NATO chief warns serious cyber strike on any NATO nation could trigger Article 5 response from the alliance
The Secretary General of NATO, Jens Stoltenberg, has issued a stark warning to hostile nation states currently conducting cyber warfare campaigns around the world.
In a media interview Stoltenberg warned that a serious cyberattack on a NATO member would be sufficient to trigger the alliance’s collective defence commitment.
Known as Article 5, the commitment means that where an attack occurs against one ally, it will be treated as an attack against all.
NATO Article 5
Stoltenberg issued the warning in Prospect magazine, when he wrote “for Nato, a serious cyberattack could trigger Article 5 of our founding treaty.”
“…We have designated cyberspace a domain in which NATO will operate and defend itself as effectively as it does in the air, on land, and at sea,” Stoltenberg wrote.
“Cyber threats to the security of our alliance are becoming more frequent, more complex and more destructive,” he wrote. “We register suspicious activity against our systems every day.”
“Cyberspace is the new battleground and making NATO cyber-ready – well-resourced, well-trained, and well-equipped – is a top priority as we look towards the NATO summit in London in December and beyond,” he concluded.
It is worth noting that Article 5 has only ever been triggered only once, after the 11th September attacks in 2001 in New York and the Pentagon.
And one security expert said it was surprising that NATO had come out this pledge about cyberattacks.
“This is not especially surprising, given that the understanding and definition of warfare continues to expand to include cyber attacks on other nations as the norm,” said Malcolm Taylor, director of cyber advisory at ITC Secure.
“Indeed, if anything at all about this is a surprise, it is that it has taken so long; I think cyber professionals have assumed this was the case for a while,” said Taylor. “It will be interesting to see what is meant by ‘defend’; against on-going attacks or through closer multinational defences in a prophylactic sense? The latter would potentially be extremely powerful, although there are a number of reasons why it is also extremely difficult.”
“When people wonder (aloud and not) what might change to shift the balance between attackers and victims, the answer might lie in better international co-operation,” said Taylor. “If we began to see that, then we could begin to see a powerful change for the better.”
Western tensions has risen in recent years, after cyberattacks stemming from Russia and China for example.
In 2018 tensions over Russia’s cyber warfare activities ratcheted up after the British government officially accused Russia of being behind the NotPetya ransomware outbreak in 2017.
That ransomware attack originated in the Ukraine in June 2017, and it targetted mostly Ukrainian government networks and financial and energy assets in that country.
Ukraine has been in conflict with Russian-backed separatists since Russia illegally annexed Crimea in 2014.
Previous Defence Secretary Sir Michael Fallon issued a stark warning about the scale of Russian cyber attacks in 2017.
In 2011 the United States warned it reserved the right to hit back with military operations after a cyber attack.
And this happened earlier this year when Israel carried out a military airstrike in response to an attempted cyber attack launched by terrorist group Hamas in May.
Last year President Donald Trump reportedly relaxed the complex guidelines that have to be followed if the United States were to launch a cyber attack against a rogue nation.
The UK has also been beefing up its cyber operations.
Indeed, the UK has more than doubled the number of offensive cyber-capabilities in recent years, as GCHQ ramped up its ability to hit back at those launching cyber-attacks against this country.
In April 2018 the UK made a rare public admission that it had carried out a cyber offensive against the Islamic State terrorist group.
Read our interview with Troy Hunt, Microsoft Regional Director and MVP, and the creator of the Have I Been Pwned? about about the changing nature of gadget hacks, industrial cyberattacks, Huawei, and the implications of data gathering on an unprecedented scale by the tech giants…