Announcing the extension to the work of the existing Nuclear Risk Reduction Center (NRRC), the White House explained, “this new use of the system allows us to quickly and reliably make inquiries of one another’s competent authorities to reduce the possibility of misperception and escalation from ICT security incidents.” It is with huge irony that this statement came at precisely the same time as an Edward Snowden leak claimed the NSA had monitored Russian president Dmitry Mevedev’s telephone conversations in 2009 via its listening station at Menwith Hill in the UK.
From such incidents, major crises could follow – but now (or at least from later this month when the new link comes on stream) they can be diffused before escalating. This is one of the primary functions of the new hotline, “to make formal inquiries about cybersecurity incidents of national concern.” It includes “a direct secure voice communications line between the U.S. Cybersecurity Coordinator and the Russian Deputy Secretary of the Security Council, should there be a need to directly manage a crisis situation arising from an ICT security incident.”
The new hotline, however, goes beyond simply defusing direct tensions between the USA and the Russian Federation. It also includes “the sharing of threat indicators between the U.S. Computer Emergency Readiness Team (US-CERT), located in the Department of Homeland Security, and its counterpart in Russia.” This is to help both countries counter the more general cyber security threat rather than any specific cyber war threat. “This kind of exchange,” continues the White House, “helps expand the volume of technical cybersecurity information available to our countries, improving our ability to protect our critical networks.”
Nevertheless, that the new link uses the same channels as the old nuclear link is potentially indicative. “There is a resonance here,” suggested Adrian Culley, a consultant with Damballa (and a former Scotland Yard detective) to Infosecurity, “that suggests we are sleepwalking into a Cyber Cold War.” The existence of a hotline to prevent that cold war overheating is useful, but he’s not sure whether there will much other benefit. “The heart of the matter is trust and meaningful information sharing,” but “What impact, if any, this hotline will actually have on DDOS attacks, botnets, cyber crime and cyber espionage, et al, we will have to wait and see.”