U.S., Russia to Share Cyberthreat DataReducing Misunderstandings That Could Create Instability
The United States and Russia are creating a new working group to assess emerging online threats. The group, announced by the White House, will begin work within the next month.
See Also: Webinar | Data Breach Myth Vs. Reality
"It's a great idea because cybercrime has long been assisted by cross-jurisdictional friction," says Richard Stiennon, an IT security analyst who wrote the book "Surviving Cyberwar." "Russian law enforcement has worked closely with Western agencies to track down cybercriminals. Working directly with the U.S. is the only path toward slowing the growth of cybercrime."
The U.S. and Russia seek to increase transparency and reduce the possibility that a misunderstood cyber-incident could create instability or a crisis in their bilateral relationship, according to a White House fact sheet. The fact sheet characterizes the move as expanding the nations' shared understanding of threats.
Larry Clinton, chief executive of the trade group Internet Security Alliance, says this type of cooperation should help combat cyberfraud.
"While there is no doubt a certain amount of state-supported cybermischief, there is also a substantial amount that is not helpful to either the Russians or U.S. interests, and just focusing on that activity is very worthwhile," Clinton said. "We need to remember that in today's world economy, there are tremendous interdependencies among major nations. And so there ought to be very substantial common ground that can be found and successfully managed with a true joint collaborative effort."
The governments are arranging for the sharing of threat indicators between the Department of Homeland Security's United States Computer Emergency Readiness Team and its Russian counterpart to ease the regular exchange of practical technical information on cybersecurity risks to critical systems, according to the White House.
U.S. and Russian authorities will exchange technical information about malware and other malicious indicators to mitigate threats.
The two countries agreed to use an existing link, housed in the United States at the Nuclear Risk Reduction Center, "to quickly and reliably make inquiries of one another's competent authorities to reduce the possibility of misperception and escalation from ICT [information and communications technology] security incidents," the fact sheet states.
In addition, the White House and the Kremlin have authorized a direct secure voice communications hotline between the American cybersecurity coordinator and the deputy secretary of the Russian Security Council should there be a need to directly manage a crisis arising from a security incident.
Clinton says this program should have been initiated years ago. "International collaboration, beyond English speaking countries, is essential to fight whole classes of cyber-attacks," he says. "There is an enormous amount of work that needs to be done on international cybersecurity, and the active cooperation and engagement of world leaders such as Russia and the US is essential to getting that work done."