1 March 2018, New York City, USA – The United Nations Office of Information and Communication Technology (OICT) and United Nations Institute for Training and Research (UNITAR) hosted a morning seminar that introduced attendees to cyberspace and cybersecurity policy, risks and strategies.
The first session was led by Mr. Thomas Braun from the Global Security and Architecture Section at OICT who discussed the importance of ICT in delivering basic public services such as education, healthcare, and commerce, and in turn accomplishing the SDGs, while also noting the vulnerabilities and threats these systems face from potential attackers. As an example, Mr. Braun used the recent 'Wannacry' and ‘NotPetya’ ransomware attacks that affected more than 230,000 computer systems in 150 countries. This was followed by strategies on how to mitigate the risk of attacks and protecting digital identities through awareness and detection of phishing scams and maintaining updated systems.
The second session was presented by Mr. Alvaro Soneiro from the Digital Blue Helmets division at OICT. Mr. Soneiro discussed Industrial Control Systems (ICS) and the role they play in many industrial sectors, especially those that manage critical infrastructure that are essential for the functioning of a society and economy (electricity, water supply, public health, etc.). Following an introduction to ICS, he discussed how the systems have evolved and now rely heavily on IT systems for daily operations, which open them up to targeted attacks over their many interconnected networks. These targeted attacks can take many different forms, and while on a small scale they are often ineffective, on a large scale they can pose serious threats to infrastructure that has very little in the way of fallback options. This was then followed by discussion of Security Council Resolution 2341, which when enacted in February 2017, called on Member States to address the danger of terrorist attacks against critical infrastructure and pushed for coordinated efforts to raise awareness and exchange information and good practices to ensure reliability and resilience.
This informative seminar challenged attendees to actively monitor their online presence and to keep in mind the potential risks posed to connected infrastructure and personal devices.
Photos: Participants and facilitators of the seminar