NATO Ponders Using Article Five for Cyber Attacks.

• Author: Luckenbaugh, Josh

The North Atlantic Treaty Organization in July announced its endorsement of a "new concept" for cyber defense to counter a rise in threats to member nations and the alliance as a whole.

Threat actors are increasingly seeking "to destabilize the alliance by employing malicious cyber activities and campaigns," according to a NATO communique issued during the organization's recent summit in Vilnius, Lithuania. "We are countering the substantial, continuous and increasing cyber threats, including to our democratic systems and our critical infrastructure, as well as where they are part of hybrid campaigns," the release said.

In response to these threats, the new security measures will "enhance the contribution of cyber defence to our overall deterrence and defence posture," the release said. The concept "will further integrate NATO's three cyber defence levels--political, military and technical--ensuring civil-military cooperation at all times through peacetime, crisis and conflict, as well as engagement with the private sector, as appropriate."

Marta Kepe, a senior defense analyst at the RAND Corp., said the concept represents the next step in NATO's gradual buildup of its cybersecurity capabilities since the organization recognized cyberspace as a domain of operations in 2016.

NATO is seeking to give itself and "its member states more tools or instruments that they can use in case they are needed" to deter or defend and mitigate against cyber attacks, Kepe said in an interview.

While the concept itself is classified, it is clear "NATO is trying to find a way how it could shape the cyber environment better," similar to how it tries to shape other operational environments like the land or air domains, she said.

"NATO is moving towards having a bigger role, doing more in terms of building resilience [through] peacetime activities, but also building response capabilities," she said. "So, response, mitigation, helping member states that have been affected by cyber attacks to recover."

Kepe said much of the activity for building resilience has fallen under NATO's 2016 Cyber Defence Pledge. The communique from Vilnius said the organization is enhancing the pledge, along with committing "to ambitious new national goals to further strengthen our national cyber defences as a matter of priority, including critical infrastructures."

To counter active threats, NATO has introduced its Virtual Cyber Incident Support Capability to boost "national mitigation...