NATO has updated its stance on what cyberattacks mean and what response is warranted.
The North Atlantic Treaty Organization (NATO) – the 30-nation military alliance between North America and Europe – issued a new communique at this week's Brussels summit outlining how it should respond to national security threats. One of them is cyberattacks, as spotted by The Register.
The new policy stance follows high-profile attacks on US fuel distribution network Colonial Pipeline – which paid $4 million to ransomware attackers, half of which was later seized by the FBI – and US meat packer JBS, which paid $11 million to ransomware attackers.
The tech world is also still reeling from the SolarWinds hack, which compromised the West's top cybersecurity firms, and was attributed to the Russian government. And not so long ago, Russia was blamed for the massive NotPetya ransomware outbreak, while North Korea was blamed for 2017's WannaCry ransomware attack.
In the wake of such attacks, NATO has endorsed its "Comprehensive Cyber Defence Policy", which will see the alliance treat cyberattacks on a "case-by-case basis" and may consider them the same as an armed attack.
"To face this evolving challenge, we have today endorsed NATO's Comprehensive Cyber Defence Policy, which will support NATO's three core tasks and overall deterrence and defence posture, and further enhance our resilience," the communique reads.
"We reaffirm that a decision as to when a cyber attack would lead to the invocation of Article 5 would be taken by the North Atlantic Council on a case-by-case basis. Allies recognise that the impact of significant malicious cumulative cyber activities might, in certain circumstances, be considered as amounting to an armed attack." NATO first updated its policies so that a cyberattack could lead to the invocation of Article 5, the collective defence rule, back in 2014 – as revealed by ZDNet at the time.
The NATO alliance committed to "impose costs on those who harm us" if it's deemed necessary. However, the policy of Western governments currently is in reality mostly limited to naming and shaming the country launching state-sponsored hacks.
Joe Biden attended his first NATO meeting as US president and is set to meet with Russian president Vladimir Putin on Wednesday. Biden is expected to demand Russia does more to tackle cybercrime within its jurisdiction. The Colonial attack was blamed on a Russian-based ransomware-as-a-service operation.
China was also in the spotlight at the NATO summit for its cyber capabilities, disinformation campaigns and expansion of power across the globe.
"China's growing influence and international policies can present challenges that we need to address together as an alliance," the communique reads.
"We will engage China with a view to defending the security interests of the Alliance. We are increasingly confronted by cyber, hybrid, and other asymmetric threats, including disinformation campaigns, and by the malicious use of ever-more sophisticated emerging and disruptive technologies."