The collapse of the Geneva agreements on information security
The history of Russian-American cooperation on the issue of ensuring global cybersecurity dates back a little more than 20 years. And it resembles a roller coaster, in which there are ups and downs, and one turn is replaced by another. It's interesting that in many countries roller coasters are called Russian.
FROM HILL TO HILL
One of the takeoffs occurred on June 16, 2021 during the Russian-American summit in Geneva. Then the parties agreed to start consultations on cyber-communication, which had previously been one of the aggravating circumstances of bilateral interaction. This event was positively received by the political and expert community.
Positive developments were observed both bilaterally and within the framework of the UN negotiation process. On October 8, 2021, Russia and the United States jointly submitted to the First Committee of the 76th UN General Assembly a draft resolution on the establishment of universal rules of conduct in cyberspace. On November 3 of the same year, at a meeting of the committee, the draft was adopted without a vote.
But even then it was possible to predict that the agreements reached could collapse – due to the deterioration of relations due to a new political crisis not directly related to cyber warfare.
And the reason was not long in coming. On February 24, 2022, with the beginning of the Russian special military operation in Ukraine, the world entered a new crisis. In early April, the United States announced the termination of cooperation with Russia on cybersecurity and the closure of the working group on security issues in the field of information and communication technologies (ICT).
Another round of tension has begun on the Russian-American political roller coaster, which risks turning into a protracted "winter".
POTHOLES OF HISTORY
History knows many examples when the results achieved earlier were canceled due to the deterioration of the situation on the world stage.
Even before the Geneva agreements, the peak of relations on this agenda was the conclusion of agreements "On confidence-building measures in the use of ICT" during the bilateral meeting between Vladimir Putin and Barack Obama in 2013 at the G8 summit in Northern Ireland. As a result of their negotiations, it was decided to create two direct communication lines to resolve potentially conflicting situations in cyberspace, as well as to form a bilateral working group on threats in the field of ICT.
Everything was going well until the political crisis in Ukraine broke out in 2014. As a result, the implementation of the agreements reached was frozen, and then "buried" by hacking the servers of the US Democratic National Committee during the 2016 election campaign and assigning responsibility for them to Russia. As a result, in 2017, the work of the UN Group of Governmental Experts (UNGGE) in the field of information and telecommunications, which included both Russia and the United States, ended in complete failure.
After that, Moscow was repeatedly accused of carrying out cyber attacks on the United States, including the Sunbirst cyber campaign in mid-December 2020, cyber attacks on scientific organizations with the aim of stealing data on the development of a vaccine against COVID-19 in July 2020, etc.
These examples clearly demonstrated the fragility of the agreements.
WINTER IS NOT ON SCHEDULE
The stumbling block in the Russian-American cooperation on cyber warfare, as in 2014, was the Ukrainian issue, in connection with which we are entering a new "cyber winter".
Today, the world is in a state of long-term strategic competition between great powers, including in the field of cyber policy. The consultation mechanisms created following the Geneva Summit were supposed to restrain this competition between Russia and the United States in cyberspace and make it more controlled. But after a few months they stopped working.
It can be predicted that within the framework of the cyber campaign, the United States will exert pressure on Russia in two directions: international political and operational-strategic.
International political direction. The termination of bilateral cooperation on the issue of cybersecurity is the least of the troubles. Most likely, Russia will face opposition within the framework of the key UN negotiation process for it – the Open-ended Working Group on Achievements in the Field of Information and Telecommunications in the Context of International Security (UN OEWG), which was created on the initiative of Russia itself in 2018. Then the White House resisted the emergence of a new negotiating format, presenting an alternative resolution providing for the re-establishment of the UN GGE. As a result, two competing formats were created – the UN OEWG and the UN GGE.
The uniqueness of the OEWG is that not only representatives of countries are allowed to participate in its meetings, but also independent specialists, representatives of business structures, etc. In light of this and in connection with the previous confrontation, the joint efforts of Russia and the United States to develop a joint draft resolution in the fall of 2021 served as a very positive signal. In the near future, the OEWG became the only UN format in which it was supposed to conduct the main discussions on the problem of ensuring international cybersecurity. Which meant recognition of the efforts made by Russia and its allies on the part of all the co-sponsors of the new resolution, among whom, in addition to the United States, were Australia, France, Germany, Great Britain, Japan, who had previously been "on the other side of the trench."
ONE STEP FORWARD AND TWO STEPS BACK
Now, this alignment may not turn out in favor of Russia. Perhaps we should expect attempts, if not to displace, then to reduce Russia's influence in the WGOS format, which was initiated by Moscow. The negotiation process at the UN is likely to continue, but it may slow down significantly.
Thus, at the second substantive session of the OEWG 2021-2025, it was demonstrated that Russian initiatives are perceived skeptically because of a special military operation, as it became clear from the words of the French delegate. Later, the situation changed and a comment followed, indicating the possibility of developing norms of international law that can be applied in cyberspace. Moreover, the problem of attribution of cyber attacks is too acute in the world to stop the negotiation process with its initiator.
The same applies to the participation of Russian companies in the discussion of cybersecurity issues within the UN. It is important to note that the only domestic company that took an active part in the work of the RSE of the first convocation of 2019-2021 was Kaspersky Lab. However, on March 25, 2022, the US Federal Communications Commission recognized the company as a potential threat to US national security.
Thus, in the future, the current situation may create certain risks for the truly effective participation of Russian stakeholders in the profile dialogue, which may secretly be undesirable and will be subject to formal restrictions due to their alleged participation in malicious activities.
For a long time, the lack of consensus in approaches to ensuring international cybersecurity remained a sore topic in the interaction between Moscow and Washington, which was reflected in the creation in 2018 and the parallel functioning of two sites – the RSE and the GPE. With the unification of the efforts of Russia and the United States in 2021 within the framework of one OEWG, there was hope that now the parties will share common approaches to solving the issue under consideration. Now, despite the fact that the negotiation process is completely within the framework of the OEWG, polarization is not excluded already within this one format.
However, one or another anti-Russian sentiment can now be found everywhere.
DROP DEPTH
The progress made between the United States and the Russian Federation in the fight against cybercriminals, consolidated by the operation to detain hackers from the REvil group in January of this year, conducted by the FSB of the Russian Federation, has been left behind. In the future, we should expect maximum politicization, and not object-oriented activities.
It is worth emphasizing the importance of the absence of a subjective approach to solving the problem. Due to the fact that the Internet is not an environment where you can clearly set your own boundaries, it is necessary to return from day to day to search for a common denominator that will resolve the current situation.
It is difficult to make forecasts for the return to real negotiations. First, it is necessary to realize the scale of the crisis, the scale of the importance of working together on the challenge posed by their own technologies.
Operational and strategic direction. In order to successfully compete and secure strategic superiority in cyberspace, the United States has adopted a strategy of proactive defense (defend forward), which should be implemented through the concept of persistent engagement. The strategy is to conduct proactive cyber operations in the enemy's networks – and, if necessary, to disable the enemy's systems and servers even before he carries out cyber attacks. While "constant engagement" implies that these proactive cyber operations will be carried out on an ongoing basis in real time against potential adversaries as close as possible to the source of the alleged aggression.
This approach is designed for "daily competition" in order to counter in real time cyber threats that do not reach the level of armed conflict. According to the US Cyber Command, this approach has already been applied in practice against Russia in 2018, when it managed to prevent Moscow's alleged interference in the US "midterm elections" on November 6.
It can be expected that in the conditions of the collapse of the consultative mechanisms, Washington will use the described strategy against Russia in one form or another. The White House has repeatedly stated its readiness to respond to Russian cyberattacks by proportional means using all the tools of power.
HOW TO SURVIVE THE WINTER
It is time for Russia to step up cooperation on international cybersecurity within the framework of other international organizations and formats – the Shanghai Cooperation Organization, BRICS, CSTO, the Russia–ASEAN regional partnership.
Some progress has already been made here. The SCO has a Group of Experts from the SCO member States on International Information Security, the BRICS has a Working Group of Experts from the BRICS states on Security Issues in the Use of ICT, and the CSTO has a Working Group on Information Policy and Information Security.
It was with the active participation of the SCO member states (Russia, China, Tajikistan, Uzbekistan, Pakistan, Kazakhstan, Kyrgyzstan), BRICS (Russia, China) and the CSTO (Russia, Kazakhstan, Kyrgyzstan, Tajikistan) that key initiatives for the UN in the field of cybersecurity were proposed.
You can look for like-minded people at the regional level. Russia has a number of partner countries that share the Kremlin's views on problems in cyberspace: These are China, India, South Africa, Brazil, former CIS countries and some Asian states.
A real option seems to be the development of a single document that will regulate the relations of actors in cyberspace at the regional level. A well-structured system of relations between representatives of digital technologies in China can positively affect the creation of something similar for Russia. If the Russian Federation seriously intends to make efforts to create such a document, do not neglect the efforts of domestic experts from different fields.
Of course, this does not mean at all that Russia should weaken its efforts within the framework of the UN – it still occupies a key position in the OEWG and has leverage.
As for bilateral cooperation with the United States, there are no prospects for normalization of relations on the issue of cyber warfare in the near future. Today it is no longer possible to talk about the creation of any permanent working formats, which were created twice, but did not meet expectations. In these conditions, we can consider the transition to limited and point-based mechanisms of interaction. These may be consultations "as necessary" in order to prevent an even greater escalation in the cybersphere and the emergence of a real political conflict due to cyber provocations.
Further, it is necessary to unilaterally establish the so-called red lines: thresholds that it is better not to cross in bilateral competition in cyberspace, so that the above-described strategic cyber competition does not turn into a real political conflict.
The inability of the two largest players on the world stage to agree and further coordinate their efforts threatens the formation of a universal system of global cybersecurity. The issue of ensuring truly global cybersecurity and establishing universally recognized universal rules of responsible behavior in cyberspace risks being postponed for many years.
Sergey Sobekin
Sergey Alexandrovich Sobekin – Candidate of Historical Sciences, independent expert; Ilya Olegovich Storchilov – Master's Degree in International Relations, St. Petersburg State University.
