Stanford International Security Undergrad Simulation 2018

The Wall Street Journal — The question of security versus liberty is the question of this century - as technology advances at an ever-increasing pace, so too do the threats to our safety. In this brave new world, we must decide what we are willing to do to protect ourselves from these threats. What actions are justified in protecting our freedom?   The recent revelation that Facebook is being used to organize a massive anti-government action across Europe presents us with one of these questions: is shutting down Facebook in affected countries justified in preventing terrorists from organizing across borders? We firmly believe that it is. Individual freedom is only valid as long as it doesn’t infringe upon the life, liberty, and pursuit of happiness of another individual. While each of us has the freedom to use sites like Facebook as we please, that freedom ends when our use of said sites becomes dangerous to others, as it is now. The right to Facebook was invalidated t...

Intelligence update : A group of intelligence bodies (NSA, GCHQ, German intelligence, French Intelligence, Estonian Intelligence, Spanish Intelligence, Dutch Intelligence) have come forward with a common finding. Each organization had independently begun noticing facebook groups promoting political unrest with users that fit the profile of bots. For example, French intelligence analysts note a group purporting to be supportive of Marine La Pen’s National Front. A decent portion of the group seems to fit the profile of a fake user. This is observed in each of the listed countries except the US (German groups mention the AfD, Spanish groups mention Catalonian independence, Dutch groups mention Geert Wilders). Upon collaboration, analysts from these intelligence organizations note a common thread: all are promoting collective action tomorrow (Sunday). Beginning Saturday, each of these groups plans to aggressively publicize these protests events (which they have not yet done). Upon t...

Update on airport attack : Most airports have switched to analog communications. Some do not have these legacy systems anymore, and in those airports (Rome, JFK, Vilnius) planes are being diverted to local airports. In the process of some of these diversions, some local airports have also been infected by the malware. Details on the malware : Using the USB power plug on the seatback entertainment system, an attacker plugged in a malicious USB flash drive. The data pins on the seatback USB plugs are not blocked on Ryanair, exposing this attack vector. The name of the passenger whose seatback entertainment system started this attack is Jacques Clouseau, a French citizen that, upon questioning, was visiting Estonia for the first time with his family this spring. Additionally, the attackers utilized American NSA hacking tools released in the 2016 Shadow Brokers leak to exploit the outdated Android operating system present on the Ryanair screens.

Sponsors: Lithuania, Latvia Condemns the weaponization of oil and gas supplies by the Russian Federation; Draft retaliatory measures including, but not limited to economic sanctions to be enacted upon satisfactory attribution of today’s attacks

Buzzfeed--Gender divide inside NATO? This picture leaked from ongoing NATO discussions about the crisis in Estonia suggest that NATO's effectiveness as an int'l actor may be under question due to internal gender divisions.

Спутник ( Sputnik ) -- As of April 10, 2018, protests have flared up in Narva regarding the planned destruction of the Linnahall stadium, site of the 1980 Summer Olympics in Moscow.  Historically known for its bold and state-of-the-art architecture, the stadium is now appears to be a hetero-memento site or an anti-lieu de mémoire. According to Dr. Francisco Martínez of Tallinn University, Linnahall is in the process of "becoming a heritage in the making, a Machu Picchu." The planned decimation of this site has caused a reaction from the ethnic Russian demographic of Estonia. 40-year old Gennady Ilyasovich Plameniy, a former employee in the Republic of Estonia Ministry of Culture with Russian heritage, has taken it upon himself to organize the often ignored voice of the Russian minority in Estonia and fight to preserve their heritage. After repeated attempts to lift this concern within the ministry, Plameniy has decided to leave his government position to peacefu...

Postimees  -- has discovered several intriguing facts about the riots in Tallinn. Estonian leadership has indicated that the leader is an Estonian citizen by the name of Gennady Ilyasovich Plameniy. Under Plameniy, a group of rioters near Linnahall have caused over 30 million Euros worth of damage, in the name of protecting the ethnic Russian right to self-determination. But the question that every Estonian citizen is asking - who is this mysterious Plameniy? Plameniy (left) was born in 1978 in Harju County. His parents were low-level workers in the Komitet Gosudarstvennoy Bezopasnosti (KGB). After the collapse of the Soviet Union, a young Plameniy became what one of his former professors at Tallinn University described as a "Russophile," with "a yearning for the strength of the Soviet Union." However, after exiting the University, his love of Russia appears to not have extended to his private life - his neighbors described him as a reclusive individual,...

New York Times -- The leader of the anti-demolition protests in Tallinn has ties to Russian intelligence, according to the CIA. Gennady Ilyasovich Plameniy, 40-year-old Tallinn resident who released a video calling Russian-speaking Estonians to action earlier today, has been the driving force behind the organized protests in Tallinn.   A central intelligence report released today confirms that Plameniy has strong connections to Russian intelligence - both his parents were confirmed ex-KGB operatives, and the CIA confirms he was a member of the Russian Special Operations Forces in the early 2000s.   Plameniy has been an Estonian citizen since the dissolution of the Soviet Union and graduated from Tallinn university. He worked in the Estonian Ministry of Culture before quitting in 2014 and disappearing until a few months ago, when he is reported to have begun fomenting anti-Estonian sentiment in Narva.   Plameniy and the Russian government have been thus fa...

Support that all towers and plans switch to analog radio/more direct methods or encrypted SAT phones; Request each government direct all planes that are in infected areas to their nearest unaffected base; Request each government ground those infected planes until the malware can be scrubbed and examined by a cyber forensics team; Infection of new towers is a risk but one that should be taken to avert immediate catastrophe; Urge each nation to monitor and test their towers for the malware informing each airport as soon as they discover an attack on their towers so they can redirect flights safely;

Russia announces that they will eliminate oil and gas transfers to all NATO countries effective immediately, and will continue to withhold fossil fuels until NATO. Russia will privately extend oil and gas services to the following countries if they agree to oppose aggressive action against Russia: Latvia, Lithuania, Poland. A car bomb goes off on Raekoja Platz, resulting in 5 fatalities and 25 casualties. The car is found to belong to a resident of Narva of unknown ethnicity.

A dissenting group within the CIA leaked a memo to the New York Times disagreeing with the CIA’s official stance on Russian involvement in yesterday’s cyber attacks in Estonia.   The memo in its original form reads as follows:   “Evidence of Russian involvement in Friday the 13th cyber attacks are not fully conveyed in the official analysis. We have human intel from Narva that we suspect was employed at Petersburg IRA (Internet Research Association) and payments from a shell corporation in Cypress known to be associated with the Kremlin. The level of confidence has been moved down in the official memo, but we are moderately to highly confident in attribution.”   The New York Times will continue to report as the situation develops.  

1. RT launches media that shows police brutality from Estonian law enforcement officers against protestors. Programming also suggests mistreatment of the Russian ethnic minority in the country. 2. Estonian federal investigators have concluded their first-glance search through the suspect’s phone and computer. No ties to the protests are found. 3. Several protesters are arrested on Raekoja Platz without identifying documents. One of them is found carrying a cellphone with a Russian SIM card and another carries a train ticket from St. Petersburg, Russia. 4. Air traffic control towers across Europe have been completely shut down following a massive cyber attack on airport infrastructure. The attack seems to have spread via Ryanair airplanes, and the origin seems to have been a flight originating in the Tallinn airport last week. A list of affected airports: Heathrow Paris Hamburg Berlin Madrid Atlanta JFK Tallinn Riga Vilnius Rome

-Stanford, CA NATO passed a directive this morning to begin investigating technology associated with yesterday’s cyber attacks on Estonia. NATO delegates gathered today in response to the Estonian government’s call for an emergency consultation following unprecedented attacks on the country’s computer systems that have left the capital in turmoil.   A DDos (Distributed Denial of Service) attack yesterday rendered the Estonian parliament’s servers inaccessible, and Internet in the capital, Tallinn, down protestors took to the streets. These protests coincided with protests from Russian-speaking Estonian citizens following the proposed demolition of a concert hall associated with the Soviet Union. Violence between groups of protestors and police continued to escalate as the day continued - as of now, local officials report over 200 injuries and one confirmed death.   This morning, the Russian government released a statement in support of Estonian pro...

Sponsors: Norway Signatories: Netherlands, Montenegro, Lithuania, Latvia a) Act swiftly and carefully to determine the origin and nature of the attack; to be communicated with the council b) Member states individually assess the status of cyber defenses and report back to the council

Sponsors: Denmark, Estonia Signatories: Germany, Iceland, Latvia, Lithuania, NEtherlands, Norway, Poland Investigate IPs of DDos devices for traces of correlated malware 1.7.1 Begin security audits of sensitive data on shared NATO servers

Cybersecurity experts unmask the location of the computer that launched the cyberattack: Narva, Estonia. Narva has an ethnic composition that is over 80% Russian. Estonian Police stationed in Narva have deployed to the suspected location in Narva to investigate. With the recent protests and Narva’s demographic makeup, tension is high in the vicinity of the search, with rumors of scattered resistance throughout several neighborhoods.  Estonian security forces apprehend the suspect after a brief struggle. He is brought in for questioning by national law enforcement. He claims to be an independent actor who has been swayed by RT and other news agencies to disrupt what he calls a “tyrannical Estonian government that ignores the rights of the Russian minority.”

Statement from Russian Government “We are heartened to hear that our compatriots living abroad in Estonia have finally decided to stand up for their rights. Our hearts ache for our citizens living abroad in poverty and segregation in former Soviet Republics such as Estonia.   “We are saddened to learn of the strife underway in Tallinn this morning, and we sincerely wish for the safety and security of all residents of Estonia. While violence is never the answer, we support the right of self-determination and the unshackling of the chains of oppression abroad. To our western friends meeting in California today, we say this: This frivolous meeting of NATO ignores the real problems within Estonia, of a government that fails to represent and address the needs of its residents, of a nation that has waited far too long to come to terms with rampant inequality and injustice towards its Russian population. NATO is a relic of a distant past, and we urge our friends to the west to...

Kadriorg Palace, the President’s office located across the city, announces a cybersecurity breach with several internal personnel documents released. These include the names of several ethnic Russian citizens of Estonia under surveillance for suspected FSB contacts as well as two members of the Prime Minister’s circle of advisors. The President’s office disputes the veracity of the leaked documents, while the Prime Minister’s Office releases a statement condemning the alleged surveillance. Estonian political circles at the highest level erupt into turmoil.

 Today in the News Thursday, April 12, 2018 10:00h EEST: Estonian Parliament Ground to Halt Lawmakers at the Riigikogu - Estonia’s parliament - remain locked out of their computer systems at this hour. Cybersecurity experts call it a Distributed Denial of Service (DDoS) attack. Malicious hackers get a large number of computers to simultaneously and continuously call the Estonian government’s servers. As the servers try to fulfill the fake requests, they are too busy to handle the real requests from government officials. Experts are calling this one of the worse DDoS attacks in history. For a country who once prided itself on the ubiquity and accessibility of its internet resources, the integration of government and technology has revealed incredible vulnerabilities as parliament works lays paralyzed by lack of computer access. 10:00h EEST: More Trouble in Estonian Cyber attacks have spread from the Estonian parliament to the wider Tallinn network. Internet co...