Navigating the Digital Divide; A Game-Theoretic Forecast for a Post-Ukraine War US-Russia Cyber Treaty

by Vladimir Tsakanyan

I. Introduction: The Shifting Sands of Cyber Diplomacy

Cyberspace has emerged as a critical and increasingly volatile domain in contemporary great power competition, profoundly influencing international relations. Its inherent characteristics, such as the pervasive difficulty of attribution, the offensive advantage it often confers, and the remarkably low barriers to entry, render it a “tenuous affair” that necessitates a “meticulous structure to avert miscalculation”.¹ The ongoing conflict in Ukraine represents a significant inflection point, dramatically reshaping US-Russia relations and injecting new urgency into discussions surrounding cyber stability.² This conflict has not only escalated tensions but also highlighted the “higher likelihood of conflicts over sources of information and the capability of cyber incidents to endanger key assets”.² The unique nature of cyber operations further complicates matters by “blurring the line between peace and war,” where actions below the traditional threshold of armed conflict can still inflict substantial damage and provoke responses.³

The international community faces a strategic paradox: while the intrinsic attributes of cyberspace make comprehensive agreements challenging to achieve, the escalating geopolitical tensions underscore the imperative for some form of understanding to manage miscalculation and unintended escalation. Global challenges, including the pervasive threat of cyberattacks, inherently demand “cross-boundary collaboration”.² However, the rising animosities between major powers, particularly between the United States and Russia, actively hinder such cooperation.² This report aims to analyze the potential contours of a hypothetical US-Russia cyber treaty in the aftermath of the Ukraine War. It will draw crucial lessons from the preceding US-China cybersecurity agreement, employ game-theoretic principles to predict the potential effectiveness of such a treaty, and forecast its long-term implications for the domestic cybersecurity policies of both nations and the broader global cyber landscape over the next decade.

II. The US-China Cybersecurity Agreement (2015): A Blueprint of Mixed Results

The 2015 US-China Cybersecurity Agreement serves as a pivotal case study for bilateral cyber diplomacy, offering valuable insights into the complexities and limitations of such accords. A primary objective of this agreement was the mutual commitment that neither country would “knowingly support cyber-enabled theft of intellectual property…with the intent of providing competitive advantages to companies or commercial sectors”.⁴ This accord was announced at a joint press conference with then-U.S. President Barack Obama and Chinese General Secretary Xi Jinping, signaling a high-level commitment.⁴

Initial assessments of the agreement’s impact were notably positive. FireEye, a prominent cybersecurity company, reported an “immediate reduction” and “nearly 90 percent” tumble in the frequency of Chinese-related cyber intrusions specifically targeting intellectual property theft by mid-2016.⁵ This demonstrated that focused, verifiable commitments could indeed lead to short-term behavioral changes. Dialogue also continued through forums such as the U.S.-China Law Enforcement and Cybersecurity Dialogue (LECD) in 2017, which addressed broader cybercrime and critical infrastructure protection issues.⁶ Diplomatic negotiations, in general, aim to clarify top priorities, mitigate conflict risks, capitalize on opportunities for coordination on shared challenges, and resolve ripe areas of dispute.⁷

However, the perceived long-term effectiveness of the 2015 agreement proved to be more nuanced. The Trump administration and other observers later deemed it “ineffective” ⁴ and “not effective in and of itself in terms of achieving cooperation in cyberspace and the cessation of economic espionage”.¹ This apparent contradiction between initial success and later ineffectiveness highlights a critical dynamic: while specific, verifiable commitments can yield temporary behavioral adjustments, a lack of engagement with underlying strategic divergences can lead to an adversary adapting tactics rather than abandoning malicious intent. The agreement, in the view of some analysts, “merely represent[ed] open dialogue to relieve the pressure, affording China space to recalibrate its cyber strategy to enhance the sophistication of the cyber intrusions while significantly reducing detection”.¹ Furthermore, the agreement did not explicitly address China’s perceived “right to conduct military espionage” ¹, indicating a significant definitional gap that China could exploit. This suggests that the agreement’s initial success in reducing detectable commercial IP theft might have been a tactical maneuver to alleviate economic pressure, rather than a fundamental shift in China’s broader cyber objectives.

A core lesson from this experience is the profound ideological difference in understanding cyber sovereignty and information control. China consistently frames its endeavors in terms of “nationalism” and “sovereignty to prevent other countries from interfering with its internal affairs”.¹ It views concepts such as “freedom of expression, human rights, and open and reliable internet as a threat to its national security and political survival”.¹ This fundamental divergence creates a significant chasm that limits the scope and enforceability of agreements. What one side considers legitimate national security, the other may view as interference, making it challenging to establish universally accepted norms or “rules of the road.” Any treaty attempting to regulate cyber behavior will inevitably encounter these differing interpretations of what constitutes “interference” or “malicious activity.”

To illustrate these points, Table 1 summarizes the key provisions and observed effectiveness of the 2015 US-China Cybersecurity Agreement.

Table 1: Key Provisions and Effectiveness of US-China 2015 Cyber Agreement

Provision	Initial Impact (Short-term)	Long-term Effectiveness (Perceived)	Lessons Learned for US-Russia
No cyber-enabled IP theft for commercial gain 4	“Nearly 90% reduction” in reported intrusions by mid-2016 5	“Ineffective” by Trump administration; China “recalibrated cyber strategy” 1	Specific commitments can yield temporary compliance, but underlying strategic intent may persist through adaptation.
Information sharing mechanisms 4	Established Law Enforcement and Cybersecurity Dialogue (LECD) 6	Continued dialogue, but limited impact on broader malicious activities 1	Dialogue is necessary but insufficient without addressing fundamental differences in cyber norms.
Establishing that neither country will support cyber-enabled IP theft 4	Reduced pressure, afforded China space to recalibrate 1	Did not achieve “cessation of economic espionage” or address military espionage 1	Agreements must clearly define scope (e.g., commercial vs. military espionage) and address differing interpretations of sovereignty.

III. US-Russia Cyber Relations: A History of Hostility and Sporadic Dialogue

The history of US-Russia cyber relations is characterized by profound mistrust and adversarial engagements, a dynamic significantly exacerbated by the ongoing conflict in Ukraine.³ Despite this, there have been sporadic attempts at confidence-building measures (CBMs). Notably, agreements in 2013 and 2016 involved establishing a new working group under the Bilateral Presidential Commission, arranging for the sharing of threat indicators between US-CERT and its Russian counterpart, utilizing the Nuclear Risk Reduction Center (NRRC) links for formal inquiries, and authorizing a direct secure voice communications line between high-level cybersecurity officials.³ These efforts aimed to increase transparency and reduce the possibility of misinterpretation or escalation from cyber incidents.¹⁰

However, the Ukraine War has dramatically escalated tensions. Russia is actively engaged in an “escalating and violent campaign of sabotage and subversion” against European and U.S. targets, with the number of attacks nearly tripling between 2023 and 2024.¹² Russian General Staff Main Intelligence Directorate (GRU) unit 26165 (also known as APT28 or Fancy Bear) has been consistently targeting Western logistics entities and technology companies, including those involved in providing foreign assistance to Ukraine.¹³ These operations demonstrate a persistent and serious cyber threat from Russia.¹⁴

A recent episode further illustrates the complexities and mistrust. Reports emerged of a halt in US offensive cyber operations against Russia, interpreted by some as a “diplomatic signal” to normalize relations.¹⁵ This was seen as a stark departure from the previous administration’s “defend forward” strategy, which involved actively engaging Russian networks to disrupt threats.¹⁵ However, this reported “halt” was later clarified by a senior House lawmaker as a “one-day pause,” with strong bipartisan condemnation of the perceived policy reversal and leadership changes within US Cyber Command.¹⁶ This episode reveals a significant internal US policy struggle and a deliberate strategy of ambiguity. For Russia, such mixed signals could deepen existing mistrust, making future negotiations fraught with uncertainty regarding the US’s true long-term cyber posture. If commitments appear temporary or subject to rapid internal shifts, building the mutual confidence necessary for effective cyber arms control becomes exceedingly difficult.

A fundamental obstacle to cooperation stems from Russia’s distinct conceptualization of cyber operations. Unlike many Western countries that publish explicit “cyber strategies,” Russia does not have a defined “cyber strategy document”.¹⁴ Instead, it frames cyber activities within a broader “information security” concept, viewing them as an integral part of “information warfare”.¹⁷ This holistic approach includes computer network operations, electronic warfare, psychological operations, and disinformation campaigns aimed at undermining, manipulating, and misleading information to advance political and military objectives.¹⁷ Russia also strives for “uncompromising control over its domestic cyberspace” through legislation like the Yarovaya Law, which allows it to restrict information flow for political stability.¹⁷ This doctrinal divergence means that while the US might seek to limit cyberattacks on critical infrastructure, Russia might consider information operations that interfere with foreign elections or spread disinformation as legitimate tools of statecraft, making it exceedingly difficult to establish shared norms or define “red lines” for a treaty.

Compounding these challenges is the pervasive role of non-state actors within Russia’s cyber ecosystem. Russia is home to a “complex ecosystem of cyber actors,” including military forces, security agencies, state-recruited cybercriminals, and patriotic hackers.¹⁴ These groups often operate with “little interference – and likely with active backing – from the Kremlin”.¹⁵ Even if the Russian state were to agree to certain norms in a treaty, controlling or being held accountable for the actions of these quasi-state actors presents a significant challenge. The inherent difficulty of attributing cyberattacks definitively ³ further complicates holding Russia accountable for actions by these groups. This means that provisions against state-sponsored cybercrime or IP theft could become largely symbolic without robust and mutually accepted attribution and enforcement mechanisms that address this complex web of actors.

IV. Crafting a Post-Ukraine War US-Russia Cyber Treaty: A Strategic Framework

Negotiating a cyber treaty between the United States and Russia in the aftermath of the Ukraine War presents both compelling strategic imperatives and formidable obstacles. The primary driver for such an agreement would be the mutual interest in preventing catastrophic attacks on critical infrastructure, which could result in “economic losses, political instability… and the destruction of military and civilian infrastructure” for both nations.³ The US has consistently emphasized the importance of barring attacks on critical infrastructure ³, and both NATO and the EU are actively strengthening their resilience in this area.¹² Another potential area for limited cooperation is combating financially motivated cybercrime, where both states face common threats from third parties and view misinformation and disinformation as problematic.³ Past agreements have shown a willingness to engage in information sharing and establish hotlines to manage cyber incidents.⁶ Future confidence-building measures (CBMs) could build on these foundations, emphasizing bilateral engagement, Track 2 or 1.5 dialogues, mutual understanding of “red lines,” and greater transparency in cyber doctrine.³

However, the path to a meaningful treaty is fraught with significant sticking points. Deep-seated mutual mistrust remains a primary impediment, making a “formal, binding bilateral agreement… not possible now due to mutual mistrust, misunderstanding and stark differences”.³ The challenge of attributing cyberattacks with certainty is another major hurdle, given the “lack of consensus concerning the threshold of evidence required for definitive attribution” and the ease with which digital evidence can be spoofed.³

A critical definitional gap lies in the “below-threshold” dilemma. Both countries have a history of engaging in cyber operations that cause significant disruption but fall below the traditional threshold of armed conflict, a strategic preference for “coercive activities against a state below a threshold that is likely to trigger a costly or risky conventional war”.¹² The absence of a physical battlefield and the inherent difficulties in attributing attacks exacerbate the challenge of defining what constitutes a “significant” cyber incident or an “armed attack” that would trigger a treaty violation or response.¹⁹ Without clear and mutually accepted “red lines,” a treaty risks becoming a “paper tiger,” unable to deter or punish actions that cause harm but remain in this ambiguous gray zone.

Furthermore, fundamental disagreements on cyber norms and sovereignty persist. The US generally insists that existing international law fully applies to cyberspace, while Russia advocates for a new treaty specifically tailored to the domain.²⁶ Russia’s emphasis on “uncompromising control over its domestic cyberspace” and its differing views on content and expression create a conceptual divide that complicates the establishment of shared norms.⁹ The pervasive role of Russia’s state-sponsored or tolerated non-state cyber actors, including cybercriminals and patriotic hackers ¹⁴, further complicates accountability and verification. Legally binding conventions based on “no-first-use” principles, technology restrictions, or demanding verification are generally considered unworkable in the cyber domain.²⁴

The inherent challenges of attribution in cyberspace represent the primary obstacle to the stability and enforceability of any US-Russia cyber treaty. The ability to spoof evidence, coupled with the lack of consensus on the necessary threshold of evidence for definitive attribution, means that even when a victim can identify a perpetrator, they may not choose to assign blame due to the complexities of response.²¹ Without reliable and mutually accepted verification mechanisms, game-theoretic “punishment strategies” for defection become largely ineffective, undermining the very foundation of cooperation. This means that even if specific prohibitions are agreed upon, the practical effectiveness of the treaty hinges entirely on the development and mutual acceptance of robust attribution and verification mechanisms, potentially involving third-party or private sector expertise.³ Without this, the treaty risks being a symbolic gesture rather than a genuinely binding agreement.

V. Game Theory and Treaty Effectiveness: A Strategic Prediction

Game theory provides a powerful mathematical framework for understanding strategic interactions, offering disciplined and rigorous solutions by explicitly considering the dynamics between multiple parties.²⁰ In the context of a US-Russia cyber treaty, the strategic interaction can be modeled as a repeated game, where each country decides whether to “cooperate” (adhere to treaty norms) or “defect” (engage in malicious cyber activities).

The classic Prisoner’s Dilemma illustrates how individual rationality can lead to suboptimal collective outcomes.³⁵ In cyberspace, this could mean both nations defecting (engaging in cyberattacks) if they fear the other will, even if mutual cooperation would yield a better outcome for both. However, in an iterated Prisoner’s Dilemma, cooperation can emerge if the game is perceived to have an unknown or infinite number of rounds.³⁵ This allows for the development of “tacit agreements” and strategies like “grim trigger” (cooperate until the opponent defects, then defect forever) or “forgiveness” strategies.³⁵ Stability in such games is achieved when the short-term gains from defection are outweighed by the anticipated long-term losses from retaliation.³⁸

For a US-Russia cyber treaty to foster stable cooperation, it is essential that both parties perceive it as an iterated game with an indefinite future, rather than a finite, temporary arrangement. Given the historical volatility of US-Russia relations and the transactional nature of some past diplomatic engagements (e.g., the brief “one-day pause” in US cyber operations ¹⁶), there is a tangible risk that a cyber treaty could be viewed as a temporary political maneuver. If this perception takes hold, game theory predicts that the dominant strategy for both players would be to defect in all rounds, undermining any cooperative gains.³⁵ Therefore, the treaty’s design and the diplomatic efforts surrounding it must actively cultivate a perception of long-term commitment, establishing enduring mechanisms for dialogue and demonstrating that the sustained benefits of cooperation (e.g., reduced escalation risk, stable critical infrastructure) outweigh any fleeting gains from defection.

However, a significant constraint on the effectiveness of game-theoretic punishment strategies in cyberspace is the inherent difficulty of attribution. While “trigger strategies” and “punishment mechanisms” are crucial for sustaining cooperation ³⁷, the pervasive challenges in attributing cyberattacks with certainty severely limit their efficacy.³ Digital evidence can be spoofed, and even when a victim can technically identify a perpetrator, strategic considerations may lead them not to assign blame publicly.²¹ If a state can violate a treaty (defect) without reliable identification, the deterrent effect of punishment is diminished, increasing the incentive for covert malicious activity and undermining the cooperative equilibrium. This creates a “moral hazard” where states might agree to norms but continue covert operations, knowing that the risk of detection and retaliation is low. Therefore, for a treaty to be effective, it must either miraculously solve the attribution problem (which is highly unlikely given current technological realities) or incorporate alternative mechanisms for accountability that do not solely rely on perfect attribution, such as shared threat intelligence and joint investigations. Increased transparency in doctrine and operations, as suggested by game theory, could help foster trust and reduce uncertainty, making it harder to deny culpability and thus strengthening deterrence.²³

Table 2 outlines hypothetical elements of a US-Russia cyber treaty, assessing their potential payoffs and game-theoretic implications for stability.

Table 2: Hypothetical US-Russia Cyber Treaty: Proposed Elements and Game-Theoretic Considerations

Proposed Treaty Element	US Payoff (Cooperate/Defect)	Russia Payoff (Cooperate/Defect)	Game Theory Implication for Stability
No first-use against critical civilian infrastructure 3	Cooperate: High gain (reduced risk to own infra). Defect: Medium gain (disruption to Russia), High loss (retaliation risk)	Cooperate: High gain (reduced risk to own infra). Defect: Medium gain (disruption to US), High loss (retaliation risk)	Potential for Nash Equilibrium if mutual deterrence is strong and attribution is reliable enough to trigger punishment. Requires clear definition of “critical infrastructure” and “first-use.”
Joint cybercrime task force 3	Cooperate: Medium gain (reduced cybercrime impact). Defect: Low gain (resource saving), Medium loss (continued cybercrime threats)	Cooperate: Medium gain (reduced cybercrime impact). Defect: Low gain (resource saving), Medium loss (continued cybercrime threats)	More likely to achieve cooperation due to shared interest against third-party threats. Benefits from repeated interaction and information sharing.10
Mutual information sharing on threats 6	Cooperate: High gain (enhanced defense). Defect: Low gain (intelligence advantage), High loss (vulnerability to undetected threats)	Cooperate: High gain (enhanced defense). Defect: Low gain (intelligence advantage), High loss (vulnerability to undetected threats)	Fosters trust and reduces uncertainty. Stability is high if both perceive long-term benefit from shared defense, but sensitive to trust erosion if information is misused.
Hotline expansion & direct communication 10	Cooperate: High gain (crisis de-escalation). Defect: Low gain (strategic ambiguity), High loss (miscalculation leading to escalation)	Cooperate: High gain (crisis de-escalation). Defect: Low gain (strategic ambiguity), High loss (miscalculation leading to escalation)	Essential for managing misperception and preventing unintended escalation. High stability as benefits are clear and immediate, even amidst broader competition.3
Transparency in cyber doctrine 23	Cooperate: Medium gain (reduced miscalculation). Defect: Low gain (retained operational secrecy), Medium loss (increased mistrust)	Cooperate: Medium gain (reduced miscalculation). Defect: Low gain (retained operational secrecy), Medium loss (increased mistrust)	Aims to reduce uncertainty about intentions and red lines. Stability depends on willingness to reveal sensitive information, which is often low for offensive capabilities.

VI. Policy Implications: Domestic and Foreign Policy Shifts

A hypothetical US-Russia cyber treaty would necessitate significant adjustments to the domestic cybersecurity policies of both nations and profoundly influence their broader foreign policy and diplomatic engagements in cyberspace.

For the United States, such an agreement would likely compel a re-evaluation of its “defend forward” strategy, which involves actively engaging adversaries within their own networks to prevent threats from materializing.¹⁵ While the US has recently shifted its domestic cybersecurity focus towards prioritizing resilience and action, with increased responsibility for state and local governments in critical infrastructure protection ³⁹, a treaty might introduce new constraints on offensive cyber operations or require a more precise definition of acceptable proactive defense. The US intelligence community’s mandates, including the development of a National Resilience Strategy and National Risk Register, would need to align with treaty obligations, potentially impacting how resources are allocated and information is shared with private sector and sub-national entities.³⁹ The State Department’s cyber bureau, which rapidly deploys resources to allies under attack ⁴⁰, would need to navigate the implications of any bilateral non-interference clauses.

Conversely, Russia’s domestic cybersecurity policy is deeply rooted in its “sovereign internet” ambitions and its broader information warfare doctrine. Russia consistently strives for “uncompromising control over its domestic cyberspace,” restricting information flow through legislation like the Yarovaya Law, which was enacted in 2016.¹⁷ Russia views cyber operations not as a distinct domain but as an integral part of “information warfare,” encompassing psychological operations and disinformation to achieve political and military objectives.¹⁷ This fundamental difference in doctrine creates an inherent imbalance in reciprocal commitments. While the US might adapt its external cyber operations and internal resilience measures, Russia is highly unlikely to compromise its deep-seated commitment to information control and a sovereign internet, which it views as essential for political stability. This asymmetry means that if the US agrees to limit certain activities, but Russia maintains its strict domestic controls (which can be leveraged for external influence or internal repression without explicit treaty violation), the perceived fairness and long-term stability of the agreement will be challenged.

The control over non-state actors represents another critical domestic policy challenge for Russia. Its “complex ecosystem of cyber actors,” including state-recruited cybercriminals and patriotic hackers, often operates with implicit state backing.¹⁴ A treaty would require Russia to exert greater control over these groups, which historically have operated with considerable impunity. This would necessitate a significant shift in Russia’s internal governance of its cyber ecosystem, a change that may be difficult to implement or verify.

On the foreign policy and diplomatic front, the success or failure of a US-Russia cyber treaty would significantly influence the broader development of international cyber norms and global cyber governance. Currently, there is a division: the US and its allies generally insist that existing international law applies to cyberspace, while Russia and its partners advocate for a new, tailored treaty.²⁶ Both sides, however, acknowledge the need for “rules of the road”.³

A successful, even if limited, agreement could serve as a pragmatic model for other major powers and foster broader multilateral cooperation. Focused agreements on specific issues are considered more achievable and could “improve international security” by reducing miscalculation and escalation.²⁴ Such a bilateral framework could provide a much-needed blueprint or confidence boost for broader international efforts, potentially bridging the existing normative divide and encouraging enhanced diplomatic channels and data-sharing agreements among other nations.³⁴

Conversely, if the treaty proves ineffective due to deep-seated mistrust, persistent attribution issues, or fundamental doctrinal differences, it could reinforce global skepticism about the feasibility of cyber arms control. This would likely lead to increased unilateral defensive and offensive cyber capabilities, further fragmentation of global cyber governance, and a more competitive, less regulated international cyber environment. The outcome of this bilateral effort will therefore serve as a critical bellwether for the future trajectory of international cyber relations. Recent shifts, such as the US reassessment of Russia as a cyber threat, already signal a strategic shift in cyber geopolitics, highlighting the fluidity of the environment.⁴²

VII. The Global Cybersecurity Landscape in 10 Years: A Forward Look

Projecting the global cybersecurity landscape a decade after a hypothetical US-Russia cyber treaty reveals a complex interplay of technological advancement, geopolitical dynamics, and persistent challenges.

The evolution of cyber threats will be driven by the accelerating impact of emerging technologies, irrespective of bilateral agreements. AI-driven malware will become more sophisticated, capable of mutating malicious code in real-time to evade detection.⁴³ The integration of AI and quantum computing is already fundamentally altering the nature of cyber warfare, introducing new capabilities for both offense and defense.²⁰ The proliferation of 5G/6G networks and the expanding Internet of Things (IoT) will create novel and widespread vulnerabilities, expanding the attack surface for malicious actors.²⁰ Zero-day attacks, ransomware, and targeted threats against financial systems and communication channels will persist and become more potent.⁴³ This continuous and accelerating technological arms race means that while a treaty might temper state-on-state attacks between the signatories, it will not halt the underlying technological progression or its exploitation by a diverse array of state and non-state actors. This will likely exacerbate the “cyber inequity gap” globally, where larger, well-resourced organizations and nations strengthen their defenses, while smaller entities struggle to keep pace with the rapidly evolving threat landscape.⁴⁴

The impact of a US-Russia treaty on global cyber governance and stability will be significant, acting as either a catalyst or a confirmation of impasse. The cyberspace is characterized by increasing complexity, necessitating urgent international cooperation to mitigate threats.⁴⁴ The absence of borders in cyberspace inherently demands a multi-stakeholder governance approach.²⁵ A successful, even if limited, US-Russia agreement could provide a much-needed model and impetus for broader international norms and multilateral cooperation, especially given that both nations are “front-runners on global cyber-policy discussions”.²⁶ It could demonstrate that pragmatic agreements are possible even between adversaries, potentially inspiring other nations and multilateral forums to pursue similar arrangements, and fostering a more regulated and predictable global cyberspace. Emerging powers are also likely to play a greater role in managing conflict and defining norms, and a US-Russia treaty could influence their approach.²

However, if the treaty proves ineffective due to the deep-seated challenges discussed previously, it could reinforce global skepticism about the feasibility of comprehensive cyber arms control. This would likely lead to further fragmentation of global cyber governance, with states prioritizing unilateral defensive and offensive cyber capabilities, resulting in a more competitive and less cooperative international cyber environment. The treaty’s outcome will, therefore, be a critical bellwether for the future of international cyber relations.

Persistent challenges will continue to shape the global cybersecurity landscape regardless of a bilateral treaty. The critical global shortage of skilled cybersecurity professionals will remain a significant impediment to effective defense across all sectors and nations.⁴³ Limited budgets will continue to clash with dynamic and escalating threats, particularly for smaller entities.⁴³ Furthermore, the lack of international consensus on legal frameworks for combating cybercrime will continue to hinder global enforcement efforts, allowing cybercriminal networks to thrive.²⁷

Table 3 provides a forecast of the global cybersecurity landscape in a 10-year horizon, considering the influence of a hypothetical US-Russia cyber treaty.

Table 3: Global Cybersecurity Landscape Forecast: 10-Year Horizon

Key Trend	Current Status/Trajectory	Forecasted Impact in 10 Years	Influence of US-Russia Treaty
AI in Cyber Warfare	Machine learning used for malware mutation; AI fundamentally altering cyber warfare 20	Increased sophistication of attacks, automated exploitation of vulnerabilities, AI-driven defense systems become standard, leading to AI-vs-AI cyber conflicts.	May mitigate state-on-state AI-driven attacks if explicitly covered, but will not halt global development or weaponization of AI by other actors.
Quantum Computing Threats	Theoretical threat to current encryption; intercepted data stockpiled for future decryption 43	Post-quantum cryptography becomes essential; nation-states with quantum capabilities pose existential threat to encrypted data.	Unlikely to directly address quantum computing’s impact, as it’s a long-term technological shift beyond immediate behavioral norms.
IoT Vulnerabilities	Expanding IoT and 5G/6G networks create novel vulnerabilities 20	Massive increase in attack surface; widespread disruption of critical services via compromised IoT devices; new vectors for espionage and sabotage.	Limited direct impact; treaty might address state-sponsored attacks on IoT-enabled critical infrastructure, but not fundamental device security.
Cyber Inequity Gap	Widening gap between large and small organizations in cyber resilience 44	Disparities in defense capabilities become more pronounced; smaller nations/SMEs remain highly vulnerable, exacerbating global instability.	Unlikely to solve global talent/inequity issues; may indirectly encourage capacity building in allied nations, but core problem persists.
Talent Shortage	Critical global shortage of skilled cybersecurity professionals 43	Chronic skill deficits persist, hindering effective defense and innovation across all sectors and nations.	No direct impact; the treaty focuses on state behavior, not workforce development.
Global Cyber Governance	Divisions on international law vs. new treaty; need for multi-stakeholder approach 25	Could foster broader international norms if successful, or reinforce skepticism if ineffective, leading to further fragmentation.	Serves as a critical precedent; its success or failure will significantly shape the willingness of other nations to pursue similar agreements.

VIII. Conclusion: Navigating the Complexities of Cyber Peace

A post-Ukraine War cyber treaty between the United States and Russia, while strategically imperative for managing escalation risks in a volatile domain, is likely to yield nuanced and limited effectiveness rather than a comprehensive “cyber peace.” Drawing lessons from the US-China agreement, it is evident that while specific, verifiable commitments, such as those against critical infrastructure attacks or certain forms of cybercrime, can lead to short-term behavioral adjustments, they often fail to address deeper strategic divergences. Both nations operate under fundamentally different cyber doctrines, with Russia viewing cyber operations as integral to a broader information warfare strategy that encompasses domestic information control, a stance that clashes with Western ideals of an open internet.

The inherent characteristics of cyberspace, particularly the persistent challenges of attribution and the pervasive role of state-sponsored or tolerated non-state actors in Russia’s cyber ecosystem, represent the primary impediments to treaty stability. Game theory predicts that for cooperation to endure, both parties must perceive the agreement as an iterated game with an indefinite future, where the long-term benefits of cooperation outweigh the short-term gains of defection. However, the difficulty in reliably attributing attacks diminishes the effectiveness of punishment mechanisms, creating a “moral hazard” that could incentivize covert malicious activity. Without robust and mutually accepted verification mechanisms, any agreement risks becoming largely symbolic.

The policy implications of such a treaty are asymmetric. The US might need to recalibrate its “defend forward” posture and further decentralize critical infrastructure protection, while Russia is unlikely to compromise its “sovereign internet” ambitions or its holistic information warfare doctrine. This imbalance in reciprocal commitments could lead to continued friction. Globally, the treaty’s effectiveness will serve as a critical precedent. A successful, even if limited, agreement could provide a much-needed model for broader international norms and multilateral cooperation, potentially bridging existing normative divides. Conversely, an ineffective treaty could reinforce skepticism about cyber arms control, pushing the global landscape towards greater fragmentation and unilateralism.

Looking ahead a decade, the global cybersecurity landscape will continue to be shaped by an accelerating technological arms race driven by AI, quantum computing, and IoT, irrespective of a bilateral treaty. These advancements will introduce new vulnerabilities and sophisticated threats, likely exacerbating the “cyber inequity gap” between well-resourced and less-resourced entities, and compounding the chronic global shortage of skilled cybersecurity professionals.

Given these complexities, policymakers should pursue a pragmatic approach focused on limited, verifiable agreements in areas of clear mutual interest, such as preventing catastrophic attacks on critical civilian infrastructure and combating financially motivated cybercrime. Sustained, high-level dialogue and the expansion of confidence-building measures, including enhanced information sharing and direct communication channels, remain crucial to manage escalation risks and foster incremental trust. Furthermore, international efforts must continue to develop and promote universal cyber norms, even in the absence of a comprehensive treaty, while simultaneously investing in global cybersecurity capacity building and addressing the widening disparities in defense capabilities to build a more resilient and predictable cyberspace for the future.

Works cited

1. The Implications of Cyber on US-China Relations – SOMNIA – Spotlight on Military News and International Affairs, accessed June 4, 2025, https://www.cfc.forces.gc.ca/259/290/402/305/johnsonj.pdf
2. Russia-Ukraine War Beyond 2025: Shuffling US-Russia Relations and World Order – Modern Diplomacy, accessed June 4, 2025, https://moderndiplomacy.eu/2025/01/18/russia-ukraine-war-beyond-2025-shuffling-us-russia-relations-and-world-order/
3. US-Russian Contention in Cyberspace – Belfer Center, accessed June 4, 2025, https://www.belfercenter.org/publication/us-russian-contention-cyberspace
4. 2015 United States–China Cybersecurity Agreement – Wikipedia, accessed June 4, 2025, https://en.wikipedia.org/wiki/2015_United_States%E2%80%93China_Cybersecurity_Agreement
5. Confronting China’s Efforts to Steal Defense Information | The Belfer …, accessed June 4, 2025, https://www.belfercenter.org/publication/confronting-chinas-efforts-steal-defense-information
6. First U.S.-China Law Enforcement and Cybersecurity Dialogue – Department of Justice, accessed June 4, 2025, https://www.justice.gov/archives/opa/pr/first-us-china-law-enforcement-and-cybersecurity-dialogue
7. Why should America negotiate with China? – Brookings Institution, accessed June 4, 2025, https://www.brookings.edu/articles/why-should-america-negotiate-with-china/
8. Foreign Ministry Spokesperson’s Remarks on U.S. Media’s Distorted and False Report on China-US Cybersecurity Dialogue, accessed June 4, 2025, https://www.mfa.gov.cn/eng/wjb/zzjg_663340/jks_665232/jkxw_665234/202504/t20250414_11594102.html
9. US-Russia Relations on Cyber Security, accessed June 4, 2025, https://alu.spbu.ru/images/US-Russia/US_Russia_Relations_on_Cyber_security_by_poojika_Amarakoon.pdf
10. FACT SHEET: U.S.-Russian Cooperation on Information and Communications Technology Security | whitehouse.gov – Obama White House, accessed June 4, 2025, https://obamawhitehouse.archives.gov/the-press-office/2013/06/17/fact-sheet-us-russian-cooperation-information-and-communications-technol
11. Cyber – State.gov, accessed June 4, 2025, https://2009-2017.state.gov/p/eur/ci/rs/usrussiabilat/c60405.htm
12. Russia’s Shadow War Against the West – CSIS, accessed June 4, 2025, https://www.csis.org/analysis/russias-shadow-war-against-west
13. Russian GRU Targeting Western Logistics Entities and Technology Companies – CISA, accessed June 4, 2025, https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-141a
14. Unpacking Russia’s cyber nesting doll – Atlantic Council, accessed June 4, 2025, https://www.atlanticcouncil.org/content-series/russia-tomorrow/unpacking-russias-cyber-nesting-doll/
15. US Halts Defensive Cyber Activities Against Russia: A Digital ‘Withdrawal’ from Europe, accessed June 4, 2025, https://blog.prif.org/2025/03/13/us-halts-defensive-cyber-activities-against-russia-a-digital-withdrawal-from-europe/
16. Key lawmaker says pause in offensive cyber operations against Russia lasted one day, accessed June 4, 2025, https://therecord.media/us-pause-offensive-cyber-operations-russia-lasted-one-day-rep-bacon-says
17. Russian Cyber Information Warfare – Marine Corps University, accessed June 4, 2025, https://www.usmcu.edu/Outreach/Marine-Corps-University-Press/MCU-Journal/JAMS-vol-12-no-1/Russian-Cyber-Information-Warfare/
18. The Cyber Crucible: Eastern Europe, Russia, and the Development of Modern Warfare, accessed June 4, 2025, https://www.armyupress.army.mil/Books/Browse-Books/iBooks-and-EPUBs/-Cyber_Crucible/
19. The unintended consequences of deterring cyber attacks through nuclear weapons and international law | European Leadership Network, accessed June 4, 2025, https://europeanleadershipnetwork.org/commentary/the-unintended-consequences-of-deterring-cyber-attacks-through-nuclear-weapons-and-international-law/
20. Cyber Conflict Game Theory: Strategic Analysis of Global Cyber Crises in the 2000s, accessed June 4, 2025, https://securityanddefence.pl/Cyber-Conflict-Game-Theory-Strategic-Analysis-of-Global-Cyber-Crises-in-the-2000s,203979,0,2.html
21. Strategic aspects of cyberattack, attribution, and blame – PNAS, accessed June 4, 2025, https://www.pnas.org/doi/10.1073/pnas.1700442114
22. New strategy for a new domain | The American Legion, accessed June 4, 2025, https://www.legion.org/information-center/news/landing-zone/2025/june/new-strategy-for-a-new-domain
23. World Gone Cyber MAD: How “Mutually Assured Debilitation” Is the Best Hope for Cyber Deterrence – Air University, accessed June 4, 2025, https://www.airuniversity.af.edu/Portals/10/SSQ/documents/Volume-05_Issue-1/Crosston.pdf
24. Multilateral Agreements to Constrain Cyberconflict – Arms Control Association, accessed June 4, 2025, https://www.armscontrol.org/act/2010-06/multilateral-agreements-constrain-cyberconflict
25. Cyber Diplomacy and Writing the Rules of an Invisible Domain, accessed June 4, 2025, https://diplomaticacademy.us/2025/04/27/cyber-diplomacy/
26. Increasing International Cooperation in Cybersecurity and Adapting Cyber Norms, accessed June 4, 2025, https://www.cfr.org/report/increasing-international-cooperation-cybersecurity-and-adapting-cyber-norms
27. Cybersecurity: Top Challenges And Six Big Policy Action Ideas, accessed June 4, 2025, https://fpa.org/cybersecurity-top-challenges-and-six-big-policy-action-ideas/
28. Game-Theoretic Cybersecurity: the Good, the Bad and the Ugly – arXiv, accessed June 4, 2025, https://arxiv.org/pdf/2401.13815
29. A Deep Dive into Security Games and Game Theory – Number Analytics, accessed June 4, 2025, https://www.numberanalytics.com/blog/deep-dive-security-games-game-theory
30. Strategic analysis of cyber conflicts: A game-theoretic modelling of global cyber crises in the 2000s, accessed June 4, 2025, https://securityanddefence.pl/pdf-203979-125694?filename=125694.pdf
31. Game Theory in Defence Applications: A Review – PMC – PubMed Central, accessed June 4, 2025, https://pmc.ncbi.nlm.nih.gov/articles/PMC8838118/
32. NA Game Theory for Cyber Security and Privacy – Nguyen H. Tran, accessed June 4, 2025, https://nguyenhoangtran.github.io/papers/Cuong_PrivacySurvey17.pdf
33. Game Theoretic Solutions to Cyber Attack and Network Defense Problems – ResearchGate, accessed June 4, 2025, https://www.researchgate.net/publication/235027052_Game_Theoretic_Solutions_to_Cyber_Attack_and_Network_Defense_Problems
34. Futuristic Arms Race Models in Modern Game Theory – Number Analytics, accessed June 4, 2025, https://www.numberanalytics.com/blog/futuristic-arms-race-models-modern-game-theory
35. Prisoner’s dilemma – Wikipedia, accessed June 4, 2025, https://en.wikipedia.org/wiki/Prisoner%27s_dilemma
36. Prisoner’s Dilemma | 1911 Trust – Blog, accessed June 4, 2025, https://www.1911trust.com/blog/2025/04/04/prisoners-dilemma/
37. Expert Guide: Deep Dive into Repeated Game Theory – Number Analytics, accessed June 4, 2025, https://www.numberanalytics.com/blog/expert-guide-deep-dive-repeated-game-theory
38. Mastering Repeated Games: Expert Insights in Game Theory – Number Analytics, accessed June 4, 2025, https://www.numberanalytics.com/blog/mastering-repeated-games
39. March 2025 Cybersecurity Developments Under the Trump Administration, accessed June 4, 2025, https://www.insidegovernmentcontracts.com/2025/04/march-2025-cybersecurity-developments-under-the-trump-administration/
40. Shaping the Future of Cyber Diplomacy – FDD, accessed June 4, 2025, https://www.fdd.org/analysis/2025/04/29/shaping-the-future-of-cyber-diplomacy/
41. Doctrine of Information Security of the Russian Federation, accessed June 4, 2025, http://www.scrf.gov.ru/security/information/DIB_engl/
42. US reassessment of Russian cyber threat signals strategic shift in cyber geopolitics, accessed June 4, 2025, https://dig.watch/updates/us-reassessment-of-russian-cyber-threat-signals-strategic-shift-in-cyber-geopolitics
43. 10 Cyber Security Trends For 2025 – SentinelOne, accessed June 4, 2025, https://www.sentinelone.com/cybersecurity-101/cybersecurity/cyber-security-trends/
44. The growing complexity of global cybersecurity: Moving from challenges to action, accessed June 4, 2025, https://www.weforum.org/stories/2025/01/growing-complexity-global-cybersecurity-from-challenges-action/