On February 17, 2010, NATO released analysis and recommendations of a group of experts on a new security strategy for NATO. You can download the entire report here. Although cyber war is only one aspect of cyber security and not the main focus of our course, it is useful to recognize the emphasis placed on it by these eperts and their recommendations.
From page 17:
The most probable threats to Allies in the coming decade are unconventional. Three in particular stand out: 1) an attack by ballistic missile (whether or not nuclear-armed); 2) strikes by international terrorist groups; and 3) cyber assaults of varying degrees of severity.
From page 45:
Cyber defence capabilities. The next significant attack on the Alliance may well come down a fibre optic cable. Already, cyber attacks against NATO systems occur frequently, but most often below the threshold of political concern. However, the risk of a large-scale attack on NATO’s command and control systems or energy grids could readily warrant consultations under Article 4 and could possibly lead to collective defence measures under Article 5. Effective cyber defence requires the means to prevent, detect, respond to, and recover from attacks. NATO has taken steps to develop these capabilities through creation of a Cyber Defence Management Authority, a Cooperative Cyber Defence Centre of Excellence, and a Computer Incident Response Capability. Nonetheless, there persist serious gaps in NATO’s cyber defence capabilities. The Strategic Concept should place a high priority on addressing these vulnerabilities, which are both unacceptable and increasingly dangerous.
Recommendation:
1. NATO should recognize that cyber attacks are a growing threat to the security of the Alliance and its members. Accordingly:• A major effort should be undertaken to increase the monitoring of NATO’s critical network and to assess and furnish remedies to any vulnerabilities that are identified.
• The Centre of Excellence should do more, through training, to help members improve their cyber defence programmes.
• Allies should expand early warning capabilities in the form of a NATO-wide network of monitoring nodes and sensors.
• The Alliance should be prepared to send an expert team to any member experiencing or threatened by a major cyber attack.
• Over time, NATO should plan to mount a fully adequate array of cyber defence capabilities, including passive and active elements. (emphasis added)
Leave a Reply