NATO has announced that now cyber-attacks would trigger a collective response from all its members is drawing criticism from the security sphere.
NATO Respons to ‘Changing Tactics’
The news was shared by NATO secretary general Jens Stoltenberg at a meeting last week. In response to “changing tactics” in the combat sphere, Infosecurity Magazine reports, cyber threats are increasingly being compared to conventional acts of aggression.
“This is about developing our capabilities and ability to partly protect NATO cyber networks but also to help and assist nations in defending their cyber networks,” Stoltenberg said.
He added that NATO “will coordinate and organize [its] efforts to protect against cyber-attacks in a better and more efficient way.”
Until now, individual member states have been in charge of their own defense strategy against aggression coming from hackers and similar parties. This means that creating a unified response will be difficult, if not impossible, it has emerged.
“NATO cannot deploy assets to mitigate a cyber-attack,” Simon Crosby, CTO and co-founder of California-based cyber-security firm Bromium, said in response to the declaration, adding:
The idea of NATO is a collective capability for defense, which when any one member is attacked can trigger the appropriate defensive military action. In cyber, NATO has none.
The recent large-scale attacks on major corporations, such as the two hackings of the SWIFT payment network, demonstrate the alarming ease with which extant institutions can crumble at the hands of trained cyber criminals.
Use of so-called Bitcoin ransomware has also been on the increase.
Cyber-War ‘Will Not Take Place’
Within the realm of government and national security, the US has led further calls for the potential threat from cyberspace to be re-evaluated. These reactions too, however, have been considered an inappropriate response, dealing out too much force while failing to tackle the problem at hand.
“If we don’t wake up some of the nation-states where these problems reside in large measure, you are never going to fix this problem,” Senator Lindsey Graham said at a Senate meeting on cyber-security in May.
It appeared the Senator was considering treating ransomware as an act of terrorism, with the full force of the associated legal punishments being enforced against those successfully prosecuted being applied as a result.
NATO meanwhile played down the idea of a full-blown cyber conflict occurring which would necessitate the joint response.
“Nonetheless, academics such as [security studies professor] Thomas Rid are of the view that cyber war will not take place,” an accompanying article in NATO Review Magazine explains.
“Experience to date on the actual uses of cyber capabilities by states suggests such capabilities are better characterised as either espionage or sabotage, making their employment most likely below the threshold of armed attack.”
What do you think is an effective strategy for mitigating cyber-attacks and the use of ransomware? Let us know in the comments below!
Images courtesy of syndicusinc.com, cloudpro.co.uk, cybersecurityauditing.blogspot.com, nato.int