WASHINGTON, Dec. 1, 2010 — NATO is working to have the right balance between ensuring intelligence gets to those who need it most and the need to protect that information, the alliance’s supreme allied commander for Europe said this week.
In a Nov. 29 interview, Navy Adm. James G. Stavridis said cybersecurity is a priority within the alliance, and member nations are taking steps to both improve distribution of intelligence and protect its networks.
Cyber attacks have occurred, and the threat is growing. The attacks are often tough to attribute, can cause immense damage and can be launched by nations, terrorists, criminal gangs or individuals. NATO has to find the balance between “share to win” and “need to know,” Stavridis said.
“Life is not an on or off switch,” he said. “In other words, we can’t just open everything up or shut everything down –- although that is the tendency in moments of crisis.” The WikiLeaks releases are that type of crisis, he added, and it is tough to know where to set the dial.
“As a result of WikiLeaks, we will move that dial back a bit, more to the ‘protect’ side, but I think it is very important that we don’t overreact to it and simply shut down into international enclaves and cut off sharing,” he said. “It would be massively counterproductive.”
NATO needs to put in place technical means to protect information and networks, the admiral said.
“We’ve got to use all the technical means at our disposal to protect ourselves from something like WikiLeaks or any other attempt to intrude, manipulate, move data or reveal classified secrets,” Stavridis said. “There’s a policy side to it, which is deciding where the dial goes, and there’s a technical side to it, and we’re very working very hard to put those in place.”
The admiral said he believes a cyber attack could trigger a response in accordance with Article 5 of the NATO Charter, which states that an attack on any alliance member is an attack on all alliance members.
Cyber attacks can run the gamut from low-level observation to denial-of-service attacks, and from espionage and intrusion to actual kinetic effects, Stavridis said.
“When you come into my networks and are manipulating my air traffic control data, and you are causing airplanes to be unable to land and they crash and people die,” he added, “that’s an attack.”
But for the most part, the admiral said, cyber attacks on alliance nations would be handled as something less — probably under Article 4, which states that alliance nations will consult together whenever any of them believes its territorial integrity, political independence or security is threatened.
These are questions NATO is focusing on at the Center for Excellence for Cybersecurity in Tallinn, Estonia, an apt location, because Estonia was the victim of a cyber attack in 2006.
“The alliance has to define this [threat of cyber attack] and understand the policy questions raised by this,” Stavridis said.
When diplomats negotiated the NATO pact in the late 1940s, they never envisioned a cyber world, the admiral noted. “That’s what we will do now that we have the focus that’s afforded by the strategic concept,” he said.
Although NATO is not yet looking to establish a counterpart to U.S. Cyber Command, that will be one of the questions officials ask as the process moves forward, Stavridis said.
“I could envision within the NATO alliance an operational command that focuses on cyber,” he said. “At the moment, that work is imbedded in several of the NATO agencies. But I think we are seeing this as an operational task, so I will be advocating putting more of this on the operational side.”
U.S. Department of Defense
Office of the Assistant Secretary of Defense (Public Affairs)