NATO Prepares For Cyber Warfare

This month, NATO engaged its cyber forces in Cyber Coalition 2022, a cyber exercise in Estonia simulating a cyber attack on a fictional island to prepare for anticipated cyberwar.  As conflicts have morphed from traditional military methods into the complex domain of cyberspace, around 150 NATO cyber security experts convened in Tallin to prepare for an anticipated cyberwar. 

The Cyber Coalition 2020 exercise involved more than 40 member states, allies and other organisations working  together to respond to and recover from, simulated cyber attacks on critical infrastructure like power grids and ships. The exercise spanned the globe, with nearly 1,000 cyber professionals participating remotely from their home countries.

In particular, NATO is closely monitoring the war in Ukraine, to help Ukraine and make it harder for Russia and other adversaries to hack into infrastructure in NATO member states and their allies.

Recently, hackers affiliated with Russian military intelligence launched destructive malware attacks against energy, water, and other critical infrastructure in Ukraine, simultaneously with missile strikes aimed at destroying power and water supplies to civilians across the country.  Russian hackers have also attacked in Poland, targeting a critical logistics hub, in a possible attempt to disrupt the movement of weapons and supplies.

On the information warfare front, Russia has increased the intensity of popular dissent over energy and inflation across Europe by boosting select narratives online through state-affiliated media outlets and social media accounts to undermine elected officials and democratic institutions.  So far this propaganda has had only limited public impact, but they foreshadow what may become broadening tactics during the winter ahead.

The world has never experienced an all-out cyberwar in which cyber attacks are used to the same devastating effect as physical strikes, such as shutting off critical services like power and water and preventing their restoration. 

NATO has been intentionally ambiguous about what level of cyber attack it would take for members to respond with either force or devastating cyber strikes of their own. The coalition’s cyber experts have been closely monitoring the war to learn lessons to prepare member states against cyber attacks carried out by adversaries. 

NATO is also reviewing how vulnerable their critical networks in NATO states are to cyber attacks. Those can run from sophisticated operations to plant malware on software updates to more common ransomware attacks.

The intensified pressure on cyber professionals within NATO countries and allied nations has made the ability to coordinate and test communication protocols essential. Both Finland and Sweden, have discarded their previous neutrality to apply for NATO membership and were included in the exercise. However, separate reports suggest that, despite the unprecedented intensity of cyber-attacks launched by Russia over the past few months, Ukrainians have defended remarkably well – learning the lessons from previous attacks on critical infrastructure in December 2015 and 2016.

What has not been so well analysed are the implications of the war in Ukraine for NATO force's preparations for fighting a future “great-power war.” Moscow’s major invasion of Ukraine is the first open war of this era and, like the Spanish Civil War which preceded World War 2, may prove to be a testing ground of operations and tactics for future conflicts. 

Politico:      Al Mayadeen:      Microsoft:      Infosecurity Magazine:    Just Security:    Yahoo:  

You Might Also Read: 

Denmark Wins 2022 European Cyber Security Challenge:
 

« Deploying NDR To Transform Threat Detection
Cyber Threats & Nuclear Fears »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

InfoSec People

InfoSec People

InfoSec People is a boutique cyber and technology recruitment consultancy, built by genuine experts.

Infinigate UK

Infinigate UK

Infinigate is a value-added distributor of IT security solutions to protect and defend IT networks, servers, devices, data, applications, as well as the cloud.

Social-Engineer Inc

Social-Engineer Inc

Social-Engineer is a consulting and training company specializing in the science of social engineering in the context of digital security.

National Cyber Directorate Israel

National Cyber Directorate Israel

The Israeli National Cyber Directorate provides incident handling services for civilian entities and critical infrastructures and works to increase national resilience against cyber threats.

NetExtend

NetExtend

NetExtend services include backup and recovery, endpoint protection, network monitoring, cloud portal and billing and payment solutions.

Identillect Technologies

Identillect Technologies

Identillect Technologies provide a user-friendly secure email solution to protect critical information, with an emphasis on simplicity.

Privitar

Privitar

Privitar is leading the development and adoption of privacy engineering technology enabling our customers to innovate and leverage data with an uncompromising approach to data privacy.

e-Lock

e-Lock

e-Lock services include IT security consulting and training, security systems integration, managed security and technical support.

Marvell Technology Group

Marvell Technology Group

Marvell is a semiconductor company providing solutions for storage, processing, networking, security and connectivity.

Radically Open Security

Radically Open Security

Radically Open Security is the world's first not-for-profit computer security consultancy company.

Czech Accreditation Institute

Czech Accreditation Institute

Czech Accreditation Institute is the national accreditation body for the Czech Republic. The directory of members provides details of organisations offering certification services for ISO 27001.

Romanian Accreditation Association (RENAR)

Romanian Accreditation Association (RENAR)

RENAR is the national accreditation body for Romania. The directory of members provides details of organisations offering certification services for ISO 27001.

Arkose Labs

Arkose Labs

Arkose Labs' Fraud and Abuse Platform combines Telemetry and adaptive Enforcement Challenges to break down the ROI of fraudsters and protect digital businesses.

Meterian

Meterian

The Meterian Platform is a fuss-free solution to protect you against vulnerabilities in your app’s software supply chain.

SecureStack

SecureStack

SecureStack helps software developers find security & scalability gaps in their web applications and offers ways to fix those gaps without forcing those developers to become security experts.

Coralogix

Coralogix

Coralogix are rebuilding the path to observability using a real-time streaming analytics pipeline that provides monitoring, visualization, and alerting capabilities without the burden of indexing.