NATO’s new role in tackling cyber threats
We may not see cyber-attacks but they are happening every day, and with increasing severity. In the UK, 90% of large organisations have reported cyber breaches over the last two years and the average cost of dealing with these attacks has risen from £600,000 in 2014 to £1.5 million this year. Hardly a day goes by without a newspaper featuring an article on the latest cyber intrusion, be it the compromise of data of 500 million individuals linked to Yahoo, or the theft of over a billion dollars from the Bangladesh national bank through a compromise of the SWIFT payment system. Dr. Jamie Shea, Deputy Assistant Secretary General, NATO, details NATO’s role in fighting cyber crimes
We have used the term cyber crime in terms of the theft of money or individual identities; but what is increasingly of concern is the use of cyber for political interference or coercion. For instance, last year the power grid in Western Ukraine was shut down for several hours, denying power to 220,000 customers. The recent US election campaign was also marked by a number of cyber attacks against the Democratic Party in order to leak compromising e-mails, and many US states reported attempts to gain access to their voter registration lists.
In short, we are beginning to realise that the aggressive use of cyber space can serve multiple purposes. Not just for information or financial gain, but also for propaganda, disruption, actual physical destruction, extortion and ransom and now interference with a view to influencing political debates. Therefore, it is not just every conflict or crisis that will have a cyber dimension, but worryingly, even normal political processes will.
Given this context, the key tasks of those who believe in the positive power of cyber space to spread individual freedom and grow our economies, will be to maintain trust in the use of the Internet, to uphold privacy, to maintain competition among service providers but also to increase the security of our information systems, so that they are far less prone in the future to penetration and mis-use by ill-intentioned actors.
This of course will be a major challenge and many international organisations will have to follow a coordinated approach in order to be successful. NATO too has its role to play.
In the first place, we have declared that Article 5, NATO’s collective defence pledge, can be invoked in response to cyber-attacks above a certain threshold. Thus, cyber defence is part of the Alliance’s core task of collective defence.
We have also recognised that cyber-attacks can seriously undermine NATO’s missions around the world. Our forces are increasingly likely to cooperate in environments where cyber tools are used to disrupt our command and control, manipulate our data or even paralyse our weapons systems. Thus, at their recent Warsaw Summit, NATO’s leaders declared that cyber is now an operational domain for the Alliance. This means that we are looking at our organisation, capabilities, and planning to ensure that we can manage the risks, recover quickly and function as smoothly in cyber space as in the more traditional areas of land, sea and air operations.
Naturally, NATO’s capabilities in the cyber domain will continue to depend on what individual allies produce at home. We cannot afford any weak links in the chain of cyber defence due to some allies under-investing in this area or not being fully interoperable.
Therefore, at the Warsaw Summit, NATO’s leaders also adopted a Cyber Defence Pledge and we are currently seeking how to best implement this by using NATO’s defence planning system to set individual Allies realistic targets and to devise a rigorous method of assessment to ensure that those targets are met. Along the way, NATO is also helping allies to improve their cyber intelligence. Our Cyber Threat Assessment Cell uses information gathered both by individual allies and the Alliance itself and we share real-time information through a dedicated malware information-sharing platform. This has also been recently established with a number of industry partners, as 90% of information technology networks are owned and operated by the private sector and private companies are often in the lead for early warning, threat assessments and analysis, and the innovative ideas that can help us achieve a more secure cyber space.
For all these reasons, NATO has also launched a NATO Cyber Industry Partnership through which we are engaging industry, not just on information-sharing, but also on supply chain security, innovation and experimentation, particularly looking to reach out to those small or medium enterprises that are often at the forefront of creativity in the cyber domain.
Finally, NATO’s activities in the area of education and training are helping allies to develop the skills and techniques that are just as important for secure cyber defence as better technology. Recently we held another Cyber Coalition exercise in Estonia, an event which annually gathers over 400 operators, both from NATO and its partner countries who test their skills against the whole gamut of malware, denial of service attacks and other forms of cyber threat.
Portugal is also soon to open a NATO Cyber Defence Academy, which will offer a range of advanced training courses, as well as research and development. Many of NATO’s activities within the Science for Peace and Security programme involve help with cyber training or the development of national cyber defence strategies for partners as diverse as Iraq, Jordan, Bosnia and Ukraine.
For all that NATO is doing to adapt to a changing world, one thing will not change. NATO is a defensive Alliance and its actions will always be proportionate and in strict accordance with international law. In turn, this means that NATO will strongly support efforts to foster a more transparent and secure cyber space through the development of voluntary norms of behaviour by individual states and related confidence-building measures.
Cyber defence depends ultimately on effective partnerships. In this respect, the ICPS Cyber Security Europe Roundtable 2016 has been an excellent forum to bring key stakeholders together and especially NATO and the EU, at a time when the EU is also significantly upgrading its efforts in cyber defence. This makes this roundtable particularly important for the Alliance and we will continue to support it.