Against the backdrop of the habitual – even ritual – anti-Russia propaganda, some voices of reason have been heard lately among American experts. Of particular interest in this regard is the recent article by the Daily Beast, titled “This Hotline Could Keep the U.S. and Russia from Cyberwar.” The article openly admits that the absence of a depoliticised expert dialogue between Russia and the United States on international information security is not only a road to nowhere but also a dangerous course fraught with further misunderstanding and a risk of a large-scale conflict.
Those are not emotional conclusions but rather plain facts cited by American security officials who have formerly worked or still work at the administration, overseeing the issues of cyber security, that is, by those who know the situation on the ground and, by virtue of their occupation, are bound to be utterly pragmatic.
Six years ago, in 2013, we managed to reach agreement on establishing a direct line of communication between Russia and the U.S. in the event of cyber incidents. Basically, the system was modelled on a similar mechanism that had been in place during the Cold War for dealing with traditional military incidents and enables a prompt information exchange at all levels from institutional to political.
Since its establishment, the communication channel has been used, and more than once. Physical meetings of experts enabling them to engage in direct discussions on emerging issues were held. Even a special high-level bilateral working group was established under the Russian-American Presidential Commission.
As for the operation of the “hotlines,” the most vivid example is the address of the American side during the U.S. presidential campaign in autumn 2016, in which the U.S. expressed concerns over the intrusion into its electronic infrastructure. Our response was prompt as usual, and an exchange of the relevant technical information took place. Our national coordination centre for computer incidents announced its readiness to reveal the content of the correspondence to general public. We sent the relevant proposal to Washington through diplomatic channels early this year. The response was in the negative.
The Russian Foreign Ministry’s spokesperson offered an exhaustive explanation on the issue at her recent briefing. Our proposal to publish the correspondence was an unprecedented step, an example of true transparency, which our partners tend to invoke so often. Russia is ready to open the correspondence for examination by the general public both in Russia and the U.S., the mass media, and experts, so that they could draw their own conclusions on what really happened.
At the moment, we are not publishing this data owing to the refusal of the American side. The pretext for the refusal was the so-called “sensitivity” of the data. It is highly unlikely, however, that any information that is more “sensitive” for the U.S. than for Russia could be found there. Frankly speaking, this approach rather shows that they are unsure of their position, since it would be much harder to disseminate information accusing Russia of “having a hand” in cyber intrusions if true facts were made public.
We decided to directly address the U.S. audience about the Moscow view on the situation around the “hotlines” and proposed a number of the leading U.S. mass media to publish this article. First, these media showed the interest in the matter, asked us for the details, claimed that they were ready to publish the article. However, then they apparently got a stoplight and refused, giving no explanation. They got cold feet maybe.
This is a matter of emotion, while we want to be pragmatic. I once again agree with our U.S. colleagues (Michael Daniel, Chris Painter and Luke Dembosky), whose opinions were referred to in the article, that it is not enough just to set up emergency hotlines. For them to work effectively there should be a dialogue between those who maintain their day-to-day operation as well as a broader conversation on issues related to international information security.
Officials in Washington often say that, allegedly, there is “not enough trust” for this. The question is, why would there be any trust if you keep avoiding any discussion on the matter? We have repeatedly proposed to hold bilateral consultations, but all our proposals have been rejected. At times, things get absurd, as a year ago in Geneva, when the U.S. cancelled a bilateral meeting two hours before it was supposed to begin, even though the delegations were already there. Talking face to face seems to appear so appalling to our partners that they would rather transmit their grievances through the media.
However, this issue is beyond routine politics, mutual poking or any subjective factors. Today, just as 50 years ago, we talk about preventing a cyber incident from escalating into a full-scale military conflict between Russia and the United States. If the established emergency “hotlines” bolstered with dialogue between experts stall for political reasons, we will face the risk of another Cuban Missile Crisis, only this time it will be triggered by information and communication technologies, not warheads, and events will unfold in a matter of minutes, leaving little time for both sides to make their decisions. It sounds like a science-fiction film, but actually it has long been our reality.
I want to believe that the U.S. recognises this as well as Russia does. At least, the opinions expressed by U.S. experts provide us with reasons for hope.
We also seek the same openness, democracy and constructive dialogue as we cooperate with the U.S. on cyber issues at multilateral fora. This year, two dedicated negotiating mechanisms are expected to be established to deal with international information security: the Open-ended Working Group (OEWG), which all the UN member states can join, and the Group of Governmental Experts (GGE). It is interesting to note that even though the first one is being established on Russia’s initiative, and the other, de jure, on America’s, in fact, both groups were first proposed and sponsored by Russia, while Western countries were sceptical about the UN track and took every opportunity to criticise it. Nonetheless, the reality is that the UN will now have two groups working in parallel, and it is essential that we define today the principles of their interaction.
We do not believe that getting into “gladiator fights” on international information security is the right option to pursue at the UN.
Russia, just like any other state, is interested in ensuring that these groups work in a complementary, non-adversarial, constructive and cooperative manner.
Out of common sense, we suggest that it would be best to “share the burden.” According to this plan, the OEWG is to focus on major political tasks concerning the majority of the international community: the rules of responsible behaviour of states in the information space, confidence-building measures in this field, assistance to developing states and the future format for the negotiations on this matter (a standing committee of the UN General Assembly or Security Council, or some other option).
As for the GGE, it could in its turn address, as a matter of priority, an equally important yet more specialised issue of applicability of the existing norms of international law to the information space.
Harmonisation of efforts is the second pivotal principle of coexistence of the two groups. Their discussions should be non-politicised and pragmatic, and there should be complementarity rather than competition between their outcomes. The mandate of both the OEWG and the GGE demonstrates that the groups are to address an enormous set of issues, which can only be achieved with constructive engagement of all participants.
Back in November 2018, we offered such plan, a kind of programme of joint actions, to the United States. We suggested, as we had done many times before, that we should meet and discuss these matters. As before, we have not received any reply. There is not much time left before both groups set to work. We can only hope that our partners’ common sense prevails and they will take advantage of this “window of opportunity” before it closes. We stand ready to engage in the dialogue.
•Krutskikh is ambassador at large of the Russian Federation, special presidential representative for international cooperation in information security