Nato and cyber-attacks: Time to raise our game
Nato Secretary General Jens Stoltenberg | Photo credit: Press association
They may be invisible, but every day our countries face attacks in cyber-space. Nato is adapting to this increasing threat, writes Jens Stoltenberg.
Until recently, cyber-attacks on financial institutions were the ones that hit the headlines. Today, it is critical networks and vital infrastructure that are the targets; disrupting services and threatening to bring modern life to a grinding halt. What was once a nuisance has now become a strategic challenge.
Two years ago, a cyber-attack temporarily blocked access to the Nato headquarters' website. More recently, a series of cyber-attacks were launched against German state computer systems, including some designed to gather intelligence on critical infrastructure such as power plants. In Ukraine, meanwhile, cyber-attacks have been used as a weapon of so-called 'hybrid' warfare.
Both states and non-state actors are increasingly using cyber-attacks to achieve their diplomatic and military objectives. This is why, two years ago, Nato allies acknowledged that cyber-attacks could be just as harmful to our societies as one with conventional weapons. They made clear that cyber-defence is now part of the alliance's core task of collective defence.
- Tunne Kelam and Erping Zhang: EU must balance cyber-security and right to privacy
- Cybercrime 'rising rapidly' up the political agenda
- EDA chief: EU can no longer afford to ignore defence policy
Cyber-attacks risk seriously undermining Nato's missions around the world. Our forces are increasingly operating in environments where adversaries may use cyber-tools to disrupt our decision-making.
To ensure that our forces can protect its citizens and territory against any threats, we have to be as effective in the cyber-domain as we already are on land, air and sea.
Nato has not sat idle in the face of this developing threat. We have worked hard to both bolster our own networks and to help allies strengthen their cyber-defences. We are extending the central protection we provide for emerging networks, such as the chain of new small headquarters we have established in the east of the alliance.
We have also improved our ability to detect and analyse threats and are doing everything we can to ease the exchange of information. Our cyber threat assessment cell uses information gathered by both individual allies and the alliance itself while sharing real-time information through a dedicated malware information-sharing platform.
Nato has established cyber rapid reaction teams staffed with experts and equipped with cutting-edge technology that can support our member nations in the event of serious cyber-attack.
Our investment in training and education - including Nato's state-of-the-art annual exercise "Cyber Coalition" - help ensure that our skills keep pace with technology.
At the same time, we are intensifying both our cyber defence partnerships - notably with the European Union - and our cooperation with industry and academia, particularly on information-sharing and the exchange of best practice.
Nato has already achieved a great deal in tackling cyber-attacks, but much remains to be done. No country is invulnerable; cyber threats do not respect borders.
That is why, at the recent summit in Warsaw, allies made a 'Cyber Defence Pledge' designed to make strengthening our cyber defences a priority. We need to be prepared; strong, resilient cyber-defences will be vital if the alliance is to fulfil its core purpose.
A number of allies have already recognised cyberspace as an operational domain, alongside air, land and sea done.
At the Warsaw summit, we took the same step. It will improve Nato's ability to protect and conduct operations across these domains, helping us manage our resources, skills and capabilities.
In addition, it will ensure that cyber defence is better reflected in our military exercises, in our training and in our response to crises. In cyberspace as in the other domains, ultimately Nato relies on allies to provide the capabilities for its missions.
During these adaptations, one important thing remains constant; Nato is a defensive alliance, whose mission is to protect Nato's citizens and territory and whose actions will always be proportionate and in strict accordance with international law.
That, in turn, means that we back efforts to promote a more transparent and secure cyber-space. We support individual states developing voluntary norms of behaviour and other measures to build confidence.
Nato is founded on the shared values of liberty, democracy, human rights and the rule of law. That is why we are determined to ensure that cyberspace remains the location we want it to be, a place for peaceful, open communication and debate.