22 July 2018

Why cyber space matters as much to Nato as land, sea and air defence


Please use the sharing tools found via the email icon at the top of articles. Copying articles to share with others is a breach of FT.com T&Cs and Copyright Policy. Email licensing@ft.com to buy additional rights. Subscribers may share up to 10 or 20 articles per month using the gift article service. More information can be found hereJens Stoltenberg on Article 5 and why cyber defence has become core to the alliance Cyber attacks can switch off city power supplies © Max Vetrov/AFP/Getty Images Share on Twitter (opens new window) Share on Facebook (opens new window) Share on LinkedIn (opens new window) Save Save to myFT Jens Stoltenberg JULY 12, 2018 Print this page2 One night, just before Christmas in 2015, the power went out across Kiev. As apartments rapidly chilled in the sub-zero temperatures and water pipes began to freeze, Ukrainian engineers raced to turn the power back on. A year later, exactly the same thing happened again. 


The power was only off for a few hours each time, but a point had been made. Anonymous fingers had set off a weapon that, in the depths of a Ukrainian winter, could be every bit as deadly as a precision-guided missile. This is just one of many cyber attacks in recent years, including many on Nato allies. Hackers have attempted to influence elections in the US, France and Germany. In 2017, disruption caused by the NotPetya attack cost Maersk, the world’s largest shipping company, over $200m. Last year’s WannaCry ransomware attack caused disruption to dozens of NHS hospitals. These incidents have increased public awareness of cyber attacks. Nato has been working to combat them for a lot longer. For almost seven decades, we at Nato have ensured the defence of our nations. Today, that means protecting 29 countries and almost 1bn people. During the cold war, our focus was on guarding against conventional and nuclear conflict. Today, a cyber attack can be as destructive as a conventional attack, and practically every conflict has a cyber dimension. So being able to defend ourselves in cyber space is just as important as defending ourselves on land, at sea and in the air. 

In 2016, Nato leaders pledged to invest more in cyber defence. This is part of the biggest reinforcement of our collective defence since the cold war, in response to a more unpredictable security environment. Since then almost every ally has improved its cyber capabilities. In Europe, the UK is leading the way, investing £1.9bn through its National Cyber Security Strategy. Its CyberFirst Girls Competition, aimed at encouraging more young people into a career in cyber security, has had more than 12,500 participants. The UK is not alone. Nato’s cyber rapid reaction teams are on standby 24 hours a day to help any ally. National cyber capabilities are being integrated into Nato operations and we will set up a new Cyber Operations Centre as part of a revamped Nato command structure. This will allow military commanders to integrate cyber fully into our planning and operations. 

I am often asked how significant a cyber attack would need to be to trigger Article 5. My answer is: we will see We are also helping allies to pool their resources, knowledge and expertise. In Estonia, itself the victim of a large cyber attack in 2007, the Nato Centre of Excellence for Cyber Defence co-ordinates research and training in cyber defence across the alliance. It also organises large-scale cyber exercises such as Locked Shields, the world’s biggest live-fire cyber exercise, held annually, allowing participants to test their skills against world-class opponents. Nato works closely with partners, such as Ukraine and Moldova, helping them improve their national cyber defences. We work with the EU on training and research, participating in each other’s cyber exercises. We share information on cyber attacks in real time with the EU, governments and private companies, as we did during the WannaCry attack. 

Private companies are often the first line of defence against cyber attacks. That is why we launched the Nato Industry Cyber Partnership in 2014. During the WannaCry attack, the information provided by industry partners was critical for getting the most up-to-date picture of a rapidly evolving and complex situation. The cornerstone of our collective defence is Article 5 of Nato’s founding treaty. It states that an attack on one ally is an attack on all allies. Previously, only physical attacks could trigger Article 5. Now, following agreement by Nato leaders in 2014, this includes a cyber attack. Recommended Cyber warfare US spy chiefs look to UK for guidance in cyber security battle I am often asked how significant a cyber attack would need to be to trigger an Article 5 response. My answer is: we will see. 

The principles of deterrence dictate that this must remain deliberately vague or we risk inviting attacks at a level immediately below that threshold. The nature of any response must also remain undefined, but it could include diplomatic and economic sanctions, cyber responses, or even the use of conventional forces, depending on the nature and consequences of the attack. Whatever our response, Nato will continue to follow the principle of restraint and act in accordance with international law. This week, Nato leaders are meeting in Brussels. We are strengthening our defences, including our cyber defences. We are making sure that our armed forces can fulfil their missions without being paralysed by cyber attacks. We are helping our allies and partners to be more resilient through the exchange of knowledge, intelligence and training. The digital revolution has improved our lives in many ways. 

But if we are to fully enjoy the opportunities, we must also guard against the risks. Nato is taking the necessary steps to keep our nations and our people safe. The writer is secretary-general of Nato Copyright The Financial Times Limited 2018. All rights reserved. COMMENTS (2) Sign in + Follow Submit Comment Please keep comments respectful. By commenting, you agree to abide by our community guidelines and these terms and conditions. We encourage you to report inappropriate comments. Newest | Oldest | Most recommended West Tipp 7 days ago The digital success is our greatest vulnerability ; that the cables between the US and Europe are critical to financial wealth and to imagine a dire situation of a countrywide power outage, were all modern supply chains are disrupted, would mean no food and water - terrifying. 

I can't help but think, by going backwards we can forwards - ie not so reliant the digitalisation of everything, be a bit more asymetric perhaps? ReportShareRecommendReply SCBTH 7 days ago https://bravenewcoin.com/news/blockchain-developers-guardtime-to-design-next-generation-nato-cyber-range-capability/ ReportShareRecommendReply Explore the Special Report READ MORE Hackers target cloud services ABOUT THIS SPECIAL REPORT Hackers are increasingly using indirect routes to attack companies, spreading malware through IT supply chains and ecommerce platforms. New cryptocurrency investors, too, have become a target Currently reading: 

Why cyber space matters as much to Nato as land, sea and air defence Hackers target cloud services Cyber attacks bought ‘as easily as online shopping’ Cross-border investigations help take down hackers MBA courses start offering digital security skills Hackers target new cryptocurrency investors Yahoo’s $35m fine sends a message Follow the topics in this article Cyber warfare Add to myFT Nato Add to myFT Cyber Security Add to myFT Technology Add to myFT Special Reports

No comments: