In another sign that multinational talks are expanding on cyber security, the attendees at the conference included a delegation from the Chinese government as well as the White House senior director for cyber security, Chris Painter. Painter declined to be interviewed.
Russia, along with China and India, is a major source of cyber crime, and the U.S. has been trying to get Russia to allow law enforcement access to Russian networks to investigate crimes like bank fraud. Russia wants to forge an agreement akin to a nuclear arms treaty, but favors stopping short of law enforcement access.
While the stalemate was not broken yesterday, the gathering was a step forward in terms of forging ties. “The U.S. needs to work with Russia because it is one of the hotbeds of crime and hacker activity,” said Sanjay Goel, a computer scientist at the SUNY Albany, who runs a computer forensics lab and who signed on with the Russian research collaboration. “You need to engage with the people who are in a position to be able to fight cyber crime.”
Wingfield noted that countries who want to defend themselves face high hurdles. The threat of a cyber attack can be enormous, but might not be defined under international law as an “armed attack,” which would allow for an armed response. Clearing up the law in this area will provide a further means of deterrence, he said. But forging international agreements will take years and will require a progressive set of technical and diplomatic discussions, said John Mallery, a research scientist at MIT’s computer science and artificial intelligence laboratory.
“There is no international code of conduct for cyberspace,” said Charles Barry, a senior research fellow at the Center for Technology and National Security Policy at National Defense University, in Washington, DC. “Coalescing common rules will be long and arduous, requiring continuous dialogue among nations, the private sector, and international stakeholders.”