NATO Warns Of Military Response To Cyber Attacks

Uploaded on 2021-06-21 in GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW

Jens Stoltenberg, the secretary general of NATO, has warned that cyber attacks could result in a military response and that  it is prepared to treat cyber attacks in a similar way to an armed attack against allies and will make  a military response against the perpetrators. 

US President Joe Biden Russian and President Vladimir Putin have recently agreed to develop a cyber security arrangement between the two countries after discussing the issue of ransomware at their summit in Geneva. Biden told President Putin that certain critical infrastructure should be "off-limits" to cyber attacks.

Biden says he and Putin will begin discussion with the aim to "to begin to bring some order" after a number of recent high-profile attacks by criminal gangs on a number of US companies. These talks will be complicated as they don’t agree as to who was to blame for the growing problem of ransomware.  Alliance members agreed a new cyber security strategy in response, and will for the first time help each other out in the case of “cyber-attacks of significance”, mirroring NATO's obligation of collective defence in the traditional military sphere, expressed in article 5.

Now in a statement issued by the Heads of State and of 30 NATO Governments who attended the meeting of the North Atlantic Council in June, the military alliance revealed it has endorsed a Comprehensive Cyber Defence Policy, in which a decision will be taken to invoke Article 5 “on a case-by-case basis” following a cyber attack.  

NATO leaders also said China presents a cyber security risk has asserted NATO needs to respond to Beijing’s growing power. Jens Stoltenberg says that China was “not an adversary”, saying instead NATO's strategy was to address “the challenges” posed by Beijing, which will “soon be the biggest economy in the world” and “already has the second-largest defence budget, the biggest navy”.

Under Article 5 of the NATO treaty, first signed in 1949, when any NATO ally is the victim of an armed attack, it will be considered an attack on all alliance members, who will theoretically take any actions necessary to defend that ally. “We are increasingly confronted by cyber, hybrid, and other asymmetric threats, including disinformation campaigns, and by the malicious use of ever-more sophisticated emerging and disruptive technologies.  Rapid advances in the space domain are affecting our security... The proliferation of weapons of mass destruction and the erosion of the arms control architecture also undermine our collective security.  Climate change is a threat multiplier that impacts Alliance security."  

The announcement has come amid rising cyber threats to the alliance, which NATO said are “complex, destructive, coercive, and becoming ever more frequent.”  It said that recent ransomware and other types of cyber-attacks “targeting our critical infrastructure and democratic institutions, which might have systemic effects and cause significant harm.” Recent cyber attacks include the ransomware attack on Colonial Pipeline, which forced the US largest fuel pipeline offline and was apparently done by Russian state backed cyber hackers.

“Reaffirming NATO’s defensive mandate, the Alliance is determined to employ the full range of capabilities at all times to actively deter, defend against, and counter the full spectrum of cyber threats, including those conducted as part of hybrid campaigns, in accordance with international law,” the statement reads.

NATO's Comprehensive Cyber Defence Policy is designed to support NATO’s three core tasks and overall deterrence and defence posture, and enhance resilience.  As an example of more frequent intrusions in other nations’ affairs, Stoltenberg  noted Russia’s meddling in domestic elections and cyber attacks on its neighbors and aggressive military behavior in Ukraine He also made specific reference to Russia-based malware attacks through SolarWinds and on the German government

NATO:    BBC:     USNI:   ReutersOodaloop:     Guardian:     Infosecurity Magazine:    BBC:    

You Might Also Read: 

Results: NATO’s 2021 Cyber War Game:

 

« SANS and AWS Marketplace webinar: Shifting your network security architecture to the cloud
A Quick Guide To Business Cyber Security »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Encode

Encode

Encode delivers a cutting edge Security Analytics & Response Orchestration platform and best of breed Cyber Security Operations and Services.

QTS

QTS

QTS Realty Trust, Inc. is a leading provider of secure, compliant data center, hybrid cloud and managed services.

Security Research Labs (SRLabs)

Security Research Labs (SRLabs)

Security Research Labs is a Berlin-based hacking research collective and consulting think tank.

Intertek Group

Intertek Group

Intertek Group provides Assurance, Testing, Inspection and Certification services. Activities include cybersecurity testing and certification.

Gorodissky IP Security

Gorodissky IP Security

Gorodissky IP Security is a comprehensive approach to protecting your intellectual property on the Internet and beyond.

ActiveNav

ActiveNav

ActiveNav provide dark data discovery solutions for compliance and information governance.

Research Institute in Verified Trustworthy Software Systems (VeTSS)

Research Institute in Verified Trustworthy Software Systems (VeTSS)

The main purpose of VeTSS is to support program analysis, testing and verification, to achieve guarantees of software correctness, safety, and security.

Liberman Networks

Liberman Networks

Liberman Networks is an IT solutions provider company that provides security, management, monitoring, BDR and cloud solutions.

Cyral

Cyral

Easily observe, control, and protect your data endpoints in a cloud and DevOps-first world. Discover Data Mesh Security with Cyral.

Willyama Services

Willyama Services

Willyama Services is a certified Information Technology and Cybersecurity professional services business providing services to government and private sector clients.

Beetles Cyber Security

Beetles Cyber Security

Beetles is a crowdsourced penetration testing platform designed to build a trusted, hacker-centric approach to protectan organization’s digital attack surface.

Enterprise Strategy Group

Enterprise Strategy Group

Enterprise Strategy Group, a division of TechTarget, is an IT analyst, research, validation, and strategy firm that provides market intelligence and actionable insight to the global IT community.

MODUS X

MODUS X

MODUS X is a Ukrainian IT product and service company created from the IT department of the DTEK Group of Companies.

Pantherun Technologies

Pantherun Technologies

Pantherun is a pioneering force in the realm of encryption technology and data protection solutions.

Axiler

Axiler

Axiler’s AI-driven self-healing architecture seamlessly detect, patch, and neutralize threats in real-time, ensuring systems remain secure and ever-adaptable.

UKON

UKON

UKON is the free cyber insurance marketplace for MSPs, agencies and partners to turn risk into revenue.