From Siobhan MacDermott, AVG: NATO is a creature of crisis, having come into being early in the Cold War as an intergovernmental alliance between the United States and the European democracies for collective defense against attack by any “external party. . . .”
The Cold War has ended, but there is obviously no shortage of crises. Yet are they the kind of crises for which NATO was created to respond—wars in need of control and containment? This, after all, was the NATO mission during the Cold War years. . . .
An Expert Brief recently posted online by the Council on Foreign Relations observed, “Cybersecurity is now a leading concern for major economies,” noting that between “April and December 2012, the types of threats detected on the Google Android platform increased by more than thirty times from 11,000 to 350,000” and are expected soon to reach one million. “Cyber threats and cyberattacks . . . reveal an escalating digital cold war.” The phrase—digital cold war—is no mere figure of speech. By planting its cyberwarfare headquarters in Talinn, NATO has both identified and defined ground zero in that new cold war. What is more, the alliance took the lead in creating the doctrine by which democratic nations must fight this cyberwar by issuing, from Talinn in 2012, its National Cyber Security Framework Manual.
At the heart of the NATO cyber doctrine is a perceptive and innovative boldness that rallies all governments to the common defense of cyberspace—for cyberwar, like cyberspace, knows no borders and respects no sovereignties—and also recruits into the cause both the public and the private sectors. The National Cyber Security Framework Manual identifies “critical infrastructure protection (CIP)” as “the catch-all term that seeks to involve the providers of essential services of a country within a national security framework.” Acknowledging that “most of the service providers (such as public utilities, finance or telecommunications) are in the private sector,” the NATO manual declares the necessity of extending “government support to help protect [private sector companies] and the essential services they provide from modern threats.” In this, NATO takes the lead again, daring to proclaim a truth that many in the United States—including a controlling bloc of legislators—find inconvenient and persistently refuse to accept: As cyberspace and thus cyberwar cannot be bounded by national borders, so they cannot be contained exclusively in the public or the private sector. Cyberspace is, above all, absolutely permeable.
We are in a cyberwar. If you need confirmation of this statement, read the investigative report the security company Mandiant recently published on the activities of “APT1,” a Chinese cyberwarfare unit either intimately associated with or actually part of the People’s Liberation Army (PLA). For at least the last six years, APT1 has brazenly looted the intellectual property of American firms and those of other nations. Call it “hacking,” “cybercrime,” or “cyber theft,” when conducted by the military of one nation against the assets of other nations it is cyberwar. To defeat the aggressors in such a war will require thinking and acting beyond national borders and political, legal, bureaucratic, and traditional sectorial divisions. Looking to the United Nations for a remedy is not the answer any more than it was during the Cold War. What the world’s democracies need now is what they needed during the turbulent half-century wake that followed World War II. They need a strategic set of cross-border alliances for mutual defense. Today, once again, it is NATO that offers them.
Siobhan MacDermott is Chief Policy Officer for AVG Technologies. (graphic: Current)