Anatoly Streltsov is the Vice-Director of Lomonosov Moscow State University’s Information Security Institute.
“Destabilizing the operation of the global information infrastructure can produce grave implications…” “A growing number of states utilize infor- mation weapons as support for or in lieu of traditional kinetic weapons…” “The level of confidence-building measures that states employ and how they are imple- mented will impact the development of infor- mation infrastucture…”
Creating confidence-building measures in the information sphere has become a major foreign policy priority for many states.1 Confidence-building measures and other collabora- tive efforts to counter military, terrorist, or criminal threats create conditions for the maintenance of international peace and security in the information sphere. Confidence- building measures in the information sphere are similar to confidence-building measures between militaries in that they are a set of measures that facilitate information sharing between states regarding their information and communica- tion technologies and strategies.2 The measures are created to neutralize the cyber threats of opposing states in peace- time and wartime, to prevent and resolve crises in the area of information infrastructure, to combat cybercrime and information terrorism, and to promote states’ national cul- tural values and political preferences in foreign countries.3
As such, confidence-building measures are used as instru- ments in maintaining international peace and security and provide an environment of mutual understanding between nations. This environment reduces the risk of a surprise attack on key national information infrastructure facili- ties or a politically-motivated, violent conflict triggered by “information weapons.” In this paper ‘information weaponry’ is defined as special information technologies and communications technologies; this includes attempts to violate computer security by using a piggyback entry, tail- gates, and aborted connections. Confi- dence is the only tool that can be used in international cooperation on cyber. Confidence is the first step in devel- oping proposals for the formation of responsible state behavior in the infor- mation sphere.
Information security has been dis- cussed at the UN General Assembly, at the UN Group of Governmental Experts, and at international con- ferences and seminars over the last decade.4 These discussions are impor- tant in that they have allowed the international community to develop the political capital required to reduce the danger posed by the malicious use of information and communications technologies, criminal organizations, and individuals. Meetings held between the United States and Russia in 2010 and 2011 on global information secu- rity demonstrate this potential. What emerged from these meetings is a joint U.S.-Russia statement on measures to enhance confidence in cyberspace. The statement recognizes that the rela- tionship between the two countries on cyberspace security has advanced to a new level, making it possible to build confidence and ensure transpar- ency. In addition to these efforts, the international community has already developed and implemented some con- fidence-building measures, examples include the exchange of information on cybersecurity between the members of NATO. Similar work in the field… (purchase article…)