Is a U.S.-Russia Cyber Security Working Group Silly?

Over the course of the recent controversial Helsinki summit, Russian President Vladimir Putin pushed an agenda that would ostensibly see the U.S. and Russia working side by side as allies

This is not the first time such an idea was discussed.  Such a proposition was first raised in mid-2017, when leaders of both countries met at a summit of the Group of 20 nations in Germany.

Is this a far-fetched theory?

Critics assert that such an endeavor is akin to letting the fox into the henhouse, a hyperbolic statement that doesn’t understand the nature and expanse of the areas that cyber security covers.  Indeed, some have said that sharing information with Russia would make it easier for Moscow to detect and deflect U.S. intelligence agencies’ digital espionage and cyberattack techniques, as well as potentially provide insight into our “investigative playbook.”  While this is certainly possible, knowing the potential risks should help inform the United States on what and what not to share.  Furthermore, it should be fairly easy to detect if Russia would be using information gleaned from these exchanges for independent gain.

In fact, I would argue that it is improbable that any government would willingly share network topographic and security/vulnerability information government and any other critical networks with any foreign government.  There is no reason to assume that any U.S.-Russia cyber security working group would do so.  Obviously, cyber espionage and state actor activities would likely not be a part of the conversation, but it doesn’t necessarily have to – at least not at first.  There are a host of issues where the two governments can discuss. Cyber security as a practice involves other areas to include best practices, identification of pertinent threat actors, malware, incident response, and policy development, to name a few.

Russian influence operations have been well documented thus far, which calls into question whether Russia can and should be trusted to engage properly in a joint working group.  This is serious and warrants the appropriate punitive actions (whether that be diplomatic, economic, or something other).  However, state desire to see foreign election outcomes shouldn’t necessarily be a deal breaker as many countries, regardless of intention and motivation, have been accused of such activities in the past.  A media report revealed that “a State Department grant intended to rally support for peace between Israel and Palestine also helped set up political infrastructure that was later used for a campaign opposing Israeli Prime Minister Benjamin Netanyahu in 2015.”  Such activities were confirmed by an ex-Central Intelligence Agency director in early 2018 that the United States interfered in foreign elections for “a very good cause in the interests of democracy.”

The big question on critics’ minds is what is to be gained by establishing such a working group.  Such groups are believed to start from a position of trust, which obviously doesn’t exist between Washington and Moscow currently.  However, a joint working group can be a starting point from where trust can be slowly developed.  Confidence building measures must start from someplace and a cyber security-focused (read: defensive), which all countries struggle with.  From this standpoint the working group can be leveraged to 1) start dialogue on issues that have consistently stalled in larger international fora such as cyber norms of state behavior and Internet governance, and 2) work collaboratively on cyber issues that negatively impact both countries such as cyber crime (yes, even Russia is targeted by crime) and cyber terrorism.  Putin called attention to how international cooperation was essential in safeguarding their recent hosting of the World Cup in which it experienced 25 million cyber attacks during the tournament.

There is some precedent of the United States and Russia working collaboratively on hot-button issues such as nuclear arms proliferation (for close to 50 years, arms control agreements have contributed to more stable and predictable relations between Washington and Moscow) and terrorism (e.g., coordinated air strikes in Syria against ISIS, informing Russia about impending terror attacks)for example.  Now this type of cooperation is limited, and no one would mistake it with the United States’ special relationship with the United Kingdom, it is a starting point.

So, the question still stands: is a joint cyber security working group a ludicrous idea?  Perhaps.  But given the realities of cyber space and the fact that no state has a great handle on securing its overall cyber security posture including critical infrastructures, having discussions about where the two can come together to address problems doesn’t seem so silly.  It seems sillier not to give it a cautious try.

About the author

Retaliatory Hacking Has Returned – Will States Ever Learn? TechNativeEmilio Iasiello has more than 12 years’ experience as a strategic cyber intelligence analyst, supporting US government civilian and military intelligence organizations, as well as the private sector. He has delivered cyber threat presentations to domestic and international audiences and has published extensively in peer-reviewed journals and blogs. Follow Emilio on Twitter