NATO Warns Of Military Response To Cyber Attacks

Jens Stoltenberg, the secretary general of NATO, has warned that cyber attacks could result in a military response and that  it is prepared to treat cyber attacks in a similar way to an armed attack against allies and will make  a military response against the perpetrators. 

US President Joe Biden Russian and President Vladimir Putin have recently agreed to develop a cyber security arrangement between the two countries after discussing the issue of ransomware at their summit in Geneva. Biden told President Putin that certain critical infrastructure should be "off-limits" to cyber attacks.

Biden says he and Putin will begin discussion with the aim to "to begin to bring some order" after a number of recent high-profile attacks by criminal gangs on a number of US companies. These talks will be complicated as they don’t agree as to who was to blame for the growing problem of ransomware.  Alliance members agreed a new cyber security strategy in response, and will for the first time help each other out in the case of “cyber-attacks of significance”, mirroring NATO's obligation of collective defence in the traditional military sphere, expressed in article 5.

Now in a statement issued by the Heads of State and of 30 NATO Governments who attended the meeting of the North Atlantic Council in June, the military alliance revealed it has endorsed a Comprehensive Cyber Defence Policy, in which a decision will be taken to invoke Article 5 “on a case-by-case basis” following a cyber attack.  

NATO leaders also said China presents a cyber security risk has asserted NATO needs to respond to Beijing’s growing power. Jens Stoltenberg says that China was “not an adversary”, saying instead NATO's strategy was to address “the challenges” posed by Beijing, which will “soon be the biggest economy in the world” and “already has the second-largest defence budget, the biggest navy”.

Under Article 5 of the NATO treaty, first signed in 1949, when any NATO ally is the victim of an armed attack, it will be considered an attack on all alliance members, who will theoretically take any actions necessary to defend that ally. “We are increasingly confronted by cyber, hybrid, and other asymmetric threats, including disinformation campaigns, and by the malicious use of ever-more sophisticated emerging and disruptive technologies.  Rapid advances in the space domain are affecting our security... The proliferation of weapons of mass destruction and the erosion of the arms control architecture also undermine our collective security.  Climate change is a threat multiplier that impacts Alliance security."  

The announcement has come amid rising cyber threats to the alliance, which NATO said are “complex, destructive, coercive, and becoming ever more frequent.”  It said that recent ransomware and other types of cyber-attacks “targeting our critical infrastructure and democratic institutions, which might have systemic effects and cause significant harm.” Recent cyber attacks include the ransomware attack on Colonial Pipeline, which forced the US largest fuel pipeline offline and was apparently done by Russian state backed cyber hackers.

“Reaffirming NATO’s defensive mandate, the Alliance is determined to employ the full range of capabilities at all times to actively deter, defend against, and counter the full spectrum of cyber threats, including those conducted as part of hybrid campaigns, in accordance with international law,” the statement reads.

NATO's Comprehensive Cyber Defence Policy is designed to support NATO’s three core tasks and overall deterrence and defence posture, and enhance resilience.  As an example of more frequent intrusions in other nations’ affairs, Stoltenberg  noted Russia’s meddling in domestic elections and cyber attacks on its neighbors and aggressive military behavior in Ukraine He also made specific reference to Russia-based malware attacks through SolarWinds and on the German government

NATO:    BBC:     USNI:   ReutersOodaloop:     Guardian:     Infosecurity Magazine:    BBC:    

You Might Also Read: 

Results: NATO’s 2021 Cyber War Game:

 

« SANS and AWS Marketplace webinar: Shifting your network security architecture to the cloud
A Quick Guide To Business Cyber Security »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Seagate Technology

Seagate Technology

Seagate data storage systems are purpose-built for enterprise and data centre performance, scalability, reliability and security.

Optimal IdM

Optimal IdM

Optimal IdM is a leading global provider of identity management solutions and services.

Innovative Solutions (IS)

Innovative Solutions (IS)

Innovative Solutions is a specialized professional services company delivering Information Security products and solutions for Saudi Arabia and the Gulf region.

Cancom

Cancom

CANCOM group is one of the leading providers of IT infrastructure and IT services in Germany and Austria. Solution areas include network security.

DNX Ventures

DNX Ventures

Based in Silicon Valley and Tokyo, DNX Ventures is an early stage VC for B2B startups in sectors including Cybersecurity.

White Cloud Security

White Cloud Security

White Cloud is a cloud-based Application Trust-Listing security service that prevents unauthorized programs from running on your computers.

Etonwood

Etonwood

Etonwood specialises in infrastructure and vendor technology recruitment in areas including cloud platforms, cyber security and service management.

Consistec Engineering & Consulting

Consistec Engineering & Consulting

Consistec Engineering & Consulting GmbH is an information technology and services company offering solutions for monitoring the security of IT and OT infrastructure.

CYMOTIVE Technologies

CYMOTIVE Technologies

Combining Israeli cyber innovation with a century of German automotive engineering. CYMOTIVE operates under the assumption that connectivity is a game changer for the automotive industry.

Cyber Security Services

Cyber Security Services

Cyber Security Services is a cyber security consulting firm and security operations center (SOC).

NetWitness

NetWitness

NetWitness empowers security teams to rapidly detect today’s targeted and sophisticated attacks with unparalleled visibility.

Profian

Profian

Profian’s hardware-based solutions maintain your data's confidentiality and integrity in use, providing true confidential computing to meet regulatory and audit requirements.

Strike Security

Strike Security

Strike Security offers a continuous penetration testing platform that combines automation with ethical hackers.

Space Hellas

Space Hellas

Space Hellas is a dynamic, established System Integrator and Value Added Solutions Provider, holding a leading position in the high technology arena.

DEKRA

DEKRA

DEKRA’s promise is to ensure the safety of human interaction with technology and the environment.

CyberEPQ

CyberEPQ

CyberEPQ (Cyber Extended Project Qualification) is the UK’s first and only Extended Project Qualification in Cyber Security.