Six years ago, in 2013, we managed to reach agreement on establishing a direct line of communication between Russia and the US in the event of cyber incidents. Basically, the system was modelled on a similar mechanism that had been in place during the Cold War for dealing with traditional military incidents and enables a prompt information exchange at all levels from institutional to political.
Since its establishment, the communication channel has been used, and more than once. In fact, during the Obama administration, we maintained a vibrant dialogue on cyber issues both at the routine technical level and in the format of full-fledged consultations. Physical meetings of experts enabling them to engage in direct discussions on emerging issues were held. Even a special high-level bilateral working group was established under the Russian-American Presidential Commission.
As for the operation of the “hotlines”, the most vivid example is the address of the American side during the US presidential campaign in autumn 2016, in which the US expressed concerns over the intrusion into its electronic infrastructure. Our response was prompt as usual, and an exchange of the relevant technical information took place. Our National Coordination Center for Computer Incidents, which is in charge of the line, as early as last December, announced its readiness to reveal the content of the correspondence to general public, subject to consent of the American side. We sent the relevant proposal to Washington through diplomatic channels early this year. The response was in the negative.
The Russian Foreign Ministry’s spokesperson offered an exhaustive explanation on the issue at her briefing last week. For my part, I can only add to this that our proposal to publish the above-mentioned correspondence was an unprecedented step, an example of true transparency, which our partners tend to invoke so often. Russia has nothing to fear – nor do we have anything to conceal. We are ready to open the correspondence for examination by the general public both in Russia and the US, the mass media, and experts, so that they could draw their own conclusions on what really happened.
But at the moment, we cannot publish this data because of the refusal of the American side. The pretext for the refusal was the so-called “sensitivity” of the data. It is highly unlikely, however, that any information that is more “sensitive” for the US than for Russia could be found there. Frankly speaking, this approach rather shows that they unsure of their position, since it would be much harder to disseminate information accusing Russia of “having a hand” in cyber intrusions if true facts were made public.
However, this is not the end of this absurd story. We decided to directly address the US audience about the Moscow view on the situation around the “hotlines” and proposed a number of the leading US mass media to publish this article. We told them: we just give you “direct speech” and you comment on it in any way you like. If you don’t like our proposals, if you don’t believe us – put it on paper and let the readers judge.
First, these media showed the interest in the matter, asked us for the details, claimed that they were ready to publish the article. However, then they apparently got a stop light and refused, giving no explanation. They got cold feet maybe.
Officials in Washington often say that, allegedly, there is “not enough trust” for this. The question is why would there be any trust if you keep avoiding any discussion on the matter? We have repeatedly proposed to hold bilateral consultations, but all our proposals have been rejected. At times things get absurd, as a year ago in Geneva, when the US canceled a bilateral meeting two hours before it was supposed to begin, even though the delegations were already there. One might think that talking face to face seems so appalling to our partners that they would rather transmit their grievances through the media.
However, this issue is beyond routine politics, mutual poking or any subjective factors. Today, just as 50 years ago, we talk about preventing a cyber-incident from escalating into a full-scale military conflict between Russia and the United States. If the established emergency “hotlines” bolstered with dialogue between experts stall for political reasons, we will face the risk of another Cuban Missile Crisis, only this time it will be triggered by information and communication technologies, not warheads, and events will unfold in a matter of minutes, leaving little time for both sides to make their decisions.
We also seek the same openness, democracy and constructive dialogue as we cooperate with the US on cyber issues at multilateral fora. This year, two dedicated negotiating mechanisms are expected to be established to deal with international information security: The Open-ended Working Group (OEWG), which all the UN Member States can join, and the Group of Governmental Experts (GGE).
Out of common sense we suggest that it would be best to “share the burden”. According to this plan the OEWG is to focus on major political tasks concerning the majority of the international community: the rules of responsible behavior of states in the information space, confidence-building measures in this field, assistance to developing states and the future format for the negotiations on this matter (a standing committee of the UN General Assembly or Security Council, or some other option).
As for the GGE, it could in its turn address, as a matter of priority, an equally important, yet more specialized issue of applicability of the existing norms of international law to the information space.
Harmonization of efforts is the second pivotal principle of coexistence of the two groups. Their discussions should be non-politicized and pragmatic, and there should be complementarity rather than competition between their outcomes. The mandate of both the OEWG and the GGE demonstrate that the groups are to address an enormous set of issues, which can only be achieved with constructive engagement of all participants.
We can only hope that our partners’ common sense prevails and they will take advantage of this window of opportunity before it closes. We stand ready to engage in the dialogue.
Andrei Krutskikh is Ambassador-at-Large of the Russian Federation, Special Presidential Representative for international cooperation in information security.