Friday, May 7, 2010

Cyber Attacks and NATO Article 5

I gave a lecture about malicious uses of cyberspace to an international group in Germany yesterday, and one of the attendees asked me if a cyber attack could ever be a trigger for the collective self defense clause of NATO a.k.a. Article 5.

A very good question.

Allow me to answer via analogy:
1. A cyber attack is either malicious use of commonly available technology (computers, software, network infrastructure, ...) or the use of a cyber weapon (something specifically crafted for causing damage/disruption in cyberspace - such as a DoS tool) in order to create a cyber incident.
2. The ONLY time when Article 5 was actually invoked was in response to the malicious use of commonly available technology (passenger aircraft during 9/11).
3. Therefore, it follows that if the cyber attack causes serious enough harm, it can trigger Article 5 action.

The question that remains, then, is what level and type of harm will cross this threshold. In reality, this will never be set in stone. Likely there will be some cases that will automatically trigger it, however, in the end it will be case by case, as it is with "conventional" attacks.

1 comment:

  1. I agree with Rain that invoking Article 5 can be only on case-to-case basis. In fact, responding to a cyber-attack is more challenging as compared to conventional attacks, as it is difficult to establish state involvement. The long-term solution lies in enhancing the IT skill set of security officials and encouraging certification courses offered by organizations such as ec council.