A Cyber Attack On NATO Could Trigger Article 5

Few nations have sophisticated cyber capabilities and for operational security reasons, they are closely guarded, rarely shared, and carefully used.

The US Senate Intelligence Committee Chair Mark Warner warned Russian President  that waging a cyber attack against a NATO country could risk embroiling Moscow in a war against multiple Western governments, including the United States. 

In 2019 NATO Secretary General Jens Stoltenberg said all 29 member countries would respond to a serious cyber-attack on one of them.

Recently a NATO official told Reuters that a cyber attack could be considered an armed attack and trigger "Article 5," it was a significant moment. How significant is harder to judge. "Article 5" is NATO's holy grail, the core of what NATO is about. It is part of the Washington Treaty, signed in 1949, that set up the North Atlantic Treaty Organisation, which started with 12 members and now has 30.

Article 5 states, "The Parties agree that an armed attack against one or more of them in Europe or North America shall be considered an attack against them all."

Mircea Geoană, Deputy Secretary General of NATO, says that when the alliance decided that cyber should be considered an “operational domain,” the bloc also made the call that a “massive cyber attack” on one member state could trigger Article 5 of NATO’s Washington Treaty. This strikes at the heart of the alliance’s defense clause, which states that an attack on one country is considered an attack on all allies.

So, for instance an attack on Poland is effectively the same as an attack on the United States, a powerful deterrent to a potential aggressor, but of course life is never that simple.

For decades it seemed simpler, as an armed attack would be obvious and NATO nations would respond with tanks, artillery, and warplanes. Now, in our new world, nations can be undermined through information warfare and infrastructure crippled by cyber attacks, often difficult to trace.

How NATO should respond to such attacks created much debate, first on the principles of whether a cyber attack could be considered an "armed attack," and secondly if it is, what to do about it.

So, if for instance Poland was attacked with tanks, individual nations are not obliged to respond with military force. Article 5 is powerful but how nations individually respond, with a lot or a little, is still up to them. Nevertheless, a conventional military attack on a NATO nation would get a massive response. Deterrence has worked.

But when we move into the grey zone of "hybrid warfare" that response is harder to predict.

This is one of the aims of Russian strategy towards NATO, to achieve its goals while operating below the threshold that will trigger Article 5. On cyber, those waters will be even muddier given how deniable activity is within cyberspace. In 2014, NATO's leaders made cyber defence a core part of collective defence but policy and activities to implement that decision are still evolving. To that end, for instance, it has a technical agreement with the European Union and a NATO Industry Cyber Partnership. At SHAPE, NATO's military headquarters, there is also a Cyberspace Operations Centre.

Currently, NATO is far more focused on defensive cyber, to secure its systems from attack, and the nature of that is a point of debate.

Some commentators say that passive cyber defence, where you simply build up your virtual walls, leaves the initiative with your adversary, enabling him to probe without consequence until he finds your weak point. Effective defence means also going after the attacker and forcing him onto the back foot, so-called offensive cyber. That is also what would be needed if NATO's responding to an Article 5 breach.

 NATO as an institution does not possess significant cyber capabilities. When it comes to activities, NATO is a command and control organisation using hardware and personnel loaned by members.

Few nations have sophisticated cyber capabilities and for operational security reasons, they are closely guarded, rarely shared, and carefully used. That means if a cyber attack did trigger NATO Article 5, then the actual use of cyber weapons would be outsourced to nations for use on behalf of the Alliance in a coordinated manner. However, as the NATO source told Reuters, a response does not have to be symmetrical, and could theoretically escalate to include a military one.

Persuading 30 nations to agree on this will be hard, and a further possibility is if NATO cannot agree there could be a so-called "coalition of the willing" operating separately. NATO has previously agreed cyber attacks could trigger Article 5, and that itself was a major decision and something of a deterrent to hostile actors. But the reality of having to act on it is now closer than ever before.

Reuters:      BBC:      Cyber Security Dive:     Daily Mail:       C-Span:      GZero

You Might Also Read: 

NATO & Ukraine Agree Deeper Cyber Co-operation:

 

« Making Sense Of The Edge
Twitter Joins Ukraine’s War Effort »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

TitanFile

TitanFile

TitanFile is an award-winning, easy and secure way for professionals to communicate without having to worry about security and privacy.

Snort

Snort

Snort is an open source intrusion prevention system capable of real-time traffic analysis and packet logging.

Mobile Mentor

Mobile Mentor

Mobile Mentor is an independent provider of enterprise mobility solutions in New Zealand and Australia.

International Computer Science Institute (ICSI)

International Computer Science Institute (ICSI)

ICSI is a leading independent, nonprofit center for research in computer science. Research areas include network security and privacy.

SoftLock

SoftLock

Softlock is a regional leader in Information Security providing solutions, consulting, integration and testing services to protect information assets, identities and supporting infrastructure.

Chronicle

Chronicle

Chronicle products combine intelligence about global threats in the wild, threats inside your network, and unique signals about both.

International College For Security Studies (ICSS)

International College For Security Studies (ICSS)

ICSS India offers technical education to students, clients and partners in IT Industry by our well qualified, certified and experienced trainers.

Cyber Management Alliance

Cyber Management Alliance

Cyber Management Alliance is closing the divide in cyberspace by bringing together the best qualities of thought leadership and operational mastery of cyber security management.

SecOps Group

SecOps Group

SecOps Group is a boutique cybersecurity consultancy helping enterprises identify & eliminate security risks on a continuous basis.

LayerX Security

LayerX Security

LayerX's user-first browser security platform turns any browser into the most protected & manageable workspace, by providing real-time monitoring and governance over users’ activities on the web.

CloudScale365

CloudScale365

CloudScale365 offers state-of-the-art managed IT services and cloud, hosting, security, and business continuity solutions.

Keepit

Keepit

Keepit offer all-inclusive, secure, and reliable backup and recovery services for your data.

ClearSky Cyber Security

ClearSky Cyber Security

ClearSky cyber security provides cyber solutions, focused on threat intelligence services, mainly for the financial sector, critical infrastructure, public sector and the pharma sector.

Issue53

Issue53

We empower organizations to thrive in the digital landscape. Strengthen your defenses, enhance resilience – Choose Issue53 for a secure and future-ready IT environment.

Barrier Networks

Barrier Networks

Barrier Networks are a Cyber Security Managed Service Provider that specialises in Network and Application security.

Rite-Solutions

Rite-Solutions

Rite-Solutions is an award-winning software development, systems engineering, and information technology firm.