NATO Tools Up For Cybewar

Just like air, sea, land and space, now cyberspace is officially considered a likely battlefield by the world's biggest military alliance.

The North Atlantic Trade Organization (NATO) has officially declared that cyberspace is a domain for war, placing it alongside the traditional battlegrounds of land, sea and air.

The move is a reflection of changing warfare tactics, where cyber-attacks are just as crucial and effective as more traditional methods.

Several recent incidents have shown that hackers can cause just as much damage as more traditional military attacks: for example, part of the Ukrainian power grid was attacked by hackers, causing blackouts, while the US accused Iranians of attempting to hack into the control system of a dam.

Speaking at the meeting where the declaration was made, NATO secretary general Jens Stoltenberg said: “[This] means that we will coordinate and organize our efforts to protect against cyber-attacks in a better and more efficient way. This is about developing our capabilities and ability to partly protect NATO cyber networks but also to help and assist nations in defending their cyber networks.”

“Since it's very hard to imagine a military conflict today without a cyber dimension, this is important, related to almost all possible conflicts we can foresee in the future,” he added.

It means NATO members can work together and support each other on cyber defenses. “This is about a better framework to manage resources, skills and capabilities, and better coordination of our decisions,” Stoltenberg said.

NATO added that under its new directives, a cyber-attack on a NATO ally can trigger Article 5 - this is when an attack on one is considered an attack on all, and can result in a collective response.

However, it’s not just in Article 5 situations where NATO’s declaration could have an impact. NATO’s work in Afghanistan, for example, could benefit from a collective defense of its network to ensure it is safe from hackers or other malicious activity that could reduce its effectiveness, Stoltenberg said.

Despite this, the declaration has drawn criticism from some security experts. Simon Crosby, CTO and co-founder of Bromium, believes NATO lacks the resources to defend its members from cyber-attacks as a collective.

“The idea of NATO is a collective capability for defense, which when any one member is attacked can trigger the appropriate defensive military action. In cyber, NATO has none. Instead, individual member countries, to varying degrees’ cooperative or suspicious, more or less collaborates to share information on threats,” he said.

“The organization was founded to protect the members by, in extremes, deploying conventional non-cyber assets to effectively combat a threat on any member of the coalition. But NATO has no assets to deploy in the cyber domain. Each member has carefully managed its own cyber-attack techniques, tools and strategies. They each know the vulnerabilities and weak spots of their foes, and all of their peers in NATO. NATO cannot deploy assets to mitigate a cyber-attack,” Crosby added.

Ein News:      Infosecurity

« The Secret History of Cyber War
Snowden Calls For Special Protection For Whistleblowers »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Protegrity

Protegrity

Protegrity is an enterprise and cloud data security software for data-centric encryption and tokenization to protect sensitive data while maintaining usability.

Onapsis

Onapsis

Onapsis is a pioneer in cybersecurity and compliance solutions for cloud and on-premise ERP and business-critical applications.

CyberDef

CyberDef

CyberDef is a consulting company specialising in cyber defence services for small and medium enterprises.

Cienaga Systems

Cienaga Systems

Cienaga Systems is a leader in autonomous cyber threat hunting technology.

Telecommunications Industry Association (TIA)

Telecommunications Industry Association (TIA)

TIA works to secure trust in networks by advocating public policy positions on the security of ICT equipment and services related to critical infrastructure, supply chain and information sharing.

SHIELD

SHIELD

SHIELD is an established end-to-end fraud management solution that blocks fraudulent activities such as account takeovers, fake accounts creation, fraudulent payments, loyalty fraud and more.

ProcessUnity

ProcessUnity

ProcessUnity is a leading provider of Third-Party Risk Management software, helping companies remediate risks posed by third-party service providers.

ProLion

ProLion

ProLion provides Data Integrity solutions that ensure organisations’ data remains secure, compliant, manageable and accessible.

ServerScan

ServerScan

ServerScan specializes in providing server scanning & compliance services to organizations of all types and sizes.

Maintel

Maintel

Maintel provides cloud and managed communications services. We help our customers to deliver exceptional customer experiences, and to securely access their applications and their data.

Obscure Technologies

Obscure Technologies

Obscure Technologies is a firm of experts, specialised in brokering the best security solutions to market.

NetScout

NetScout

NetScout offers a powerful combination of service assurance, cybersecurity, and business intelligence solutions for today’s most demanding service provider, enterprise and government networks.

Knownsec

Knownsec

Knownsec provides customers with cloud defense, cloud monitoring, and cloud mapping products and services with "AI + security big data" as the underlying capability.

RADICL

RADICL

RADICL's mission is to give SMBs that serve America's Defense Industrial Base (DIB) access to strong, enterprise-grade cyber security protection.

Opal Security

Opal Security

Opal is an identity and access management platform that offers a consolidated view and control of your whole ecosystem from on-prem to cloud and SaaS.

Heyhack

Heyhack

Heyhack is a SOC 2 Type II certified automated penetration testing platform for web apps and APIs.