NATO Works to Set Right Cyber Balance

WASHINGTON, Dec. 1, 2010 — NATO is work­ing to have the right bal­ance between ensur­ing intel­li­gence gets to those who need it most and the need to pro­tect that infor­ma­tion, the alliance’s supreme allied com­man­der for Europe said this week.
In a Nov. 29 inter­view, Navy Adm. James G. Stavridis said cyber­se­cu­ri­ty is a pri­or­i­ty with­in the alliance, and mem­ber nations are tak­ing steps to both improve dis­tri­b­u­tion of intel­li­gence and pro­tect its net­works.

Cyber attacks have occurred, and the threat is grow­ing. The attacks are often tough to attribute, can cause immense dam­age and can be launched by nations, ter­ror­ists, crim­i­nal gangs or indi­vid­u­als. NATO has to find the bal­ance between “share to win” and “need to know,” Stavridis said.

“Life is not an on or off switch,” he said. “In oth­er words, we can’t just open every­thing up or shut every­thing down –- although that is the ten­den­cy in moments of cri­sis.” The Wik­iLeaks releas­es are that type of cri­sis, he added, and it is tough to know where to set the dial.

“As a result of Wik­iLeaks, we will move that dial back a bit, more to the ‘pro­tect’ side, but I think it is very impor­tant that we don’t over­re­act to it and sim­ply shut down into inter­na­tion­al enclaves and cut off shar­ing,” he said. “It would be mas­sive­ly coun­ter­pro­duc­tive.”

NATO needs to put in place tech­ni­cal means to pro­tect infor­ma­tion and net­works, the admi­ral said.

“We’ve got to use all the tech­ni­cal means at our dis­pos­al to pro­tect our­selves from some­thing like Wik­iLeaks or any oth­er attempt to intrude, manip­u­late, move data or reveal clas­si­fied secrets,” Stavridis said. “There’s a pol­i­cy side to it, which is decid­ing where the dial goes, and there’s a tech­ni­cal side to it, and we’re very work­ing very hard to put those in place.”

The admi­ral said he believes a cyber attack could trig­ger a response in accor­dance with Arti­cle 5 of the NATO Char­ter, which states that an attack on any alliance mem­ber is an attack on all alliance mem­bers.

Cyber attacks can run the gamut from low-lev­el obser­va­tion to denial-of-ser­vice attacks, and from espi­onage and intru­sion to actu­al kinet­ic effects, Stavridis said.

“When you come into my net­works and are manip­u­lat­ing my air traf­fic con­trol data, and you are caus­ing air­planes to be unable to land and they crash and peo­ple die,” he added, “that’s an attack.”

But for the most part, the admi­ral said, cyber attacks on alliance nations would be han­dled as some­thing less — prob­a­bly under Arti­cle 4, which states that alliance nations will con­sult togeth­er when­ev­er any of them believes its ter­ri­to­r­i­al integri­ty, polit­i­cal inde­pen­dence or secu­ri­ty is threat­ened.

These are ques­tions NATO is focus­ing on at the Cen­ter for Excel­lence for Cyber­se­cu­ri­ty in Tallinn, Esto­nia, an apt loca­tion, because Esto­nia was the vic­tim of a cyber attack in 2006.

“The alliance has to define this [threat of cyber attack] and under­stand the pol­i­cy ques­tions raised by this,” Stavridis said.

When diplo­mats nego­ti­at­ed the NATO pact in the late 1940s, they nev­er envi­sioned a cyber world, the admi­ral not­ed. “That’s what we will do now that we have the focus that’s afford­ed by the strate­gic con­cept,” he said.

Although NATO is not yet look­ing to estab­lish a coun­ter­part to U.S. Cyber Com­mand, that will be one of the ques­tions offi­cials ask as the process moves for­ward, Stavridis said.

“I could envi­sion with­in the NATO alliance an oper­a­tional com­mand that focus­es on cyber,” he said. “At the moment, that work is imbed­ded in sev­er­al of the NATO agen­cies. But I think we are see­ing this as an oper­a­tional task, so I will be advo­cat­ing putting more of this on the oper­a­tional side.”

U.S. Depart­ment of Defense
Office of the Assis­tant Sec­re­tary of Defense (Pub­lic Affairs)

More news and arti­cles can be found on Face­book and Twit­ter.

Fol­low on Face­book and/or on Twit­ter