A United Nations cybersecurity experts group meeting this month in Geneva should focus on encouraging UN member states to adopt existing cyber rules of the road and confidence-building measures rather than developing new ones, the U.S. delegate said Monday.
That’s a significant shift from a 2015 series of Group of Governmental Experts, or GGE, meeting, during which the U.S. pushed vigorously for a set of peacetime cyber norms, including that nations should not attack each other’s critical infrastructure such as energy plants and electrical grids.
During a round of GGE meetings in 2013, the experts group concluded the international laws that govern armed conflict should apply in cyberspace just as they do on land or at sea.
“We don’t need a continual norms machine ramping out a lot of norms,” State Department Deputy Coordinator for Cyber Issues Michele Markoff told an audience Monday at the Carnegie Endowment for International Peace.
“What we need to do is consolidate what we’ve done and get states to implement,” she said, “both in the internalization of the norms but also in the operationalization of [confidence-building measures] which will help the norms.”
Confidence-building measures include nations sharing information about transnational cyber threats and about national cybersecurity strategies.
Markoff will attend the third out of four GGE meetings the week of Feb. 20, a State Department official said. The final meeting will take place in June, the official said.
The experts group, which is composed of diplomats from 25 nations including Russia and China, has functioned something like an advisory committee on international cybersecurity. Principles endorsed by the group remain voluntary and nonbinding for UN member states but generally form a line of accepted behavior that nations don’t want to be seen openly crossing.
Other peacetime cyber “norms” endorsed by the 2015 experts’ group include commitments that nations should not attack each other’s cyber emergency responders and should assist other nations in investigating cyberattacks launched from their territory.
The U.S. has often faced resistance in the expert’s group from Russian and Chinese delegates who are concerned the U.S. wants to leverage cyber norms to ensure its own hegemony in cyberspace.
Markoff expressed optimism Monday that the U.S. and Russia can cooperate on some international cyber priorities despite tension created by non-cyber conflicts such as the Russian occupation of Crimea.
That work may be aided by the Trump administration’s efforts to repair relations with its former Cold War adversary, she said.
“Despite the decline in U.S.-Russian relations over the last several years, U.S.-Russia cyber relations have been, in fact, a bright spot. I say that with all sincerity,” she said, listing several international forums in which the nations have reached agreement on cyber issues. “As a long-time arms controller … I find that talking to [Russian officials] is much better than not talking to them.”
Markoff added while the U.S. and Russia can be “fellow travelers on a road which is designed to prevent conflict from escalating into open warfare,” the two will often have different broader goals.
Markoff did not address the Russian government-backed hacking of Democratic political organizations during the 2016 election, which U.S. intelligence officials say was designed to aid the electoral chances of President Donald Trump.
That influence operation did not specifically violate any of the cyber norms endorsed by the 2015 GGE because the U.S. government did not, at that point, consider electoral systems critical infrastructure.
However, the Obama administration repeatedly described the Russian electoral meddling as outside larger bounds of appropriate state behavior and President Barack Obama termed the meddling an “unusual and extraordinary threat to the national security, foreign policy, and economy of the United States” when imposing additional sanctions on Russia.
The Homeland Security Department added electoral systems to its list of critical infrastructure categories during the final weeks of the Obama administration, despite protests from some state-level officials. The Trump administration has done nothing so far to reverse that decision.
A Russia-linked attack on Ukraine’s power grid last year also did not violate the GGE norm prohibiting critical infrastructure attacks, Markoff said Monday, because the norms apply only in peacetime and the U.S. considers Russia and Ukraine to be in a state of open conflict.
“You can say Russia violated a whole lot of other things—I mean, killing people—but they are not violating this norm,” Markoff said.