March 3, 2017
Bearing a title that obligates him to manage evolving security threats, NATO Assistant Secretary General for Emerging Security Challenges Sorin Ducaru has his hands more than full.  With the threat landscape against the alliance changing constantly in unpredictable ways, many of them breaking new terrain in warfare, Ducaru and his staff have to be prescient, agile, and humble about their abilities to predict what's next.

NATO defense ministers last month approved an "updated cyber defense plan" and moved forward with discussing how to practically incorporate "cyber" as their latest operational domain. That designation was formally made at the 2016 Warsaw Summit, obligating NATO to defend itself in cyberspace "as effectively as it does in the air, on land, and at sea."  Easier said than done, needless to say, but Ducaru's office is on it.

He parses his responsibilities as dealing with a world of both emerging and re-emerging security challenges, with old and new threats blending together in a "hybrid mix."  Ducaru calls it the "horizon-scanning" business, where they're analyzing a long list: "new forms of manifestations of terrorism, information manipulation, potential challenges to space assets, [and] the impact of climate change upon security," along with the traditional responsibilities of conventional counterterrorism, cyber defense, and energy security, among other things.

A new "Lisa" gets lost in Lithuania

Information manipulation has become a top concern with the intense propaganda campaigns emanating from many directions—but most Kremlin-directed—targeting allies.  For example, there are many questions surrounding Russian disinformation's role in the US presidential elections in 2016. Leaving those aside, however, Lithuania and Germany were also on the receiving end of a failed attempt to create chaos last month.

After Russian disinformation tactics had rampant success in 2016 exploding a false story about migrants raping a Russian-German girl named Lisa in Germany, a similar attack was launched in early February against German troops heading up NATO's battle group in Lithuania. An e-mail was sent to the speaker of the Lithuanian Parliament in early February claiming German soldiers had raped a teenager. 

The information was instantly red-flagged and shared among Lithuanian authorities and with German and NATO officials. It was investigated and quickly found to have been entirely fabricated—without the rumor igniting in social media.  NATO's military committee chief, General Petr Pavel, pinned the attempted attack on Moscow but Lithuania has been more circumspect, saying only that it came from "outside the EU."  

Ducaru says the incident is still alarming, despite its lack of impact. "This is a clear example of information manipulation with a sense of weaponization," he explained, "because it really was supposed to affect the perception about the presence of German troops as the [Enhanced Forward Presence] framework nation in Lithuania. It was supposed to affect morale; it was supposed to affect everything -- the operational functioning."

Military planners reprogram for more pessimistic possibilities

Defying traditional trends of military research, Ducaru expects NATO to increase its attention to "fake news" data manipulation and how and why it manages to get traction with the public, at least temporarily.  "It seems emotions are sometimes more powerful than the dry facts," he acknowledged, "so we need to take this into consideration." 

Other long-held threat perceptions are changing too, due to the breadth and depth of society's reliance on the internet and connected technology.  Ducaru says military planners have woken up to the fact that they need to look at how to "live and even operate in a heavily degraded cyber environment."  He says previously, cyber was seen as an "enabler," and the theory went that in case of an attack, technicians would simply make sure that systems would work.

"Military planners were planning operations on the assumption that the information is assured," Ducaru said.  With cyberattacks becoming so much more sophisticated and dangerous, he explained, "in this environment, the assumption is different -- that we will be in situations where systems will be degraded."  Not only that, but because each of the other operational domains -- land, sea, and air -- is heavily dependent on cyber capabilities, the resilience of the newest domain is critical.

NATO is only as secure as its weakest of the twenty-eight links in the chain.  Contained in allies’ constant prodding on increased military investment is the push to upgrade cyber capabilities and defense and Ducaru said all parties are indeed prioritizing this.  "But I also see that we need to do more and faster," he acknowledged. "Let's make no mistake -- complacency in this field does not make sense at all.  We are always striving to be ahead of the curve, but this threat landscape evolves extremely fast so there is never enough."

At the same time, when asked whether he believes the alliance will ever go to war in its newest domain, he said, "I hope not...I hope not".  Ducaru noted that NATO has been an active participant in the international discussion of how to create more stability in cyberspace, recognizing the applicability of international law to the cyber world and calling for the creation of a system of voluntary norms of behavior and confidence-building measures.

Ducaru hopes NATO's contributions to keeping the peace since its founding will continue to succeed in the cyber realm. As he puts it, "being ready to act in the spirit of collective defense in any circumstances, but it actually not being necessary to do it."

Teri Schultz is a Brussels-based freelance journalist. You can follow her on Twitter @terischultz.

RELATED CONTENT