With the inevitable threat of NATO’s assertive posture in Eastern Europe, it cannot afford to take time to beef up its cyber defences.
At the Wales NATO Summit in 2014, leaders tackled several challenges ranging from Iraq to Ukraine to Afghanistan. However, the meeting did not get the opportunity to address how to deal with a cyber-attack that could be the result of a new defence posture. Cyber defence capabilities are vital for an organization like NATO to carry out its mission. This will be especially crucial with the introduction of the Readiness Action Plan (RAP), reinforcing the defensive posture of NATO in Eastern Europe, including the relocating of forces, equipment, as well as command-and-control elements for its easternmost allies.
RAP is also part of deterrence measures introduced in response to Russian aggression against Ukraine. Protecting member nations means having their troops, communications and command and control structures protected against cyber threats.
Most geopolitical conflicts and tensions that impacted NATO in the past two decades had a cyber element, and its members are prone to attacks of increasing sophistication and frequency. It began with military operations in Yugoslavia in 1999 and continued till March 2014, when hackers brought down several NATO websites for a short while in an attack linked to the rising crisis in Crimea.
The past attacks were not so crippling– mainly consisting of denial-of-service attacks and defacements of webpages. They did not influence the command-and-control structures of the alliance. However, cyber threats have become much more sophisticated since 1999. The rapid acceleration of attacks, as well as the sophistication of malicious actors, dictates the need for change.
Importance Of Cybersecurity
Once these organizations have the capabilities or will to surmount a severe attack, the capability of NATO to carry out a strategic and operational objective could be inhibited. Some of the worst-case scenarios of the failure of implementing cybersecurity to member nations are
• Intrusion into the networks of the organizations
• Loss of sensitive information on NATO’s plans
• Force posture
• Malfunctioning of equipment
In response to past incidents and threats, and as a sign of a maturing alliance, NATO leaders have recently endorsed the Enhanced Cyber Defence Policy. It will take years for the coalition to realize the potential of this policy thoroughly. Even then, because of the threat coming with the change of the alliance’s posture in Eastern Europe, NATO simply cannot afford to take its time on such matters.
NATO has a definitive history of the development of capabilities needed to counter new threats. For instance, the development of the NATO Computer Incident Response Capability (NCIRC), which is an essential cyber defence capability providing centralized monitoring and protection of NATO static and deployed agencies, HQs and national networks, took over three years and about sixty million Euros to deploy.