by Admin | Dec 13, 2016 | World Leaders in AIWS Award Updates
The Secretary-General
Message to Boston Global Forum
Loeb House, Harvard University, Cambridge, 12 December 2016
It is a pleasure to greet the Boston Global Forum. I thank Governor Michael Dukakis for his long-standing support of the United Nations and his engagement across the international agenda. I am grateful to the Boston Global Forum for honouring me with its World Leader for Peace, Security and Development Award, which I accept on behalf of the talented and dedicated staff of the United Nations.
It has been a privilege to serve as Secretary-General. My decade in office has been a time of turmoil and challenge. We have seen protracted conflicts, growing inequality, rising extremism and xenophobia, and the largest numbers of refugees and displaced persons since the Second World War.
At the same time, we have opened up new horizons for progress. The adoption of the 2030 Agenda for Sustainable Development shows that countries can overcome their divisions to act for the common good. The Paris Agreement on climate change entered into force last month – a true landmark in humankind’s efforts to address the defining threat of our time.
Our challenge is to build on these and other gains, and deepen the partnerships we have built among world leaders, the business community and civil society. One can easily be overwhelmed by the latest terrorist attack, extreme storm or outbreak of disease. But even amidst these crises, I continue to see — and believe in — the transformative power of collective action. Let us continue to work together in that spirit. Thank you again for this recognition and for your continued support of the United Nations.
by Admin | Dec 13, 2016 | World Leaders in AIWS Award Updates
Remarks of Governor Michael Dukakis, Chairman of the Boston Global Forum
Loeb House, Harvard University, December 12, 2016
I am pleased to announce that this year’s recipient of the Boston Global Forum’s World Leader for Peace, Security and Development Award is Ban Ki-Moon, Secretary General of the United Nations.
Ban Ki-Moon was South Korea’s foreign minister before becoming UN General Secretary in 2007. Two decades earlier, he received a Master’s degree from Harvard’s Kennedy School, where he studied under our good friend Joe Nye, a member of the Boston Global Forum’s Board of Thinkers. At the time of Ban Ki-Moon’s selection as Secretary General, Joe recalled that Ban, as a student, had displayed “a rare combination of analytic clarity, humility and perseverance.”
In his two terms as Secretary General, Ban Ki-Moon has exerted exemplary leadership on a wide range of issues, from LGBT rights to conflicts in Africa, Asia, and the Middle East. He has stood up for those displaced by war and those persecuted for nothing more than being who they are.
Cybersecurity has been a top concern. He has convened expert panels to develop best practices, which have contributed to progress on cyber security, including helping to foster a bilateral cyber security agreement between the United States and China last year.
The Secretary General has led the UN’s efforts to promote global citizenship education, of which the Boston Global Forum is now officially involved. He sees education as a basic right of all children, one that must foster respect for what he calls “our shared humanity.”
He has tirelessly pressed nations to deal with the threat of climate change. Three months ago he announced that a threshold had been passed to bring into force the Paris Climate Change Agreement, saying “When this year ends, I hope we can all look back with pride, knowing that, together, we seized the opportunity to act for the common good, for a sustainable future and the protection of our common home.”
In less than a month, Ban Ki-Moon will step down as Secretary General, leaving behind a distinguished record that we honor today through our World Leader for Peace, Security and Development Award.
by Admin | Dec 13, 2016 | Statements, Event Updates, Global Cyber Security Day
Preventing Cyber Conflict: A 21st Century Challenge
Allan Cytryn, Nazli Choucri, Michael Dukakis, Ryan C. Maness, Tuan Nguyen, Derek S. Reveron, John E. Savage, and David Silbersweig
At the 2016 G-7 Summit at Ise-Shima, Japan, countries affirmed their commitment to support an open, secure, and reliable cyberspace through the application of international law to state behavior in cyberspace, voluntary norms of responsible state behavior in peacetime, and close cooperation against malicious cyber activity. Absent from formal communiqué were statements on cyber conflict. While cyber-enabled criminal activity and espionage preoccupy cyber discussions today, dozens of countries are building military cyber commands. Given the potential devastation a cyber conflict with advanced cyber weaponry would bring civilian populations; it is essential to develop ways to prevent the proliferation of cyber weaponry. Thus far, states have shown remarkable restraint in using overt cyber weaponry, the exceptions being acts such as Stuxnet and Shamoon. It is important that the international community build upon this restrained behavior and push toward norms that would make their use taboo.
Cyber weapons are new, not well understood, and if not properly controlled, likely to lead to escalation, a process that can lead to serious unexpected consequences, including conventional war. Development costs are minuscule relative to conventional military power and has expanded the range of threats. Differentiating the intent of software designed for espionage from a cyber weapon, designed for sabotage is easily confused that can cause miscalculation. Thus, implantation of foreign software in an adversary’s military or critical infrastructure systems poses a serious threat of both harm and escalation. In a worst-case scenario, if a computer system in question consists of a state’s nuclear weapons command and control center, nuclear conflict may result especially with states locked in unresolved conflict, such as India and Pakistan.
Under the UN Charter, an attack is a use of force, to which states have the right to self-defense. We define a cyber attack to be an action launched via computer and/or networking technology that either produces physical damage equivalent to the use of force or corrupts critical information sufficient to cause damage to the national welfare akin to that produced by the use of force. We define cyber to be a conflict that largely consists of cyber attacks. Given the novelty of cyber conflict and the opportunities for miscalculation, cyber conflict has the potential to lead to conventional conflict using both kinetic and cyberspace technologies. In the event countries think they may lose a capability due to a cyberattack, they could prematurely escalate a conflict through pre-emptive military strikes.
Targets of cyber attacks could be a) a nation’s military command and control system, which includes military satellites, its logistical systems, and one of its major wartime commands; b) its economy, which includes its critical infrastructure such as power, water and banking; or c) operation of its system of governance, including its major agencies and its national electoral system. Whether the damage done by a cyber action arises to the level of force will need to determined. However, loss of GPS during a period of heightened tensions could be considered a use of force, as could the disabling of a significant fraction of the electricity grid of a state under similar circumstances. Altering the outcome of the election of a national executive, an act tantamount to the forceful replacement of the executive, may also rise to a use of force.
Because national economies are much more tightly integrated today than at any previous time in human history, cyber conflict, whether it escalates to kinetic warfare or not, is likely to cause serious economic or political damage to many states. Given how widespread a cyberattack can be impacting telecommunications, banking, and power generations, civilians are at grave risk. Citizens regardless of nationality are exposed to risks created by cyber insecurity. International cooperation is essential and countries must prioritize ways to reduce the risk of cyberwar.
Yet the use of cyber weapons that do physical harm remain rare, and we must promote their non-use further, while at the same time recognizing the proliferation of certain types of acts that continue to have real impact: espionage and disruptive cyber events. Chinese espionage on US intellectual property has had real monetary impacts in the billions of dollars. Russian disruptive campaigns against the electoral processes in the West have sown discontent in institutions among these populations. The prevention of these types of attacks should be at the forefront, as their continued use could lead to retaliation with cyber and conventional weapons, and possibly major power war. The battle over information is being fought now, and measures must be taken to stem its tide.
Progress has been made in this battle. As a result of a bilateral agreement between the United States and China struck in September 2015, the incidence of “theft of intellectual property, including trade secrets or other confidential business information, with the intent of providing competitive advantages to companies or commercial sectors” has greatly subsided. (See http://www.nbcnews.com/news/us-news/russia-may-be-hacking-us-more-china-hacking-us-much-n664836.)
Risk reduction must begin with identification of critical assets and the risks to which they are exposed. States must then create a system to reduce risks. This will include acquiring the necessary expertise, whether available domestically or not, to reduce software vulnerabilities and cooperate with other nations to improve transparency. This cooperation can take the form of information sharing, bilateral and multilateral agreements, articulation of norms of state behavior, and the creation of risk reduction centers designed to control escalation and equipped with “hot lines” to other national risk reduction centers.
Restraint is strengthened by implementing norms against unacceptable behaviors and creates a more mindful attitude towards using cyber systems. Fostering collective action, which is necessary to protect cyber capabilities needed by individuals, groups, and societies, enhances restraint. There may be a time when the international community establishes an international center to monitor and combat cyber threats, and to coordinate actions to protect computer systems and disrupt non-state actors that operate in cyberspace. States may have to surrender some sovereignty to do this, but it may be reflective of the non-sovereign Internet.
Cyber risk reduction begins with adherence to the GGE Norms (UN A/70/174), the G7 Ise-Shima norms, and the G20 Norms. However, it goes beyond these and should include the following measures:
- Sharing in depth of best practices to secure computers and networks.
- Public identification of critical national infrastructure asset classes.
- National prioritization of assets by value.
- Reduction of the risk of compromise of high-priority assets.
- Creation and proper manning of risk reduction centers.
- Establishment of regular security drills both domestically and with other risk reduction centers.
- Banning of the implantation of software in another state’s high-value systems during peacetime.
- Applying the law of armed conflict in cyberspace.
- Improving attribution through forensics and context.
Cyber attacks present a new danger to the security of states. Thus, states are urgently encouraged to begin discussion of mechanisms to address these issues.
