NATO recently conducted a meeting the chief emphasis of which was developing cyber security capabilities for its member nations. This was the first session of the two-day NATO defense ministers’ meeting that first time addressed the cyber security aspect. The present discussion would be continued during the next meeting of NATO in this regard in the month of October.
The focus of the meeting was to ensure that NATO can support and assist Allies who request assistance if they come under cyber attack. NATO Secretary General Anders Fogh Rasmussen opined that NATO’s cyber security capability should be fully operational by autumn this year. This would provide protection to all the networks owed and operated by the alliance.
The basic philosophy of NATO is that if an attack on one ally is not remedied immediately then it can affect the other members as well. The options available for NATO in this regard range from deploying NATO’s Rapid Reaction Teams to using national cyber assets.
NATO would establish rapid reaction teams to help protect NATO’s own systems. But there is disagreement about how the alliance should respond to requests for help from members that come under cyber attack. Smaller countries with limited resources are keen to take advantage of NATO’s cyber defence capabilities. But larger members disagree as they spend large sums on cyber defence at home and they are reluctant to divert money to NATO activities that will largely benefit others.
In 2007, NATO member Estonia’s Internet network came under massive attacks, prompting the alliance to set up a cyber defense center one year later in Tallin. The Pentagon has also accused China last month of using cyber espionage to modernise its military. Of course, China denied the same and in the absence of proper authorship attribution for cyber attacks, it is difficult to label China or any other country as cyber villain.
NATO is also aware of the menace of cyber warfare and global cyber espionage networks. However, in the absence of internationally acceptable cyber security and cyber law treaties, it cannot do much in these directions. Although NATO released the Tallinn Manual in this regard yet it is not applicable to international cyber warfare attacks and defence at the international level. In fact, NATO’s Tallinn Manual has started raising objections and Russia has already expressed its displeasure in this regard.
NATO has to adopt ICT policies and strategies that are not only conducive for better cyber security but also widely acceptable to its member nations. Let us wait for the next meeting of NATO to see the outcome of this proposal.