. <http://www.washingtonpost.com/sf/business/2015/06/22/net-of-insecuritypart-3/>. Touré, Hamadoun I., Dr. Cybersecurity: Global Status Update. N.p.: Essential Library, 2015. UN. UN, Dec. 2011. Web. 28 Sept. 2015. <http://www.un.org/en/ecosoc/cybersecurity/itu_sg_20111209_nonotes.pdf>. "UN." CCDCOE. N.p., 09 June 2014. Web. 28 Sept. 2015. <https://ccdcoe.org/un.html>. "UN Official: Cyberwar Is a Reality the World Must Fight." Raw Story. N.p., 15 July 2015. Web. 28 Sept. 2015. <http://www.rawstory.com/2013/07/un-official-cyberwar-is-areality-the-world-must-fight/>. "UNODA - Developments in the Field of Information and Telecommunications in the Context of International Security." UN News Center. UN, n.d. Web. 28 Sept. 2015. <http://www.un.org/disarmament/topics/informationsecurity/>. "The Use of the Internet for Terrorist Purposes." (2015): n. pag. United Nations Office on Drugs and Crime. United Nations Office on Drugs and Crime, Sept. 2012. Web. 28 Sept. 2015. <https://www.unodc.org/documents/frontpage/Use_of_Internet_for_Terrorist_Purpos es.pdf>. Watts, Susan. "Proposal for Cyber War Rules of Engagement." BBC News. BBC, 03 Feb. 2011. Web. 28 Sept. 2015. <http://news.bbc.co.uk/2/hi/programmes/newsnight/9386445.stm>. Weimann, Gabriel. Cyberterrorism: How Real Is the Threat? Washington, D.C.: United States Institute of Peace, 2004. United States Institute of Peace. United States Institute of Peace, Dec. 2004. Web. 28 Sept. 2015. <http://www.usip.org/sites/default/files/sr119.pdf>. 23 CSTD PACMUN 2015 Wolter, Detlev. "Arms Control Today." Arms Control Association. Arms Control Association, Sept. 2013. Web. 28 Sept. 2015. <https://www.armscontrol.org/act/2013_09/The-UNTakes-a-Big-Step-Forward-on-Cybersecurity>. Zetter, Kim. "An Unprecedented Look at Stuxnet, the World’s First Digital Weapon." Wired.com. Conde Nast Digital, 3 Nov. 2014. Web. 28 Sept. 2015. <http://www.wired.com/2014/11/countdown-to-zero-day-stuxnet/>. 24
