Cybersecurity remains a gray area for NATO

Cybersecurity remains a gray area for NATO

This post is also available in: heעברית (Hebrew)

Illustration
Illustration

The North Atlantic Treaty Organization is expected to update its charter in September to address cybersecurity while leaving open the question of whether hacks count as an attack on its member states that could start a war.

Defense ministers of the alliance that includes the U.S. and much of Europe agreed in June on the policy, which allied leaders are expected to formally endorse next month during a summit in Wales, spokesperson for NATO told U.S. News.

“In the document we state explicitly for the first time that cyber is covered by the NATO Treaty – our collective defense clause,” NATO spokesperson said, and added “Of course, every situation or attack is unique. And we will not say in exactly which circumstances or what the threshold of the attack has to be to trigger a collective NATO response.”

iHLS Israel Homeland Security

Leaving open the definition of whether a data breach or digital sabotage counts as an “armed attack” against a member of NATO may not answer questions about how the Internet fits into national security, but it could also cool fears about whether hackers could start a war.

Including cybersecurity as part of NATO’s charter could also inspire the member states to upgrade online defenses and adapt their strategies to factor in the risk of hackers targeting critical infrastructure like electrical grids, or stealing technological secrets.

Cybersecurity is a growing part of war, so the U.S. has worked with other military powers like Russia to discuss protocols for digital war, including that hospitals and other civilian networks should not be targeted. International criticism of surveillance conducted by the National Security Agency, however, has slowed progress on this cybersecurity détente, according to James Lewis, cybersecurity researcher at the Center for Strategic and International Studies.