Professional Documents
Culture Documents
Age
By Alexandru Moldovan
attack was attributed to groups of Russian hackers even though the Russian
authorities denied any involvement.
According to James Sherr of Britain's Royal Institute of International Affairs,
this new type of conflict called hybrid warfare is designed to cripple a state
before that state even realizes the conflict has begun. Elaborating the topic,
Sherr adds that hybrid warfare It's a model of warfare designed to slip under
NATO's threshold of perception and reaction. As General Alexander
Vershbow has called it, we are facing a new facet of the ancient Trojan Horse
tactic.
As cyber attacks usage intensifies, we need to look into the details of what
constitutes a cyber attack and how NATO and its allies can use their
experience in order to ensure that accident like this will never catch the
Alliance on a wrong foot.
Expending the Tallinn Manual Process definition of cyber attacks, Wittaker
defines cyber attacks as coordinated actions taken against a states public
institutions, digital infrastructure as well as its critical infrastructure through
cyber space. Since there is no clear terminology that can be used to define
the cyber warfare a range of different theoretical frameworks tries to explain
this universe. A first classification is made by Wittaker who differentiates
between cyber attacks and cyber crimes. While cyber crimes are directed
against individuals and companies, cyber attacks are targeting public
institutions and infrastructure.
A more in-depth classification is made by Schreier who distinguishes
between cyber vandalism or cyber hacktivism, cyber crime or internet
crime and cyber espionage. The most dangerous one for governments is the
cyber crime which affects usually the banking sector, financial institutions,
and the corporate sector. Government networks which hold classified data
are also affected, but less often.
Cyber attacks can be classified as a form of international terrorism and as a
consequence there is a need for a coordinated international approach in
order to address such treats. Special characteristics of the cyber attacks
which make them particularly dangerous are the difficulties that arise from
identifying the origin, nature and impact of the cyber attacks. Over the cyber
space is a lot easier for the cyber criminals to hide their origin as attacks can
be launched from every place of the world. In these conditions, most of the
time retaliation becomes problematic because of the hardship of identifying
the attacker and its intentions. The nature of the attack is also hard to define
presents the results of the talk in Brussels with the American officials, Our
mandate is pure cyber defense, and Our declaration is a start, he said,
but I cannot tell you it is a complete strategy.
Before the Wales Summit in September 2014, according to Limnell, NATO
had to face three key challenges: integration of cyber capabilities, Article 5
update and a better coordination of national capabilities. Out of these
challenges the biggest one was: [...] to integrate cyber into a broader
strategic and operational concept, both in defence and offence. This
observation is in line with one made by Rasmussen who acknowledged that a
global strategy is still under development.
What led to the existing state of affairs is a series of events that continuously
shaped NATOs capabilities for fighting cyber crimes. In chronological order,
the concept of cyber security made its way for the first time on NATOs
agenda after the hacking incidents in the late 1990s that appeared during
the Kosovo War and consequently led to the start of NATO's Cyber Defence
Programme. After the 2002 Prague Summit, initiatives were taken to
establish the NATO Computer Incident Response Capability (NCIRC). With the
New Strategic Concept developed by NATO in November 2010 at the Lisbon
Summit a cyber security objective was clearly formulated in the Summits
report. Enhancing the ability to prevent, detect, defend against and recover
from cyber-attacks, [...] and coordinate national cyber defence capabilities,
bringing all NATO bodies under centralized cyber protection, and better
integrating NATO cyber awareness, warning and response with member
nations were the guidelines followed by NATO in the coming period. In 2011
it was approved a revised NATO Policy on Cyber Defence and by end of 2012
a NATO Computer Incident Response Capability (NCIRC) was already in place,
organisation now under the NATO Communications and Information Agency
(NCI Agency) that monitors the IT infrastructure and responds to cyber
threats and attacks. Other important milestones for the organization are the
creation of the NATO Co-operative Cyber Defence Centre of Excellence
(CCDCOE) in Tallinn, Estonia and the establishment of NATO Cyber-Defence
Management Authority (CDMA) in 2008.
At this point is important to underline that NATOs cyber defense work is
purely defensive. NATOs members are still responsible for developing their
own national cyber defence capabilities and on the same time they must
protect their own networks. At this level, NATOs role is to share expertise
and information, promote coordination and cooperation and facilitate
development of national capabilities.
any cyber offensive plans made by the NATO, this impediment can severe
the attacking capabilities of the Alliance.
Another area that can be improved is the legislation. NATO is by definition a
bureaucratic organization and any gap in the legislation is possibly
dangerous for the proper functioning of the organization. A good starting
point for improvement will be a better definition of the concept armed
attack in the context of cyber conflicts.
Further developments could be increased number of common exercises, a
strengthening of the partnership with the private sector or an increased
budget for research and development.
Conclusion
NATOs cyber capabilities have evolved continuously since the Kosovo War.
While the current tactics describe a defensive thinking, we cannot talk at the
moment about a complete cyber security strategy at the Alliance level.
Nevertheless, NATO made some important steps by acknowledging the role
of cyber security, founding NCIRC and similar dedicated institutions and
setting up a clear chain of command in case of cyber attacks.
However, space for improvement still exists. There is a need for a revised
legislation, like in the case of Article 5, and a more transparent
communication between members and international standards for
information security. By solving all this matters, the process of integrating a
standalone cyber strategy in the context of the Alliance global military
strategy will be much easier.