The EastWest Institute released a report calling for Russia and the United States to work together to protect the world’s digital infrastructure, including joint participation in NATO-Russia cyber military exercises.
According to the report’s co-authors EWI’s Franz-Stefan Gady and Greg Austin, this is just one step that the United States and Russia could undertake as a part of a broader effort to secure cyberspace – a potentially groundbreaking collaboration between the two former rivals. Russia, The United States, and Cyber Diplomacy: Opening the Doors takes as its starting point the nations’ pledge to begin talks on promoting cybersecurity made in the United Nations last December – talks that have been slow in coming.
“It is important for both the United States and Russia to recognize that cybersecurity is a global problem, transcending national boundaries,” says Austin. He points out that cyber attacks can be launched from anywhere in the world, target dozens of nations and be impossible to attribute, which prevents individual states from tracking and prosecuting criminals. “Mutual exchanges of information like the cyber military exercises would help both nations better protect themselves against such threats.”
In their report, Gady and Austin recommend three other possible areas of collaboration, each to be jointly addressed in a specific international forum: (1) an agreement on Public Key Infrastructure -- the certificates and identification systems that protect private information on the Internet -- in the International Telecommunication Union; (2) an expanded Network of Contact for High Tech-Crime under the G8 and the creation of a 24/7 point of contact; (3) joint policy assessments of international cyber law in the OSCE.
Given the bilateral relationship’s long difficult history, is it realistic to think that Russia and the United States can cooperate effectively on cybersecurity? The authors believe it is, even to the extent of staging cyber military exercises. As Austin says, “The United States and Russia are facing a shared threat, a shared set of vulnerabilities from personal information and banking records to controls on nuclear power plants. To safeguard the world’s information infrastructure, the old policy paradigms will simply have to change.”