NATO Warns Of Military Response To Cyber Attacks

Uploaded on 2021-06-21 in GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW

Jens Stoltenberg, the secretary general of NATO, has warned that cyber attacks could result in a military response and that  it is prepared to treat cyber attacks in a similar way to an armed attack against allies and will make  a military response against the perpetrators. 

US President Joe Biden Russian and President Vladimir Putin have recently agreed to develop a cyber security arrangement between the two countries after discussing the issue of ransomware at their summit in Geneva. Biden told President Putin that certain critical infrastructure should be "off-limits" to cyber attacks.

Biden says he and Putin will begin discussion with the aim to "to begin to bring some order" after a number of recent high-profile attacks by criminal gangs on a number of US companies. These talks will be complicated as they don’t agree as to who was to blame for the growing problem of ransomware.  Alliance members agreed a new cyber security strategy in response, and will for the first time help each other out in the case of “cyber-attacks of significance”, mirroring NATO's obligation of collective defence in the traditional military sphere, expressed in article 5.

Now in a statement issued by the Heads of State and of 30 NATO Governments who attended the meeting of the North Atlantic Council in June, the military alliance revealed it has endorsed a Comprehensive Cyber Defence Policy, in which a decision will be taken to invoke Article 5 “on a case-by-case basis” following a cyber attack.  

NATO leaders also said China presents a cyber security risk has asserted NATO needs to respond to Beijing’s growing power. Jens Stoltenberg says that China was “not an adversary”, saying instead NATO's strategy was to address “the challenges” posed by Beijing, which will “soon be the biggest economy in the world” and “already has the second-largest defence budget, the biggest navy”.

Under Article 5 of the NATO treaty, first signed in 1949, when any NATO ally is the victim of an armed attack, it will be considered an attack on all alliance members, who will theoretically take any actions necessary to defend that ally. “We are increasingly confronted by cyber, hybrid, and other asymmetric threats, including disinformation campaigns, and by the malicious use of ever-more sophisticated emerging and disruptive technologies.  Rapid advances in the space domain are affecting our security... The proliferation of weapons of mass destruction and the erosion of the arms control architecture also undermine our collective security.  Climate change is a threat multiplier that impacts Alliance security."  

The announcement has come amid rising cyber threats to the alliance, which NATO said are “complex, destructive, coercive, and becoming ever more frequent.”  It said that recent ransomware and other types of cyber-attacks “targeting our critical infrastructure and democratic institutions, which might have systemic effects and cause significant harm.” Recent cyber attacks include the ransomware attack on Colonial Pipeline, which forced the US largest fuel pipeline offline and was apparently done by Russian state backed cyber hackers.

“Reaffirming NATO’s defensive mandate, the Alliance is determined to employ the full range of capabilities at all times to actively deter, defend against, and counter the full spectrum of cyber threats, including those conducted as part of hybrid campaigns, in accordance with international law,” the statement reads.

NATO's Comprehensive Cyber Defence Policy is designed to support NATO’s three core tasks and overall deterrence and defence posture, and enhance resilience.  As an example of more frequent intrusions in other nations’ affairs, Stoltenberg  noted Russia’s meddling in domestic elections and cyber attacks on its neighbors and aggressive military behavior in Ukraine He also made specific reference to Russia-based malware attacks through SolarWinds and on the German government

NATO:    BBC:     USNI:   ReutersOodaloop:     Guardian:     Infosecurity Magazine:    BBC:    

You Might Also Read: 

Results: NATO’s 2021 Cyber War Game:

 

« SANS and AWS Marketplace webinar: Shifting your network security architecture to the cloud
A Quick Guide To Business Cyber Security »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Imperva

Imperva

Imperva is a leading provider of data and application security solutions including DDoS protection, Web application security, Data security and Cloud security.

Vaddy

Vaddy

Vaddy provide an automatic web vulnerability scanner for DevOps that performs robust security checks to ensure that web app code is secure.

Security Audit Systems

Security Audit Systems

Security Audit Systems is a website security specialist providing website security audits and managed web security services.

Cyber Threat Intelligence Network (CTIN)

Cyber Threat Intelligence Network (CTIN)

CTIN provides cyber threat intelligence services including training, platform evaluation, ISAC/ISAO systems development and counter botnet operations.

Acutec

Acutec

Acutec is an award winning IT support, services and solutions provider including managed IT Security and backup/disaster recovery.

Data61

Data61

Data61 is Australia’s leading digital research network offering the research capabilities, IP and collaboration programs to unleash the country’s digital & data-driven potential.

Zuratrust

Zuratrust

Zuratrust provide protection for all kinds of email related cyber attacks.

Venkon

Venkon

Venkon provides effective and unique solutions to cyber-security threats and IT compliance requirements of your organization.

Alkira

Alkira

Alkira has reinvented networking for the cloud era by delivering the network cloud, the first global unified network infrastructure with on-demand hybrid and multi-cloud connectivity.

Gridware

Gridware

Gridware is a specialised cybersecurity consultancy firm and an emerging global player in the cybersecurity intelligence and advisory field.

Hub71

Hub71

Hub71 is a world-class tech ecosystem opening doors to global opportunities from an optimal business environment for entrepreneurial-minded innovators.

Secfix

Secfix

Secfix helps companies get secure and compliant in weeks instead of months. We are on a mission to automate security and compliance for small and medium-sized businesses.

Jera IT

Jera IT

Jera IT provide fully managed IT support, cybersecurity services, telecoms systems, and IT strategy consultancy to businesses based in Aberdeen and the surrounding area.

V2X

V2X

V2X delivers IT support, networking, and cybersecurity solutions that ensure optimal mission support and performance.

Anura

Anura

The world’s most accurate ad fraud solution protects your web assets by eliminating bots, malware and human fraud, ensuring your content is seen by real people.

Odaseva

Odaseva

Odaseva delivers the strongest data security solution for enterprises running on Salesforce, safeguarding confidentiality and integrity of critical business information.