We may not see it but, in the realm of cyberspace, our countries are under attack every single day.
A few years ago it was cyber-attacks on financial institutions that made the headlines. Today, it is attacks on critical networks and infrastructures – disrupting services and, in some cases, bringing modern life to a grinding halt. In fact, what was once a nuisance has become a strategic challenge.
Two years ago, a cyber-attack temporarily blocked access to NATO headquarters’ website. Recently, a series of cyber-attacks was launched against German state computer systems, including to gather intelligence on critical infrastructure such as power plants. And in Ukraine, cyber-attacks have been used as a weapon of so-called “hybrid” warfare.
States and non-state actors are increasingly using cyber-attacks to achieve their diplomatic and military objectives. So two years ago, NATO allies acknowledged that the impact of cyber-attacks could be as harmful to our societies as a conventional attack and made clear that cyber defense is part of the alliance’s core task of collective defense.
Cyber-attacks can also seriously undermine NATO’s missions around the world. Our forces are increasingly likely to operate in environments where adversaries use cyber-tools to disrupt our decision-making. To ensure that NATO can do its job of protecting its citizens and territory against any threats, we have to be just as effective in the cyber domain as we already are on land, in the air and at sea.
Faced with this developing threat, NATO has not sat idle. We have worked hard to bolster our own networks and to help allies strengthen their cyber-defenses. We have extended the protection we provide centrally to new networks, such as the chain of new small headquarters we have established in the east of the alliance.
We have also improved our ability to detect and analyse threats – and are doing everything we can to facilitate the exchange of information. Our Cyber Threat Assessment Cell uses information gathered both by individual allies and the alliance itself, and we share real-time information through a dedicated “Malware Information-Sharing Platform.”
NATO’s cyber Rapid Reaction Teams are up and running with highly skilled experts and cutting-edge technology to support our nations in case of a serious cyber-attack. Our investments in training and education – including NATO’s state-of-the-art annual exercise “Cyber Coalition” – help to make sure that our skills keep pace with technology. At the same time, we are deepening our cyber defence partnerships – in particular with the European Union – and intensifying our cooperation with industry and academia, especially when it comes to information-sharing and the exchange of best practices.
So, NATO has achieved a great deal in tackling cyber-attacks – but we know that we need to do more. Cyber threats do not respect borders, and no country is invulnerable. That is why at the Summit in Warsaw, allies will make a Cyber Defence Pledge – to strengthen our cyber defenses as a matter of priority. Strong and resilient cyber defenses are key if the alliance is to fulfil its core purpose. We need to ensure we are prepared for the future and that we are truly cyber-secure.
In Warsaw, we will also recognize cyberspace as an operational domain, alongside air, land and sea, as a number of allies have already done. This will improve NATO’s ability to protect and conduct operations across these domains. It will help us to manage our resources, skills and capabilities, and to ensure that cyber defense is better reflected in our military exercises, in our training and in the way we respond to crises. Ultimately, in cyberspace, like in the other domains, NATO relies on allies to provide capabilities for its missions.
For all that NATO is doing to adapt to a changing world, one thing will never change: we are a defensive alliance, whose mission is to protect NATO’s citizens and territory, and whose actions will always be proportionate and in strict accordance with international law. That, in turn, means that we strongly support efforts to foster a more transparent and secure cyberspace, through the development of voluntary norms of behavior by individual states and related confidence-building measures.
NATO is founded on the shared values of liberty, democracy, human rights and the rule of law. That is why we are determined to ensure that cyberspace remains the place for peaceful, open communication and debate that we all need it to be.
Jens Stoltenberg is the secretary general of NATO.