In U.S.-Russia deal, nuclear communication system may be used for cybersecurity

The Russians accept that position, easing potential conflict on that point. Experts also note that the Russians and the Americans have had decades of experience negotiating nuclear and other strategic matters.

With computer terminals at the State Department and the Russian Ministry of Defense that are staffed 24 hours a day, the Nuclear Risk Reduction Center allows electronic messages to be quickly translated and directed to key officials. Each government, for instance, could alert the other before it test-fired an intercontinental ballistic missile so that the launch would not be mistaken as the first salvo in a nuclear war.

The nuclear center supports more than a dozen bilateral and multilateral treaties and agreements with up to 50 countries and in six languages. The treaties also deal with troop movements and major military exercises.

In the case of a cyber-incident, the channel of communication could be activated if either side detects what appears to be hostile activity from the other’s territory, officials said.

The channel would be used only if the malicious cyber-activity is of “such substantial concern that it could be perceived as threatening national security,” said an administration official who described the emerging agreement on the condition of anonymity because the talks are not final. “So this is not to be used every day.”

The Russians requested a phone-based hotline between the Kremlin and the White House exclusively for cyber-incidents, the official said. That would be distinct from the nuclear hotline.

Though often depicted in popular culture as red telephone, the nuclear hotline started as a Teletype machine and was later replaced by a computerized system, a defense official said. The hotline, used for crisis communications between heads of state, is not part of the Nuclear Risk Reduction Center.

The pending agreement has grown out of high-level cybersecurity talks in Moscow in February 2011 and a follow-up last June in Washington to establish confidence-building measures to prevent cyber-conflict.

Vice President Biden said in November that talks between the United States and Russia were intended to “build cooperation and to set up lines of communication in the event of an alarming incident.”

The negotiators agreed on two other measures, including an exchange of position papers, which has been completed. The United States gave the Russians the Pentagon’s strategy for cyberspace before it was published last July. In December, the Russians delivered a Ministry of Defense paper on the “information space” that affirmed that the law of armed conflict applies in cyberspace, although the Russians have said more rules may be needed.

The other measure would set up an ongoing exchange of basic, unclassified data on malicious cyber-activity between the Department of Homeland Security’s U.S. Computer Emergency Readiness Team and its counterpart in Russia.

“It’s a very good approach in bilateral relations to decrease tensions,” said Andrey Kulpin, an adviser on international cooperation at the Institute of Information Security Issues at Lomonosov Moscow State University. If either side sees what appears to be a cyberattack from the other, he said,“we have a direct line to discuss that and to have a clear vision that this is not from Russia or the United States.”

More national security coverage:

- White House approves CIA request to broaden drone campaign in Yemen

- Rubio’s foreign policy speech takes middle ground

- Defense spending skirmishes begin

- Read more national security news