on

CYBERSECURITY CHALLENGE - Project proposal submitted to the United Nations Counter-Terrorism Center (UNCCT), United Nations Office for Counter-Terrorism.

South America - Brazil/ 2019

Project Synopsis 

The present project aims to offer a social and technological alternative to combat virtual terrorism in a sphere of economic / energy development, defined here by the Agencies / Institutes for the peaceful use of nuclear energy.

Much is discussed worldwide about climate change and the alternatives that can be taken to minimize future impacts while maintaining the possibility of energy independence for future generations. The alternative of the orderly use of peaceful nuclear energy is one of the best in view of its characterization of clean energy. However, security measures and mitigation of possible system failures should be carefully studied to prevent a computer engineer from illegally obtaining this information and using it for harm.

The purpose of this paper, in a brief explanation, is to present a possible development of technology centers with the engagement of young people and eligible technical skills for the purposes of mapping, documenting and developing standards for defending against virtual terrorist attacks, in a remote control mode, on institutes or centers that use nuclear energy peacefully.

Proposal Background

In 2019 the G20 summit emphasized key aspects of global e-commerce and the fight against terrorism and violent extremism leading to terrorism (EVCT) on the Internet 1. Leaders announced that "The Internet should not be a safe haven for terrorists to recruit, incite or prepare terrorist acts," reads the text of one statement that "the rule of law applies both online and offline”.

This work is urgent and mitigates aspects of defending not only local heritage in individual countries, but involves / affects a broad and diverse global system. Global Internet Forum to Counter Terrorism (GIFCT) 2 has developed proposals and alliances to encourage global contributions to the theme. Importance is closely associated with governments, industries, technology centers and directly civil society. Preventing and combating terrorism in any dimension is real and immediate. Cyber terrorism is eminent, dissipative and uninterrupted, hence the difficulty in rastering and combat. Nevertheless, incessant work is being developed and this proposal brings a possible and viable option.

Acts of virtual terrorism originally come from people with access to confidential information through illegal means. These activities compromise personal electronic devices, computer networks, companies, conglomerates, reaching a larger sphere that reaches governments and countries. The infrastructures affected may be diverse, but a global and imminent concern is related to more sensitive areas that have sensitive information, such as the nuclear area.

The magnitude of the global catastrophe, if an illegal data engineer could get inside information within that sphere, would be of unknown but gigantic propositions. For this reason primarily, the purpose of this document is to present an alternative that involves youth engaged with the UN, technological development and digital information security in a national security sphere such as companies that use nuclear energy for peaceful purposes power generation and research.

General Proposal - Goals

Nuclear plants and research centers that contribute to the development of peaceful technologies are of fundamental importance in the future of the planet. With increasing environmental impacts caused by climate change and burning of fossil fuels, nuclear power is increasingly being credited as clean energy with almost zero carbon emissions.

However, historically the world has already suffered a lot from the consequences of the negative use of nuclear energy. Thus, it becomes a matter of global importance the information security of this theme. Information and technology security is often associated with federal and military operations, but tracking down potential system failures can lead to entry points for virtual terrorists, and this is the focus of this proposal;

1. Create a virtual security and data processing service cooperation center to analyze and map potential failures in the security agency of international agencies for the use of nuclear energy for peaceful purposes.
2. Increase the level of reliability with respect to the security of sensitive information in each country, to prevent people from illegally infiltrating systems and obtaining insider information.
3. Promote greater engagement of young people of eligible age and technical / practical knowledge required for cyber security services. Being possible to integrate with local universities of Information Technology, with incentives to more outstanding students.
4. Develop awareness of the local community where the cooperation center is implemented on the importance of information confidentiality and the proper use of internet and online services.
5. Applicability of this project to numerous countries, especially the countries of Africa, South / South East Asia regions. Sites with numerous nuclear power plants that have radioactive material in larger proportions generally than other continents, and with relatively higher incidents of illegal looting.

Information Technology - Specifications

A data processing center proposed here would work with information security, such as foreign trade, import, export, technical, private and sensitive data; all concerning agencies / centers for the use of nuclear energy.

In this sphere an initial planning called Information Classification would be necessary, where the work of the groups will be based on the classification of information defining those that are confidential, corporate and public. This will set the security level for saving each of the information.

Security groups would work on three fundamental pillars to design processes to define how to act, plan and define every security situation that might happen: 

Processes (1); 

Tools (2) and;

People (3); 

Processes and tools are fundamentally concerned to the technical process. The development of the third pillar (people) would involve two types of treatments:

i. Preventive Work

Preventative work should be adopted as the virtual and computational education for society, so that people are not victims of attacks like fishing / Trojan horse and other scams used for data theft. In a second group there should be professionals who work on constant monitoring using systems with people assigned to monitor the object in question. A third group would be for defense deals in case of attacks.

ii. Response to Attack Attempts by Crackers and Hackers.

Responses to attack attempts are defined by numerous barriers that prevent intrusions, are several layers of security. This set of barriers (such as a firewall that would be the first barrier) is meant to trigger an elite security team (attack response group) seeking strategies and techniques that are currently being used by the attacker to close the gateway system.

This group would have the command of identifying throughout the dealings who is the person who is trying to break in (the perpetrator / offenders and the location / IP of the computer) so that the attacks can be prevented from succeeding.

Surveillance groups should be backed by systems with a series of monitoring protections that have an alert as someone attempts to break into / access and access information with a quick and effective response.

Eligibility of the proposal

Among the project specifications, it is possible to cite some highly relevant criteria that may add the eligibility of this project.

In the nucellar security environment, numerous dealings are required to have enough virtual barriers to prevent an attack. This requires 24/7 surveillance every day of the year. Breaking a virtual wall and opening doors for infiltrators creates the possibility of using this information for terrorism in fragile points of process mapping, such as:

1. Detection of transportation routes of nuclear material from fuel companies to plants / laboratories. 

Confidential information about the route and dates of transportation of nuclear material can be raked for illegal and terrorist acts of intercepting vehicles and looting nuclear material.

2. Tracking of nuclear material used (end of material life) that is transported from plants to companies that treat nuclear waste.

Route and date information in this case is even more critical, as this nuclear material after use still emits high levels of radiation and temperatures and can be used for terrorist purposes.

3. Reactor start and shutdown information in plants.

Information on the operating schedule of nuclear power generation or research reactors can provide online terrorists with an opening to plan physical terrorist attempts in these environments.

4. Remote anonymous illegal influence of nuclear center control panels.

Access by unauthorized persons to the variable control and verification system in plant panels or nuclear centers is extremely dangerous. If infiltrated into this system, any process variable in a physical response can be triggered and temperature, pressure, reactivity and other requirements can be altered to cause a nuclear accident.

5. Protection of personal data of employees of agencies / industries / technology centers related to peaceful nuclear energy.

Protection of employees' personal data involves the security of public and industrial property to which they are connected. Shift information, access to radioactive materials, laboratories can be tracked if these people have their identity stolen and used by others.

Proposal Highlights

The United Nations Global Counter-Terrorism Strategy

Strategies already defined and mitigated by The United Nations Global Counter-Terrorism Strategy (A / RES / 60/288) of 2006 were taken into consideration in this regard 3.

Global Counter-Terrorism Strategy (A/RES/72/284)

Resolution adopted by the General Assembly on 26 June 2018 in proposing "Mindful" of the need to enhance the role of the United Nations and the specialized agencies, within their mandates, in the implementation of the Strategy, helps substantiate the proposal of this document 4.

1. http://agenciabrasil.ebc.com.br/internacional/noticia/2019-06/g20-exalta-economia-digital-e-combate-ao-terrorismo-line
2. https://gifct.org/
3. https://www.un.org/en/ga/search/view_doc.asp?symbol=A/RES/60/288
4. https://www.un.org/en/ga/search/view_doc.asp?symbol=A/RES/72/284

Carlos Marcos Souza de Oliveira e Torres; Kaime Silvestre Silva Oliveira; Ramon Pinillos Prates

http://agenciabrasil.ebc.com.br/internacional/noticia/2019-06/g20-exalta-economia-digital-e-combate-ao-terrorismo-line https://gifct.org/ https://www.un.org/en/ga/search/view_doc.asp?symbol=A/RES/60/288 https://www.un.org/en/ga/search/view_doc.asp?symbol=A/RES/72/284