Ferenț, Darius-Antoniu; Preja, Corneliu (2023), NATO’s involvement in cyber defence, Intelligence Info, 2:1, 189-193, DOI: 10.58679/II30227, https://www.intelligenceinfo.org/natos-involvement-in-cyber-defence/
Cyberspace is an operational domain for the North Atlantic Alliance, and cyber defence is part of NATO’s fundamental mission called collective defence. NATO is an intergovernmental organization that is aware of the negative impact that cyber attacks launched against the critical infrastructures of member states can have. NATO’s most important responsibility is the collective defence of allies against security threats from all sectors, including cyberspace.
Keywords: cyber defence, cyber attacks, information systems, cybersecurity threats, cyber espionage, critical infrastructure
Implicarea NATO în domeniul apărării cibernetice
Pentru Alianța Nord-Atlantică spațiul cibernetic este un domeniu operațional, iar apărarea cibernetică face parte din misiunea fundamentală a NATO intitulată apărarea colectivă. NATO este o organizație interguvernamentală care a conștientizat impactul negativ pe care îl pot avea atacurile cibernetice lansate împotriva infrastructurilor critice a statelor membre. Cea mai importantă responsabilitate a NATO este apărarea colectivă a aliaților împotriva amenințărilor de securitate provenite din toate sectoarele, inclusiv spațiul cibernetic.
Cuvinte cheie: apărare cibernetică, atacuri cibernetice, sisteme informatice, amenințări de securitate cibernetică, spionaj cibernetic, infrastructură critică
INTELLIGENCE INFO, Volumul 2, Numărul 1, Martie 2023, pp. 189-193
ISSN 2821 – 8159, ISSN – L 2821 – 8159, DOI: 10.58679/II30227
© 2023 Darius-Antoniu Ferenț, Corneliu Preja. Responsabilitatea conținutului, interpretărilor și opiniilor exprimate revine exclusiv autorilor.
NATO’s involvement in cyber defence
Doctoral Candidate Darius-Antoniu Ferenț (Babeș-Bolyai University),
PhD Corneliu Preja (Associate Professor at Babeș-Bolyai University)
In the spring of 2010, during his visit to Romania, the former Secretary General of the North Atlantic Alliance, Anders Fogh Rasmussen drew attention to the danger posed by cyber attacks: “A well-orchestrated cyber attack can turn off the lights in your house, in your city, in your country. It can shut down air traffic control. It can close banks. In short, a cyber attack can defeat a country without any soldiers having to cross its border.” (Săndulescu 2010). Cyber threats are deceptive and very dangerous for individuals, society and states because they can have an unpredictable effect with a strong impact on national security and the smooth running of a society. A technologically complex cyber attack can damage and disrupt the proper functioning of some critical infrastructures on the territory of a country.
NATO is an international political and military organization that is aware of the impact that a cyber attack, launched by hacker groups using advanced IT means, can have on member states. A document published on the official North Atlantic Alliance website states that “NATO faces an environment in which cybersecurity threats are developing exponentially, and state and non-state actors can use cyber attacks in the context of military operations. The North Atlantic Alliance must be prepared to defend its networks and operations against cyber threats and the increasingly sophisticated attacks it faces.” (NATO Cyber Defence 2016).
After the cyber attack that affected Estonia in April-May 2007, NATO officials decided to develop a Cyberspace Doctrine and an Action Strategy for the virtual environment (Toșa 2015, p.71).
In the spring of 2007, in Estonia, large-scale cyber attacks caused the shutdown of the government’s websites in Tallinn, of some major banking institutions, and affected the operation of some companies for several days. Officials in Tallinn accused the Russian Federation to be responsible for these attacks after it was discovered that some operations were initiated from IPs belonging to Russian administration servers (Mătuşa 2009). The former Prime Minister of Estonia, Andrus Ansip, mentioned that the Russian Federation and Russian organizations operating in the region are to blame for launching this cyber attack (Iorga 2015). Leaders in Moscow have denied the Russian involvement in the attack. In April-May 2007, Estonia faced a massive Distributed Denial of Service (DDoS) attack, which was directed against the critical infrastructure of this state.
During the NATO Summit in Bucharest, member state officials discussed about the cyberspace defence in the North Atlantic Alliance. According to the text of the 2008 NATO Summit Declaration, the Alliance’s cyber defence policy highlights the need for member states to protect key information systems in accordance with their specific responsibilities, while ensuring support capabilities for allied nations in the event of a cyber attack (the Romanian Ministry of Foreign Affairs 2008).
On October 28th, 2008, NATO created a Cooperative Cyber Defence Centre of Excellence for (NATO CCDCOE) in the Estonian capital, Tallinn. Leaders in Tallinn called for the foundation of a center of excellence immediately after their country’s accession to NATO in 2004. The cyber attack in the spring of 2007 decisively influenced the decision of the Allies to establish the NATO Center of Excellence in Estonia. The NATO CCDCOE published in 2013 the Tallinn Manual on the International Law Applicable to Cyber Warfare. The Tallinn Manual includes 95 rules, but it “does not represent a source of law in the formal sense” (Toșa 2015, p.72).
At the NATO Summit in Wales (2014), the Heads of State and Government adopted the Enhanced NATO Policy on Cyber Defence and the revised Action Plan. Thus, we can consider cyber defence a priority for the North Atlantic Alliance. The Wales Summit statement highlights that cyber-attacks “can reach a level that threatens national and Euro-Atlantic prosperity, security and stability. Their impact can be as damaging to modern societies as a conventional attack” (The Romanian Ministry of Foreign Affairs 2014).
For the North Atlantic Alliance, cyberspace is an operational field in which member states must defend themselves as effectively as they do in the air, on land and at sea. The decision to integrate cyberspace among the operational fields was taken during the NATO Summit in Warsaw (2016) (Romania’s Permanent Delegation to NATO 2021).
At the NATO Summit in Brussels in July 2018, it was decided to create equal capabilities at the level of each General Staff, so that states can react effectively in the event of cyber attacks. The Allies also decided to establish a Cyber Defence Operations Center. In February 2019, the NATO Information and Communications Agency (NCIA) launched the Cyber Security Collaboration Hub, a NATO information hub where member states exchange information and best practices in an encrypted virtual environment (The Romanian Ministry of Foreign Affairs).
At the NATO Summit in Madrid on June 29th, 2022, a new NATO Strategic Concept on the assessment of the current security environment was adopted. Cyber attacks launched against computer networks belonging to institutions, organizations or structures classified as critical infrastructures are among the security risks and threats identified in the 2022 Strategic Concept as well. According to the new Strategic Concept, the most important threat to the security of NATO member states is the Russian Federation, a state that shattered the peace in Europe by triggering a military conflict against Ukraine (the Romanian Ministry of Foreign Affairs 2022). According to the Strategic Concept, NATO’s greatest responsibility is to ensure the collective defence of member states against any threats (risks and threats from all sectors, including cyberspace, hence, a 360-degree approach). The increased number of cyber attacks that cause considerable damage to government institutions, businesses and companies affects the national security of NATO member states and, implicitly, the stability of the Euro-Atlantic space. Considering the provisions of the new Strategic Concept, we can say that the member states of the North Atlantic Alliance are involved in efforts to increase the security of NATO’s IT&C systems against cyber attacks.
The NATO 2022 Strategic Concept contains elements of continuity from the previous version (the NATO 2010 Strategic Concept adopted in Lisbon). Thus, the three fundamental missions of the North Atlantic Alliance are preserved: 1). deterrence and collective defence, 2). crisis prevention and management, 3). security through cooperation.
Collective defence is considered the most important mission/task of the North Atlantic Alliance and involves “the protection and defence of the territory of the member states and their populations against all dangers and threats, including those of a new type” (Manci and Preja 2014, p.264). This mission addresses new security risks and threats that may affect the stability of member states, as well as emerging challenges that may endanger regional and international stability: the proliferation of weapons of mass destruction, the proliferation of ballistic missiles, transnational illegal activities, cyber attacks launched by hacker groups specializing in cyber espionage and the impact of high-performance technologies on military operations. Cyber defence is a component of NATO’s collective defence mission.
The steps initiated by the North Atlantic Alliance in the field of cyber defence underline the constant concern for protecting this dimension of security, for deterring cyber attacks targeting NATO information systems and implementing international cooperation on cyber defence. Cyberspace is a field of operations, and ensuring the protection and resilience of military cyber infrastructures against cyberspace threats is part of NATO’s core mission (collective defence).
- Dumitru Săndulescu 2010, Rasmussen: Un atac cibernetic poate învinge o țară fără a fi nevoie de vreun soldat [A cyber attack can defeat a country without a soldier needed], article written on May 8th, 2010, available at https://www.money.ro/rasmussen-un-atac-cibernetic-poate-invinge-o-tara-fara-a-fi-nevoie-de-vreun-soldat/.
- NATO Cyber Defence 2016, available at https://www.nato.int/nato_static_fl2014/assets/pdf/pdf_2016_07/20160627_1607-factsheet-cyber-defence-eng.pdf.
- Virgil Florin Toșa 2015, Aspecte legale ale acțiunii în spațiul cybernetic [Legal aspects of action in cyberspace], in the Bulletin of the Carol I National Defense University, available at https://revista.unap.ro/index.php/revista/article/view/113/81.
- The Ministry of Foreign Affairs 2008, The Bucharest Summit Declaration, available at https://www.mae.ro/sites/default/files/file/pdf/2008_04_04_Declaratie-Summit-Nato-Buc.pdf
- The Ministry of Foreign Affairs, The issue of cybersecurity within international organizations and Romania’s involvement as their member, available at https://www.mae.ro/node/28369.
- The Ministry of Foreign Affairs 2014, the Wales Summit Declaration adopted by the Heads of State and the Government attending the North Atlantic Council meeting in Wales, available at https://www.mae.ro/node/28465.
- Ioan Manci, Corneliu Preja 2014, Introducere în studii de securitate și strategice [Introduction to security and strategic studies], CA Publishing House, Cluj-Napoca.