The US & Russia: Cyber-cooperation against common foes

Summary: Two experts, Emilio Iasiello (cybersecurity) and Matt Epstein (Russia) analyze a rare bit of good news about global security. Despite the powerful political forces in both nations benefiting from the revived cold war, Obama and Putin have sought common cause in the face of the great 21st century challenge of cybersecurity. Note the bias. They mention Russia’s cyberstrikes, but omits mention the US and Israel launched Stuxnet — the cyberwar Pearl Harbor.  {1st of 2 posts today.}

Obama and Putin agree

The U.S. and Russia Re-Engage in Cyber Cooperation

By Emilio Iasiello and Matthew Epstein
Posted at Dead Drop (of the LookingGlass Cyber Threat Intelligence Group)
18 April 2016. Posted with his gracious permission.

In late March 2016, the governments of the Russian Federation and the United States agreed to resume their discussions on cyber security cooperation, progress that had been threatened after the commencement of the Ukrainian crisis in 2014, and western imposition of sanctions against Russia.  As part of this re-engagement to be held in Geneva this week, the two governments intend on accelerating the agreements in cyber defense first set forth in their 2013 talks.  Following up on this, in April, Russia reached out to the United States for additional assistance in combating Internet crimes, although no details have been offered as of this writing.

In 2013, Russia and the United States had come to consensus on certain areas designed to increase transparency and reduce misunderstanding that could inadvertently impact relations between the two governments, and in turn, build greater trust and foster better cooperation in cyberspace.  These areas include:

  • Facilitating closer working relationship between national computer emergency response teams.
  • Using the Nuclear Risk Reduction Centers to quickly and reliably contact the appropriate authorities to reduce misperception and escalation due to cyber-related incidents; however, early indications are that national centers specifically created to address the reduction of IT threats will be established for this purpose. These centers have already been using during Russian preparation for the 2014 Winter Olympics.
  • Creating a direct White House-Kremlin hotline to directly manage a crisis as a result of a cyber incident.

Russia has a similar plan already in place with China, a signed pact in which both governments have agreed not to carry cyber attacks against each other, as well to jointly prevent the use of technology for terrorist purposes and interference in internal affairs that might destabilize internal political and socio-economical situations of both countries.  The pact solidifies both governments’ views as to their perceptions of the threats in the digital domain to their respective national interests, which are in contrast and serve as a counterbalance to the U.S.’ as well as several other Western nations, positions.

While it’s highly unlikely that the Russian/U.S. talks will address the same issues as covered in the China pact, it is nonetheless a positive development in continued confidence-building measures between the two cyber powers, particularly given the tenuousness of the current geopolitical climate.

Russia cyber-bear
Russia cyber-bear. By Daniel Marsula/Post-Gazette.

Russian hackers, suspected of acting on the direction or support of the Russian government, are strongly suspected as being the orchestrators of the cyber attacks that disrupted Ukrainian infrastructure.  After the U.S. imposition of March 2015 sanctions for Russia’s involvement in annexing Crimea, U.S. government and White House networks, as well as those of some businesses, were targets of cyber intrusions believed to have originated from Russia. Then in September 2015, press accounts revealed that the U.S. was considering levelling economic sanctions against Russian companies and individuals for cyber attacks against U.S. commercial targets.

This has been subsequently followed a November 2015 Pentagon statement regarding the intention of the U.S. to wargame cyber scenarios against China, Iran, North Korea, and Russia.  An April 2016 statement by the Commander of U.S. Cyber Command specifically identified Russia, as well as China, as possessing the requisite cyber warfare capabilities to inflict harm on U.S. critical infrastructures. Seeing the potential action-reaction of these events, it’s evident why the need for transparency and to combat rapid risk escalation in cyber space is so imperative.

Russian and U.S. reengagement on cyber issues comes at a time when governments are actively seeking to establish cooperative ties with one another.  Recently, the United States and Germany are actively seeking avenues from which to deepen their cooperation including such areas as promoting norms for state behavior in cyberspace, and increasing training in developing countries.  Russia too has been working to collaborate with those governments that share mutual interests.  Earlier this year, Russia has been having discussions with India on formalizing a “Memorandum of Understanding on Information Security” and perhaps swaying the largest democracy in the world to support their view of how security in cyberspace should be governed.

A restart between the two governments is a positive development, if for nothing else, than to ensure that incidents in cyberspace aren’t mischaracterized and escalated to a point that involves kinetic responses.  In 2015 the United Nations’ Group of Government Experts on cyber-related issues, which includes the United States and some of its allies as well as adversaries such as China and Russia, agreed that the international law of armed conflict applies to cyberspace.  This, as well as the recent G20 no-hack pledge, are important building blocks toward codifying acceptable nation state behavior in cyberspace.

While fundamental definition differences are not likely able to be overcome in the near future, any progress that further enhances the transparency between these two governments will inherently build confidence, reduce aggravated risk, and aid in the stability of cyberspace.  Multilateral cooperation requires finding common ground on issues that benefit all states in the global domain, including opposing nations, and cannot be restricted to regional or ideological interests alone.

Cyber Security

Therefore, increased cooperation and coordination is a significant step forward, and if agreements are reached, will likely meaningfully impact the growth rate of organic, independent cyber crime, putting unaffiliated criminal groups, and entrepreneurial ventures targeting financial targets will be at much greater risk of exposure and prosecution. Russian law enforcement, and the Russian economy as a whole, have strong motivation to stem the economic loss propagated by cyber criminals. A recent report indicates that Russia lost approximately $3.3 billion USD to cyber crime activities in 2015 – $2 billion in direct losses and the elimination of the consequences associated with the attacks costing $1.3 billion. Thus, increased information flow of any kind will be tremendously useful for western efforts to identify, predict and protect against new cyber threats.

That said, one must respect the matrix organization of Russian society, whereby individuals are likely members of and loyal to more than one overt economic network defined by official employment. Often mislabeled as corruption, which is an innately individual and moral categorization, this matrix cuts through and across all levels of government and law enforcement. Thus, certain of the most powerful organizations that employ cyber tools will actually be further shielded and strengthened by misdirection efforts amplified by increased cross border cyber cooperation. In layman’s terms, increased Russian-U.S. cyber cooperation can potentially result in many smaller fish being caught, but may actually result in the reduction of being able to correctly identify and protect against the most sophisticated cyber sharks that live or work through Russia.

————————————————–

Matt Epstein

About Matthew Epstein

Mr. Epstein is a corporate petroleum finance expert with more than 20 years experience at leading global financial institutions, and has worked extensively with counterparts in Russia.  He formed his own energy consulting firm Aremet Energy and collaborates with mezzanine lending, private equity, and commodity trading firms on engagements requiring his unique financial, trading, and technology insights.

He can be followed on Twitter @OilArb.

Emilio Iasiello

About the Author

Emilio Iasiello has more than 12 years’ experience as a strategic cyber intelligence analyst, supporting US government civilian and military intelligence organizations, as well as a private sector companies. He has delivered cyber threat presentations to domestic and international audiences and has published extensively in peer-reviewed journals.

See his other articles on the Dark Matters website. He now posts at Dead Drop of the LookingGlass Cyber Threat Intelligence Group.

For More Information

If you liked this post, like us on Facebook and follow us on Twitter. See all posts about Cyber-espionage and Cyber-war, about Russia, and especially these…

Advertisements

One thought on “The US & Russia: Cyber-cooperation against common foes

Leave a comment & share your thoughts...

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s