Squad of soldiers in the desert during military operation showing cyber attacks can trigger military response

NATO Warns That Cyber Attacks on Member States Could Trigger a Coordinated Military Response

NATO could respond to cyber attacks on its member states in similar ways to an armed attack. The alliance’s Secretary General Jens Stoltenberg said the military coalition viewed cyber-attacks on its members as armed land, sea, or air assault, which demanded a collective military response.

Earlier, the alliance had indicated that it considered the cyber front as a legitimate military domain.

Cyber attacks could trigger Article 5 that calls for a coordinated military response

NATO ratified a Comprehensive Cyber Defense Policy, which could invoke Article 5 after a cyber attack perpetrated by rival entities against a NATO ally.

The article, which was ratified in 1949, perceives an attack on a member country as aggression against all alliance members and calls for a collective military response.

Appearing at the Atlantic Council’s headquarters in Washington ahead of NATO’s summit in Brussels, Stoltenberg said NATO did not distinguish between cyber intrusions and other forms of attacks. He noted that cyber aggression could trigger a military response through “other means.”

“In a way, it doesn’t matter whether it’s a kinetic attack or a cyberattack, we will assess as allies whether it meets the thresholds for triggering Article 5. It sends a message that we regard cyberattacks as seriously as any other attack.”

Stoltenberg also told the BBC that cyber-attacks “can be as damaging and as dangerous” as armed attacks and could trigger a military response by air, sea, or land.

Citing the recent ransomware attack on Colonial Pipeline in the United States and the SolarWinds supply chain attack, Stoltenberg said cyber attacks targeting members’ “critical infrastructure and democratic institutions” had become complex, destructive, coercive, and more frequent. Both attacks were attributed to Russian state-sponsored threat actors.

NATO secretary-general also acknowledged Russia’s meddling in domestic elections, military aggression against Ukraine, cyber attacks on its neighbors and the German parliament. Stoltenberg noted that it was important to call out bad behavior when they see it.

“Reaffirming NATO’s defensive mandate, the Alliance is determined to employ the full range of capabilities at all times to actively deter, defend against, and counter the full spectrum of cyber-threats, including those conducted as part of hybrid campaigns, in accordance with international law,” a communique shared among members said.

Stoltenberg noted that current NATO’s military response and exercises include cyber warfare scenarios. He added that the alliance had established a cyber domain center in Estonia to monitor and coordinate response.

Specific mention of Russia and China

Stoltenberg pointed out that NATO’s response towards Russian state-sponsored cyber attacks would be “strong and firm.” He, however, noted that the alliance was open to negotiations over arms control and reducing tensions in Europe.

NATO’s secretary-general also added that the treaty organization provided political and practical support to support Ukraine’s military response against Russian-backed separatist rebels. The alliance had also deployed a naval fleet in the Baltic and Black Seas to deter Kremlin’s incursion into Eastern European member countries.

NATO’s memo also warned of China’s assertive behavior which usually involved cyber attacks and disinformation campaigns.

Commenting on a potential military response to cyber attacks, Elena Elkina, Partner at Aleada, said that the time for appeasement was over.

“We live in a world where cyber defense is imperative for companies and countries. In the light of the frequency, complexity, and destructive power of the most recent attacks, the only surprise is that it took NATO up to this point to make public this decision and take assertive action.”

Doug Britton, CEO at Haystack Solutions, says the communique changed the game on cyber attack incident response.

“This communique makes clear that the US and her allies must change the urgency and economics around finding the undiscovered cyber geniuses whose innate aptitudes make them among the potential best and brightest, and then train them at a new pace and price point, and getting them into the fight as soon as possible.

“This is a clarion call for the best talent on defense, repelling attackers at the cyber borders, and on offense, deploying cyber weapons against adversaries,” he said.

Sophisticated #cyberattacks on NATO members countries could trigger Article 5 demanding a coordinated military response, secretary-general Jens Stoltenberg said. #cybersecurity #respectdataClick to Tweet

Garret Grajek, CEO at YouAttest, says NATO’s response was a logical reaction to cyber attacks whose effects are indiscriminate. “Most experts agreed that because of the open nature of the democratic networks, to be effective against these attacks the West must apply pressure [to] the points of origin of such attacks. NATO’s message is just that. It’s a strong sign to the nations that either harbor or turn a blind eye to attackers on its soil that these malware campaigns will be taken very seriously.”