Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo

 

Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

A top White House cybersecurity aide said yesterday that transnational cybercrime, such as thefts of credit-card numbers and corporate secrets, is a far more serious concern than “cyberwar” attacks against critical infrastructure such as the electricity grid.

Christopher Painter, the White House’s senior director for cybersecurity, made his comments at a conference arranged by top Russian cybersecurity officials in Garmisch-Partenkirchen, Germany. Russia is a major source of cybercrime, but its government has declined to sign the European Convention on Cybercrime–the first international treaty on the subject. The treaty aims to harmonize national laws and allow for greater law-enforcement cooperation between nations.

Painter acknowledged that critical infrastructure needed to be made more secure, but said that the best defenses start by cracking down on crime. “There are a couple of things we need to do to harden the targets, and make the systems as secure as possible,” he said. “But the other thing you need to do is reduce the threat. And the predominant threat we face is the criminal threat–the cybercrime threat in all of its varied aspects.”

The European Convention on Cybercrime has been ratified by 29 countries, including the United States. Russia says it won’t sign because it doesn’t want give foreign law-enforcement agents trying to investigate crimes unfettered access to its Web data, which the convention requires. Instead, Russia wants an arms-control treaty in which all nations would agree not to use cyberweapons.

“There are a lot of controversial issues that need to be resolved before we can sign that convention,” said Vladislav Sherstuyuk, who leads the Institute of Information Security Issues at Moscow State University. Russia wants to “preserve state sovereignty and monopoly on the conduct of investigative activities based on existing domestic laws and procedures,” he says.

Critics say it would be difficult, if not impossible, to define and verify who possesses “cyberweapons,” and to tell whether a government or a rogue hacker was responsible for any attack that might have occurred.

Painter didn’t directly address this issue, but his presence–along with that of Secret Service and State Department staffers–suggests a new determination to engage with Russia.

“The United States and Russia have very different ideas about how to solve the international problem, but it’s clear there has been a decision in the Obama administration to engage more broadly with the Russians on this issue,” said Stewart Baker, who was assistant secretary for policy at the Department of Homeland Security during the second half of the Bush administration, and who is now a partner in the Washington law firm Steptoe & Johnson. “And there is a Russian interest in engaging on these issues. They’d like a reputation of being cooperative and they would like to find solutions to security problems. And that’s a good thing for both sides.”

2 comments. Share your thoughts »

Tagged: Computing, cyber attacks, cyber security, Germany, cybercriminals, Russia, cyber warfare, White House

Reprints and Permissions | Send feedback to the editor

From the Archives

Close

Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me