Cyberwarfare comes of age: The internet is now officially a battlefield
Secretary General Jens Stoltenberg: NATO will recognize cyberspace as an operational domain (like air, sea, land, and space).
Just like air, sea, land, and space, cyberspace is officially considered a likely battlefield by the world's biggest military alliance.
The decision by NATO earlier this month to recognize cyberspace as an "operational domain" -- an area in which conflict can occur -- comes as cyberwarfare has gone from the theoretical to the worryingly-real.
Several recent incidents have shown that hackers can cause just as much damage as more traditional military attacks. For example, part of the Ukrainian power grid was attacked by hackers, causing blackouts, while the US accused Iranians of attempting to hack into the control-system of a dam.
Announcing the change in strategy, NATO Secretary General Jens Stoltenberg said: "Cyber defense is part of collective defense. Most crises and conflicts today have a cyber dimension, so treating cyber as an operational domain would enable us to better protect our missions and operations."
Stoltenberg added: "This is about developing our capabilities and ability to partly protect NATO cyber networks but also to help and assist nations in defending their cyber networks, and since it's very hard to imagine a military conflict today without a cyber dimension, this is important -- related to almost all possible conflicts we can foresee in the future."
He said NATO will develop its defensive capabilities, and in particular, the ability to work out who is behind the attacks: "One of the challenges when we speak about cyber is that it's not always easy to tell exactly who is attacking you. So, everything related to attribution is one of the issues which are high on our agenda, and we are developing capabilities to be better able to attribute different kinds of cyber attacks." However, he had less to say about offensive capabilities -- even though the US and the UK have gone public with their own plans to build cyberweapons.
NATO's cyberwarfare strategy has evolved gradually. In 2014, it took the step of confirming that a serious electronic attack on one of the members could trigger the alliance's Article 5 collective defense clause, which opens the way for members to take action against the aggressor, including the use of armed force. To update its policies again after only two years shows how rapidly cyberwarfare is evolving.
One consequence of the announcement could be a boost in spending on cyber defense (and offense) by NATO members.
Speaking at the CyCon cyberwarfare conference in Estonia earlier this month, Martin Stropnicky, minister of defense for the Czech Republic, said that if cyberspace were confirmed as the fifth operational military domain, NATO members would have to "take the appropriate practical steps in this regard so that the declaration does not end up being an empty statement".
Stropnicky added: "In other words, we as the alliance will need to develop appropriate defense capabilities to be used to defend us in the cyber domain."
He explained this would mean increased budgets for cybersecurity and defense capabilities, and he noted that Article 3 of the North Atlantic Treaty, which underpins NATO, states that members must "maintain and develop" their individual and collective capacity to resist armed attack.
"This obligation will now become applicable to the cyber domain as well," he said.
However, despite the rhetoric, it seems NATO is still struggling to come to terms with cyberwarfare. NATO has no digital warfare capabilities of its own, apart from a small team to defend its own networks, and it instead relies on member states. While some -- most notably the UK and the US -- have been investing in cyberwarfare, other members of NATO have considered it, and cyberdefense in general, to be a low priority.
Another problem: cyberwarfare capabilities often have lots of crossover with cyberespionage programs run by intelligence agencies, which are reluctant to share information or skills with either their own military or other states.
Also speaking at the CyCon conference, Estonian President Toomas Hendrik Ilves said: "While I can't but welcome this development, the understanding that digital means can be just as effective militarily as kinetic means, or more bluntly, that some lines of code can just as effectively knock out a power plant as a missile, I nonetheless believe we are putting the cart... before the horse."
There is still little sharing of information on cyberattacks, he said: "When it comes to cyber we find ourselves rather in an intelligence agency mode, where we share as little as possible and only when necessary."
In addition, a report from NATO's own cyberwarfare think-tank has warned that the alliance is lagging behind member states when it comes to policies and capabilities.
The report published by the NATO Cooperative Cyber Defense Centre of Excellence stated NATO must understand that defending its networks is not enough to ensure collective defense of the alliance in cyberspace: "Secondly, given that NATO accepts the applicability of collective defense in cyberspace, allies should develop the full range of military capabilities to defend the alliance and its interests."
The report authors stressed NATO needs to develop strategies to allow cyber capabilities as operational military capabilities plus policies to "ensure that it has the full range of capabilities necessary to deter and defend against any threat in and through cyberspace".
Still, NATO hopes that making cyberspace a focus will be something of a deterrent to those who might consider launching such attacks against members. There has never been an attack on the scale of the Estonian attacks on any NATO member since.
However, as NATO updates its polices, cyberwarfare is changing again, evolving in a way which will force the alliance to think much more broadly about its cyber defense strategies.
Cyberwarfare is increasingly merging with hybrid warfare: the heady combination of 'troll armies' paid to post comments on social media, right through to disinformation and electronic propaganda, all with the aim of promoting a particular narrative, while confusing and dividing. That's a challenge the alliance will find even harder to deal with than the hackers.
Read more on cyberwarfare
- The government's encryption plans remain impossible to decipher
- The new art of war: How trolls, hackers and spies are rewriting the rules of conflict
- Inside the secret digital arms race: Facing the threat of a global cyberwar
- Surveillance laws need rethink, but bulk collection of web data will continue
- The undercover war on your internet secrets: How online surveillance cracked our trust in the web
- The impossible task of counting up the world's cyber armies
- Encryption: More and more companies use it, despite nasty tech headaches