White House National Security Adviser Jake Sullivan has warned that a Russian cyberattack on a NATO ally could trigger a collective response.
“We could see circumstances in which a collective response by the alliance to a cyberattack would be called by an ally,” said Sullivan. “That is absolutely something where we and other countries could bring capabilities to help a country defend itself and respond.”
Sullivan made the warning a day after President Biden said that “evolving intelligence” suggests Russia is “exploring” revenge cyberattacks for the sanctions imposed on the country following its invasion of Ukraine.
NATO was formed in 1949 to provide collective security against the former Soviet Union. As a defensive alliance, it only gets involved when there’s an imminent threat to a member’s security.
At the foundation of NATO is ‘Article 5’, which mandates a collective response if any member is attacked. It’s only ever been triggered once, following 9/11.
While it’s quite established what constitutes a military attack; it’s all a lot more ambiguous when it comes to cyberwarfare, despite the increasingly devastating potential. However, leaders are clear that NATO sees it as an issue and is prepared for such modern threats.
“Cybersecurity is an alliance issue, it is an issue where collectively NATO is prepared to pull together to enhance resilience, enhance defences, and if necessary to use the appropriate tools to respond,” said Sullivan.
The first issue when it comes to cyberwarfare is being certain of any state being the source of an attack. It’s a scary thought, but it’s quite plausible that one rogue individual could trigger a major conflict.
The next problem is what’s deemed “acceptable”. Much like catching spies doesn’t usually trigger armed conflicts, it’s likely that hacking systems to gather intelligence wouldn’t trigger a military response. However, actions like messing with transport infrastructure or shutting down power grids are up for debate with the potential for injuries and/or loss of life.
“If you take an example of the Russians accidentally, or on purpose, knocking out public services or power for a NATO-aligned country … if you consider the fact that cyber warfare can have detrimental effects – quite real tangible effects – then there’s no reason why it couldn’t escalate into a military response,” explained Andrew Egoroff, Senior Cybersecurity Specialist at ProcessUnity, in a recent interview.
Ukraine isn’t a NATO member and so the alliance hasn’t put boots on the ground in the conflict with Russia. Of course, there are concerns about spillover with several NATO members bordering Ukraine.
NATO members have independently backed Ukraine and supplied the country with equipment to defend itself. That support could make them prime targets for cyberattacks.
Many security analysts predicted that a conflict with a powerful cyber actor like Russia would see it launch a major cyber offensive within hours, let alone weeks. In Ukraine, which has often found itself as somewhat of a testbed for Russian hackers, there’s not really been the kind of large-scale cyberattacks that many expected.
One potential explanation for the lack of such a major cyber offensive in Ukraine is the risk of spillover to a neighbouring NATO member resulting in a collective response, as warned by Sullivan today.
Such a spillover occurred in 2017 when the NotPetya attack – which initially targeted Ukrainian government and financial entities – ended up affecting computer systems across the globe and costing billions of dollars in damages. With current global tensions, it would likely have been taken a lot more seriously today.
While many are concerned about the unpredictable mental state of Russian President Vladimir Putin – who has gone from calm and calculating, to fist-shaking and making bizarre angry rants about “de-Nazifying” a country with a Jewish leader – the world is hoping that all potential for conflict between Russia and NATO is avoided.
Preventing a conflict between nations and alliances no longer means just avoiding military clashes, but cyber too.
Related: ‘Protestware’ emerges amid Russia-Ukraine crisis
Want to learn more about cybersecurity from industry leaders? Check out Cyber Security & Cloud Expo. The next events in the series will be held in Santa Clara on 11-12 May 2022, Amsterdam on 20-21 September 2022, and London on 1-2 December 2022.
Explore other upcoming enterprise technology events and webinars powered by TechForge here.