The BBC has reported that Nato Secretary General Jens Stoltenberg says all 29 member countries would respond to a serious cyber-attack on one of them. Writing in Prospect Magazine, he said such an incident would trigger a “collective defence commitment”, known as Article 5 of its founding treaty. Article 5 has not been triggered since the 9/11 terror attacks on the US in 2001.
Cyber-security is a constant battle between attackers and defenders. In this battle, the attackers often define the rules of engagement and defenders are then placed in a position where they must seek to understand the core target which interests the attacker in the moment. Because this dynamic plays out in a digital world often without physical manifestations common in traditional military battles, and what constitutes ‘interesting’ will shift over time, it becomes challenging to define the lines between nation-state, state sponsored and ideology based attacks.
This makes cyber intelligence gathering, information sharing and training an imperative for NATO and its allies as attackers are free to target aspects of modern life which are critical and might have weak local cyber defenses. Examples of successful efforts on this front include programs such as EPCIP in the EU and efforts of the CISA within the US to help operators of critical infrastructure identify areas where cybersecurity risks exist and provide frameworks and training to mitigate those risks.