NATO vs. Cyber Attackers: Internal Memo Reveals 'Robust' Efforts to Counter Threats
An internal NATO memo obtained by SPIEGEL shows just how worried the alliance is about cyber threats and how it plans to confront them "head-on." It also warns members that, if their shared defenses are to be robust and secure, each one needs to bolster their national defenses.
NATO is increasing pressure on its member states to beef up their cyber defenses and to take more aggressive action against Internet cyber attackers, according to an internal memo from NATO Secretary General Anders Fogh Rasmussen obtained by SPIEGEL.
The document stresses that it is not only "vital to ensure that access to cyberspace is both reliable and secure," but also that NATO must "be prepared to anticipate, prevent and defend" against any external cyber threat -- and confront them "head-on."
"The exponentially increasing volume and sophistication of malicious cyber activity, as well as the speed at which events occur in cyberspace, underscore the need for greater emphasis on prevention rather than reaction," Rasmussen wrote. To meet this need, he added that NATO and its allies must "mount and, as necessary, develop a robust array of in-depth cyber defense capabilities to delay an attacker's advance, provide early detection through surveillance and advance warning tools, (and) contain potential damage."
The document reveals much about the alliance's view of the current threat and how it would respond. Although it admits that terrorists, criminals or "rogue hackers" could launch the attacks, it says that "states remain the most capable source for cyber attacks." Were one of the alliance's member countries to sustain a cyber attack, the document says that it the North Atlantic Council (NAC) would have to make a collective decision about how to respond.
A Long-Term Commitment
The memo goes on to list a number of planned moves for improving NATO's "capabilities to detect, assess, prevent, defend and recover in case of a cyber attack." These include developing "more sophisticated defenses" and centralizing "cyber defense governance for all NATO commands and agencies under a single authority, the Cyber Defense Management Authority." Rasmussen is scheduled to present the details of this "action plan" in June.
The paper indicates that the alliance intends to have "full operational capability" to respond to cyber threats by 2012.
In Germany, the National Cyber Security Council recently held its first meeting to coordinate the work of the newly established National Cyber Response Center.
© SPIEGEL ONLINE 2011
All Rights Reserved
Reproduction only allowed with the permission of SPIEGELnet GmbH