The nuclear center supports more than a dozen bilateral and multilateral treaties and agreements with up to 50 countries and in six languages. The treaties also deal with troop movements and major military exercises.
In the case of a cyber-incident, the channel of communication could be activated if either side detects what appears to be hostile activity from the other’s territory, officials said.
The channel would be used only if the malicious cyber-activity is of “such substantial concern that it could be perceived as threatening national security,” said an administration official who described the emerging agreement on the condition of anonymity because the talks are not final. “So this is not to be used every day.”
The Russians requested a phone-based hotline between the Kremlin and the White House exclusively for cyber-incidents, the official said. That would be distinct from the nuclear hotline.
Though often depicted in popular culture as red telephone, the nuclear hotline started as a Teletype machine and was later replaced by a computerized system, a defense official said. The hotline, used for crisis communications between heads of state, is not part of the Nuclear Risk Reduction Center.
The pending agreement has grown out of high-level cybersecurity talks in Moscow in February 2011 and a follow-up last June in Washington to establish confidence-building measures to prevent cyber-conflict.
Vice President Biden said in November that talks between the United States and Russia were intended to “build cooperation and to set up lines of communication in the event of an alarming incident.”
The negotiators agreed on two other measures, including an exchange of position papers, which has been completed. The United States gave the Russians the Pentagon’s strategy for cyberspace before it was published last July. In December, the Russians delivered a Ministry of Defense paper on the “information space” that affirmed that the law of armed conflict applies in cyberspace, although the Russians have said more rules may be needed.
The other measure would set up an ongoing exchange of basic, unclassified data on malicious cyber-activity between the Department of Homeland Security’s U.S. Computer Emergency Readiness Team and its counterpart in Russia.
“It’s a very good approach in bilateral relations to decrease tensions,” said Andrey Kulpin, an adviser on international cooperation at the Institute of Information Security Issues at Lomonosov Moscow State University. If either side sees what appears to be a cyberattack from the other, he said,“we have a direct line to discuss that and to have a clear vision that this is not from Russia or the United States.”