NATO's Next War-in Cyberspace

http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-244355/

 

·         NATO’s Next War—in Cyberspace

The Atlantic Alliance protected its members during the age of the Berlin Wall. We must be prepared to protect them during the age of the firewall.

The Atlantic Alliance protected its members during the age of the Berlin Wall. We must be prepared to protect them during the age of the firewall.

By Anders Fogh Rasmussen

On April 23, the Dow Jones Industrial Average dropped by 150 points within seven minutes, destroying billions of dollars in value. The reason was a message on the Associated Press’s Twitter account claiming that two explosions had shaken the White House.

The tweet was quickly exposed as bogus, the result of hacking by a group identifying itself as the Syrian Electronic Army. The Dow recovered immediately. But the lesson was clear. A single tweet can cause major economic disruption.

How times have changed. During the age of the Berlin Wall, tanks and ideologies faced off across closed borders. In the age of the firewall, borders are open, ideas are free and war can be virtual—but its consequences just as devastating and real.

Europol, the European Union’s law-enforcement agency, puts the annual value of corporations’ losses from criminal cyberactivity at $1 trillion. Computer viruses can shut down key infrastructure such as nuclear power plants, international airports, or power grids. Cyberattacks are a cheap way for terrorists, activists and state-sponsored agents to do extensive damage.

As the world becomes ever-more dependent on cyberspace, both the possibility for damage and the costs of recovery are growing. Data lost in hacking attacks may never be recovered.

Amid such threats, NATO’s primary role is to protect our own internal networks. We are making progress on strengthening our cyberdefenses, both at headquarters and for our forces deployed on operations. Last year, we dealt with over 2,500 cases of abnormal cyberactivity and intrusion attempts. Despite the increasing sophistication of such incidents, we reached the end of 2012 without any major disruption to our network services.

Cyberdefense is still primarily a job for individual nations and governments. But as the threats continue to evolve, NATO should be prepared to consider an enhanced role.

As a first step, NATO could consider regular training on cyberdefense so that national experts share the same knowledge and language. That would help them share information and better work together in a crisis.

We need to build on the efforts of the NATO Cooperative Cyber Defense Center of Excellence, based in Tallinn, Estonia, which conducts research, training and regular exercises to test the rapid-response capabilities of allied cyber-units. The center was set up after Estonia, one of the world’s most connected countries, fell under cyber-siege for four days in 2007, with concerted attacks on the country’s banks, media and political institutions.

We are also setting up Rapid Reaction Teams that will help protect NATO’s own networks in the event of attacks. A possible next step could be to make such teams available on request to NATO countries. We should also consider the scope for sharing more information on defense technologies, intelligence and best practices. Common training will enhance our ability to work together. The more alike our approaches, the greater protection we will all enjoy.

We are also looking at the linkages between NATO networks and national networks to ensure that all networks meet our high standards of cybersecurity. Cyberdefense, after all, is only as effective as the weakest link in the chain. We strengthen the chain by working together.

Cyberattacks are a global challenge, and NATO can contribute to a global response. NATO’s network of partnerships includes one-third of the world’s countries. Working together, we can build a truly secure cybercommunity, one that encourages cooperation between all stakeholders—public and private, state and non-state, civilian and military.

In particular, NATO should consider working closer with the European Union where we can, to ensure that our efforts are complementary. This week NATO defense ministers will meet in Brussels to discuss cybersecurity. They will review the efforts we have made to protect our networks and will discuss the next steps, including how NATO could provide more assistance to its members to prevent, defend against and recover quickly from cyberattacks.

NATO allies have always acted on the principle that we are all safer by sticking together. We have joined forces to meet other challenges such as terrorism, piracy and proliferation. NATO protected its members during the age of the Berlin Wall. We must be prepared to protect them during the age of the firewall