NATO’s Cyber-Capabilities Are Only Defensive

Uploaded on 2016-10-17 in NEWS-Cybersecurity News, INTELLIGENCE--International, GOVERNMENT-Defence, FREE TO VIEW


The North Atlantic Treaty Organisation’s (NATO) ability to respond offensively to Cyber-attacks is hindered by its previous inaction and inherent difficulties surrounding Cyber defense. 

During the 2016 NATO Warsaw Summit, NATO officially recognised Cyberspace as an operational domain of warfare alongside air, sea, and land. The intended purpose of that action is to allow NATO members to strengthen Cyber capabilities and network protection. 

This includes bringing Cyber-attacks under the scope of Article 5 of the North Atlantic Treaty, which states that an attack on an Ally or Allies shall prompt collective defense from the Alliance. While the move seeks to clarify Cyber’s position in warfare, issues with attribution and a lack of a cyber ‘red line’ make it difficult for NATO to actually invoke Article 5 in response to Cyber-attacks on its Allies and partners.

Inherent difficulties with establishing a Cyber ‘red line’ make it difficult to know when it would be acceptable to invoke Article 5. While labeling Cyber as an operational domain of warfare was not a direct response to any particular adversary’s behavior, it is clear that Russia remains the biggest concern for the Alliance. 

In the past, NATO has been reluctant to respond to Cyber-attacks on its Allies and partners. The distributed denial of service attack on Estonia in 2007, cyber blockade of Georgia in 2008, attacks on Ukrainian energy infrastructure in 2015, and numerous other incidents of Cyber-attacks have been attributed to Russia in recent years.

Yet NATO took no offensive action to support those countries. It remains unclear what form a Cyber-attack would take and how severe a Cyber-attack would need to be in order to force NATO to invoke Article 5 or take an offensive posture. The recent Democratic National Committee hacks underscore this uncertainty and highlight NATO’s reluctance to take offensive action against Russian Cyber aggression.

Difficulties associated with attributing cyber-attacks to specific perpetrators also makes it difficult for NATO to invoke Article 5 in response to cyber-attacks. Highly skilled states, groups, and individuals who perpetrate major cyber-attacks will attempt to avoid being attributed through various technical methods. 

Though states often know who is responsible for a Cyber-attack based on the current geopolitical climate, it is not always possible to directly link a state or group to an attack with indisputable evidence. The issue of identifying an attacker is exacerbated by NATO Allies and partners’ reluctance to share Cyber capability information with one another. 

Some Allies are concerned that others in the Alliance do not make similar investments in Cyber capabilities and are thus hesitant to reveal their own capabilities. Others do not share information based on the secrecy surrounding technology and intelligence gathering. The reluctance of Allies and partners to share critical information creates barriers to preventing or halting Cyber-attacks.

Recent cyber-attacks against NATO Allies and partners demonstrates that a defensive Cyber posture is ineffective in countering Cyber aggression. Labeling cyber as a domain of warfare is a step in the right direction, but a stronger framework is needed to clarify when NATO must take an offensive rather than a defensive posture in dealing with Cyber-attacks. 

A clarified offensive framework would blend conventional and non-conventional warfare and technology, creating a stronger deterrence mechanism to combat and reduce Cyber-attacks. 

However, NATO still needs to determine ‘red lines’ for invoking Article 5 and improve on sharing Cyber capabilities between member states to help identify attackers and appropriately act upon attribution. Without such a pre-determined framework, NATO Allies and partners will likely be unsure of how to respond during times of Cyber conflict.

Georgetown Security Studies


 

« US And Russia Face Off Over Syria & Cyber Attacks
US Security Bureau Finally Reacts To Snowden »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Concise Technologies

Concise Technologies

Concise Technologies provide specialist IT and telecoms solutions, support services, managed backup, disaster recovery, cyber security and consultancy to SME businesses across the UK and Europe.

Advenica

Advenica

Advenica develops, manufactures and sells innovative cybersecurity solutions for encryption and secure information exchange.

Cambridge Intelligence

Cambridge Intelligence

Cambridge Intelligence are experts in network visualization and finding hidden trends in complex connected data. Applications include cybersecurity.

Dubex

Dubex

Dubex is Denmark's leading business-oriented IT security specialist.

Latvian Information & Communications Technology Association (LIKTA)

Latvian Information & Communications Technology Association (LIKTA)

LIKTA brings together leading Latvian companies, organizations and professionals in the field of Information & Communications Technology

ESNC

ESNC

ESNC’s vulnerability management and real-time SAP security monitoring solutions help largest corporations in the world to effectively prioritize SAP security tasks and secure their business.

Avatao

Avatao

Avatao is an online training platform for building secure software, offering a rich library of hands-on IT security exercises for software engineers to teach secure programming.

Procilon Group

Procilon Group

Procilon Group specialize in the development of cryptographic software as well as strategic advice on information security and data protection.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Hunters.AI

Hunters.AI

Hunters is the world's first autonomous hunting solution that leverages top-tier cyber expertise and AI to uncover hidden cyber threats.

Zamna

Zamna

Zamna (formerly VChain Technology) is an award-winning software company building GDPR compliant identity platforms for the aviation industry.

Foretrace

Foretrace

Foretrace aims to prevent, assess, and contain the exposure of customer accounts, domains, and systems to malicious actors.

Epiphany Systems

Epiphany Systems

Epiphany enhances your defensive security controls by providing you with an offensive perspective. We expose the most likely attack paths to your most critical IT assets and users.

4Securitas

4Securitas

4Securitas is an innovative cyber security firm focused on protecting critical data at the core of every organisation.

eCentre@LindenPointe

eCentre@LindenPointe

The eCenter@LindenPointe provides assistance to the development, management and promotion of STEM (Science, Technology, Engineering, Mathematics) related business ventures.

Exiger

Exiger

Exiger is revolutionizing the way corporations, government agencies and banks navigate risk and compliance in their third-parties, supply chains and customers.