Code and Dagger

View Original

Russians Over Wichita: Could 'Open Skies' Work in Cyberspace?

If a store manager just outside Wichita, Kansas happened to look to the sky on a clear day a week before the Fourth of July, he may have caught a glimpse of what was once unthinkable: a Russian spy plane cruising straight over the American heartland, cameras snapping away on the ground below.

Two weeks ago a Russian taxi driver in frozen Tiksi, a town on in the far northern Russia in the Arctic Circle, may have been able to do the same, only he would've seen a large surveillance jet on a joint American-Canadian intelligence-gathering mission lumbering through the air.

But the residents of Kansas and northern Russia need not be alarmed by the geopolitical adversaries above; this kind of things happens all the time.

Far from being secret missions, both flights were pre-approved by the U.S. and Russia and are only the latest in hundreds of similar cooperative surveillance flights conducted by more than 30 nations around the world over the last 15 years.

By the U.S. Department of State's count as of mid-July, there have been 1,377 flights by various countries -- including 66 by Russia over the U.S. and 104 by the U.S. over Russia -- under what's known as the Treaty on Open Skies.

Pilots with the 45th Reconnaissance Squadron from Offutt Air Force Base, Neb., fly an OC-135 Open Skies aircraft Jan. 16, 2010, over Haiti. (Credit: U.S. Air Force)

The treaty, signed by President George H.W. Bush in 1992 and entered into force in 2002, allows 34 signatory nations to coordinate surveillance flights within each other's borders and requires the imagery that is collected be shared with the nation that was overflown. As the State Department puts it, the treaty "is designed to enhance mutual understanding and confidence by giving all participants, regardless of size, a direct role in gathering information through aerial imaging on military forces and activities of concern to them."

"Open Skies is one of the most wide-ranging international arms control efforts to date to promote openness and transparency in military forces and activities," the department says.

Such an arrangement was first proposed back in 1955 by President Dwight D. Eisenhower as part of an arms reduction plan with the Soviet Union. Eisenhower said of his plan, "It would ease the fears of war in the anxious hearts of people everywhere. It would lighten the burdens upon the backs of the people."

The Soviets, however, rejected the idea then, and it would take the fall of the Berlin Wall for it to be put back on the table.

The treaty has not been without controversy, including recent allegations of Russian violations, but has generally been applauded by diplomats.

Have a tip for Code and Dagger? Send it to codeanddagger@protonmail.com.

Marking the treaty's 1,000th flight in 2012, the Chief Arms Control Delegate of the U.S. Mission to the Organization for Security and Co-operation in Europe (OSCE), Damian Leader, praised the treaty, saying it "has really increased confidence among the countries; it allowed interaction between thousands of inspectors from all the different countries. Sometimes we overlook the value of just an individual face-to-face contact between people from countries, which sometimes in the past have been adversaries, but are now joining this common effort at increasing confidence within the OSCE space."

Code and Dagger

Now, 62 years since the treaty was first proposed, security experts recently weighed in on a potential new application for the underlying idea of Open Skies that could ease fears in the 21st century and provide some stability to a new realm of conflict where there are few rules and the constant threat of lethal escalation: cyberspace. 

Could sovereign nations ever agree to coordinated virtual tours through their staging servers to reveal their cyber arsenals, in hopes of staving off catastrophe?

The answer, according a former senior U.S. intelligence official and two cybersecurity and statecraft experts, is that it is almost certainly too steep a mountain to climb right now, but the U.S., Russia and others had better at least lace up their boots.

"I'm not sure how viable the proposition is, but we have to get closer to something like that, where we have some degree of transparency of who's doing what in that space," former NSA Deputy Director Chris Inglis told Code and Dagger.

Jason Healey, a senior research scholar at Columbia University and an expert on cyber conflict on the nation-state level, said perhaps the biggest problem is one of definitions. Cyber operations exist in a gray haze between espionage and military operations, where the tools used in a cyber operation to gather intelligence on a target would not be very different from those used to attack it. And no nation would willingly expose its spying techniques.

"I get this argument on the surface, but most of the techs are on the market and most of the techniques have been published," Healey said in an email. "The main thing held back is information gleaned from classified 'defensive' penetrations of adversary intelligence and defense networks and intermediary hops... [I]n cyberspace, the United States has long held that espionage on its own is fair game."

Other tall hurdles are technical, owing to just how different the cyber landscape is from the real-world.

"Even if country A [was] granted access to a server, how would the inspecting country know there were not others?" said Adam Segal, Director of the Digital and Cyberspace Policy Program at the Council on Foreign Relations. "I don't think inspections and verification are very likely in this space... Open Skies works in part because of limited geographical regions looking at limited things. With cyber, too many devices in too many places doing too many things."

Inglis added that even if there was some sort of joint operations center where potential adversaries could look over each other's shoulders, "none of these potential participants are going to be able to speak to for all the parties that are engaged in the activity on a given network." (For instance, Russian President Vladimir Putin acknowledged it was possible that private, "patriotic" hackers may have attempted to interfere in the 2016 U.S. election.)

"Only so many people can generate an airplane," Inglis said. "It's much different in cyberspace."

But at least for Inglis, all hope is not yet lost for something like a Cyber Open Skies, even if the road is long.

First, he said, there has to be "policy-level subject matter expert exchanges," in which individuals can get together and develop a "basis of trust." 

Second, the U.S. government needs to figure out a better way to collaborate among its own allies in cyberspace. This step Inglis said he can see happening relatively quickly, pushed along by recurring cyber crises.

"There's been increasing awareness that the weak link in these hugely interconnected networks can kill any of us, or all of us," he said.

The toughest part would be the last: bringing rival nations like Russia and China into the fold.

There are bilateral discussions on cyber issues between several countries already, including the U.S. and China, and U.S. President Donald Trump discussed a joint cyber security unit with Russia, but Inglis said nothing yet is "anywhere close to having a group of people who in real-time share threat information."

"I just think there's so many things between here and there that make it harder to do that now," Inglis said. "There's just not a lot of trust built up."

Healey, the cyber statecraft expert, said he wouldn't mind if the U.S. stepped forward cautiously, if only just to see what happens.

"So, could a Cyber Open Skies proposal make some gains? Yes, I think so," he said. "Also, nothing else has worked, so perhaps some variation on the idea might lead to some restraint.

"I, like many, are open to new ideas," he said.

[Like what you see and read on Code and DaggerBecome a Patreon and help keep the lights on. Do you have a tip or question? Reach out at CodeAndDagger@protonmail.com.]