May 16, 2018
Stoltenberg Provides Details of NATO's Cyber Policy
By Jens Stoltenberg, NATO
Here in France, TV-Cinq Monde was taken off air by hackers. ‘Fancy Bear’, a group associated with the Kremlin, hacked the main political parties in the United States. In a brazen attempt to influence the 2016 election. Last years’ WannaCry attack forced Renault to halt production at several of its factories. And brought hospitals in the United Kingdom to a standstill....
Nowhere is the ‘Fog of War’ thicker than it is in cyberspace. Low cost and high impact, cyber-attacks are now a part of our lives....
Today, NATO has three key roles to play in cyberspace. To drive progress across the Alliance. To act as a hub for information sharing, training and expertise. And to protect our networks.
First, driving progress across the Alliance. In 2014, NATO leaders agreed that a cyber-attack could trigger Article 5 of our founding treaty. Where an attack on one Ally is treated as an attack on all Allies. Traditionally, an Article 5 attack would be with tanks, aircraft and soldiers. Now it can come in the form of a cyber-attack. Placing cyber at the very heart of what we do.
In 2016, NATO leaders designated cyberspace as a ‘domain’, alongside land, sea and air. This meant re-examining everything we do, from top to bottom.
Whether we are in Afghanistan or the Baltic countries, cyber is now a core part of our operations.
Also in 2016, leaders agreed to the Cyber Defence Pledge. The focus of this conference. As a result, in less than two years, almost every Ally has upgraded their cyber defences. France is leading the way, investing 1.6 billion euros and employing thousands more cyber experts....
NATO’s second role is as a hub of operational information and expertise. We share information about cyber threats in real-time. As we did with the European Union, nations and private companies during last year’s WannaCry and NotPetya attacks.
As part of our new Command Structure, we are setting up a Cyber Operations Centre. To integrate cyber into our planning and operations. And I welcome the contribution by some Allies of their national cyber capabilities to NATO, as Minister Parly just mentioned. I hope that more Allies will make similar offers at our next Summit in July.
NATO Cyber Rapid Reaction teams are on standby to assist Allies, 24 hours a day. And the NATO Centre of Excellence for Cyber Defence in Estonia leads on research, education and training....
Finally, NATO’s final role is to defend its own networks. NATO has hundreds of experts protecting our networks and systems around the clock. And we need them. NATO is attacked every single day. And the threat is evolving all the time....
I am often asked, ‘under what circumstances would NATO trigger Article 5 in the case of a cyber-attack?’ My answer is: we will see.
The level of cyber-attack that would provoke a response must remain purposefully vague. As will the nature of our response.
But it could include diplomatic and economic sanctions, cyber-responses, or even conventional forces, depending on the nature and consequences of the attack.
We need a full spectrum response. So we can respond to serious cyber-attacks even if they don’t cross the Article 5 threshold.
Speech by Secretary General Jens Stoltenberg at the Cyber Defence Pledge Conference, Paris, May 15, 2018.