NATO member states issued a statement following a meeting in Brussels earlier this month which affirmed that significant cyberattacks could warrant the triggering of Article 5. Article 5 stipulates the terms of the alliance’s dedication to common defense and maintains that an attack on one member state is an attack on all member states.
“We reaffirm that a decision as to when a cyber attack would lead to the invocation of Article 5 would be taken by the North Atlantic Council on a case-by-case basis,” the communique read.
The document amends Article 5 to include incidents that occur both in cyber space and outer space, effectively allowing the alliance to treat attacks on cyber or space infrastructure as any other attack, and to respond with force.
NATO Secretary General Jens Stoltenberg spoke of the move at a meeting of the Atlantic Council
“In a way it doesn’t matter whether it’s a kinetic attack or a cyberattack, we will assess as allies whether it meets the thresholds for triggering Article 5,” Stoltenberg said, according to the Atlantic Council. “It sends a message that we regard cyberattacks as seriously as any other attack.”
Importantly, NATO member nations can agree to respond to cyberattacks through cyberattacks of their own or through other means, including military strikes.
Stoltenberg told the BBC that a cyberattacks “can be as damaging and as dangerous” as armed attacks and ought to be considered “as serious as any other attack on a NATO ally.”
U.S. national security adviser Jake Sullivan expressed a similar sentiment, warning potential bad actors that cyberattacks on any NATO ally could now result in a military response.
“We will have their backs just as they’ve had our backs,” Sullivan said, according to Voice of America.
Chief of Cyber Command, Gen. Paul Nakasone, spoke to the importance of expanding the nation’s ability to deter and respond to cyberattacks that did not reach the threshold of outright war.
“We have to have that balance of not only, what we are going to support our fellow combatant commands if conflict was to break out, but also if our adversaries are operating below the level of armed conflict every single day, what type of force do we need to be able to ensure that we can counteract that,” Nakasone said, according to Politico.
Relatedly, NATO will focus more effort on cultivating relationships with private talent to help bolster its cyber capabilities.
Sarah Brown, a senior scientist with the NATO Communication and Information Agency, spoke to the need for fostering a better relationship between the private and public sphere as militaries across the world struggle to keep up with technological advances and new threats.
“We want to be seen as a professional service provider, a center of technical excellence, with open communication, and reporting,” Brown said, According to C4ISR.net. “From an organizational perspective, that means we need to have clear roles and responsibilities across the different cybersecurity areas, and also a highly skilled workforce, from the staff level all the way to the executive level, in order to deliver on our level of ambition.”
There is not yet confirmation as to what extent, if any, NATO member states will seek to share technology and resources to achieve an enhanced cyber posture.