When it comes to cyberwarfare, it pays to be prepared. With online espionage and state-sponsored hacking on the rise, especially from rogue nations such as Iran and North Korea, the development of a clear strategy for how to react to a critical cyberattack has never been more important.
Yet for Nato – the North Atlantic Treaty Organisation – the problem of defence vs offence is a complex issue. While the 28-member alliance does boast a military presence, it traditionally prefers politics and peace over confrontation and conflict. As reported by The New York Times (NYT), there is an emerging realisation that its cyber-strategies are increasingly ineffective – especially against the more experienced Russian state.
The tension between Nato and Vladimir Putin's country is well documented, with the situation reaching breaking point last year after Turkish fighter planes shot down a Russian jet that reportedly entered its airspace. However, in cyberspace, hackers affiliated with the Kremlin are quickly turning to cyber as a viable method of attack – a fact that will likely worry Nato members.
The examples of Russian cyber activities are mounting. Security experts believe that its hackers were responsible for the power grid outage in Ukraine last December that left more than 200,000 without power for hours. Meanwhile, German officials recently pointed the finger toward the country for an attack on its parliament. In the most recent case, US investigators named the nation as the culprit in the hack at the Democratic National Committee (DNC).
Now, concerns have been raised about Nato's lack of expertise and experience in combating attacks of this nature. As the NYT states, the alliance has conferences and meetings yet there are "no serious military plans, apart from locking down the alliance's own networks" and "no established mechanism to draw on United States Cyber Command or its British equivalent".
Yet there is evidence this may change in the future. Indeed, on 14 June, Nato secretary general Jens Stoltenberg announced that it had decided to officially designate cybercrime as an "operational domain", essentially bringing it in line with other forms of "traditional" warfare – air, sea and land.
However, while bolstering its designation, there was still little news in the way of proactive planning. During a press conference, he told the media: "Cyber defence is part of collective defence. Most crises and conflicts today have a cyber dimension so treating cyber as an operational domain would enable us to better protect our missions and operations. All our efforts to strengthen defence and deterrence depend on the right capabilities and the right resources."
Will this be enough in a cybercrime-fuelled world that is becoming increasingly unpredictable?
In an in-depth interview with German magazine Der Spiegel, Stoltenberg talked about information sharing and said Nato will focus on "strong defence" yet there was no talk of establishing a crack cyber-unit, something that major nations have been developing for years.
He was quoted as saying: "We have also strengthened collaboration among allies, because they must first protect their own networks. We have established teams of experts that can help member states when they are attacked. And we have made a very important decision: A cyber-attack can be considered an armed attack according to Article 5 of the North Atlantic Treaty and thus trigger the collective defence clause."
He added: "We are positioning ourselves to address the challenge presented by an increasingly confident Russia."
In any case, this so-called "defence clause" remains undefined and vague. In an interview with Germany's Bild newspaper, and reported by Reuters, the secretary general elaborated slightly by saying a major cyberattack would "trigger a collective response". He said: "A severe cyberattack may be classified as a case for the alliance. Then Nato can and must react. How, that will depend on the severity of the attack."
But one Nato official, speaking to Reuters on condition of anonymity, said the alliance still has a long way to go when it comes to combating computer-based attacks. "We have no offensive cyber doctrine or offensive cyber capability. And there are no plans for Nato as a body to use such capabilities. Nato's core cyber defence task is to defend Nato's own networks," the official said.
In the broader sense, security experts agree the cyberwarfare situation is escalating. Mikko Hyppönen, researcher and public speaker with Helsinki-based firm F-Secure previously spoke to IBTimes UK about how the world is now on the cusp of a "cyber arms race".
"When you look what happened in Ukraine, when you have two countries that are at war and you have an attack on critical infrastructure that is not stealing anything, but [instead] shutting down power for 200,000 people, that's not espionage, that's not spying – in my book that's cyberwar," he said.
"We have just got out of the last arms race, which was the nuclear arms race, and now we are entering the next one and it's in the very beginning," he said. "The benefits for governments are very clear. It's cheaper, it's more effective and it's easier to target than traditional attacks. Traditional attacks are not going to go away, they are just going to be additional – just like we saw in Ukraine, it's now part of the picture."