NATO’s Defensive Cyber War Games

This post is also available in: עברית (Hebrew)

Threats from terrorist organisations and belligerent states are numerous. They range from terrorist attacks, like we have seen in Paris, through offensive operations similar to those in Crimea and eastern Ukraine, to attacks in the cyber realm that could cripple infrastructure, disrupt commerce, and bring whole countries to their knees. NATO is now conducting tests to assess its strength in the most modern of combat arenas – cyberspace.

In Tartu, Estonia, NATO officials engaged in war games to test the Alliance’s preparedness and ability to defend against cyber attacks by terrorists and rogue states. During the week-long exercise several vectors of attack were probed, including attacks to disable military commanders’ radar screens; targeting officers’ tablets to steal sensitive information; and the injection of computer “worms” via USB stick to compromise air force monitoring equipment, similarly to the Stuxnet virus that damaged Iran’s nuclear capabilities.

“We are well aware of the threats coming,” said Lt. Col. Davide Manganaro, one of the NATO officials commanding the war games. Terrorist groups are “trying to leak information about NATO military forces. They’ve been partially successful.”

This latest exercise is the latest of moves initiated at a NATO summit in Wales in 2014. The summit reached an agreement to increase cooperation between NATO allies in the fight against cyber threats. It was also decided that cyber attacks would fall under the Alliance’s Article 5 mutual-defence clause, allowing states to call on allies for support.

Western allies are stepping up the game when it comes to cyber defence. The United Kingdom has pledged £1.9 billion ($2.9 billion) over the next five years to bolster cyber security and counter ISIS’ and other jihadi groups’ use of the internet to spread propaganda, recruit, execute cyber offensives, and plan real life attacks. The European Union has demanded that Belgium and four other countries fully implement EU regulations relating to the the fight against cyber crime.