NATO leaders agreed on Friday that a large-scale cyber attack on a member country could be considered an attack on the entire US-led alliance, potentially triggering a military response.
The decision marks an expansion of the organisation’s remit, reflecting new threats that can disable critical infrastructure, financial systems and government without firing a shot.
“Today we declare that cyber defence is part of NATO’s core task of collective defence,” NATO Secretary-General Anders Fogh Rasmussen told a news conference.
In 2007, a series of crippling cyber attacks paralysed much of NATO member Estonia in an apparent response to a dispute over the movement of a Soviet-era war memorial. Most Western experts suspected the Kremlin was responsible but Russia denied it.
At European level, member countries have turned down calls for a coordinated EU cyber-security strategy, leading to a “regulatory gap” and a “clear and present danger” of cyber attacks, a high EU official told EURACTIV in a recent interview.
Asked if he believed Russia was behind the attack, the official said he didn’t know and advised caution in attributing them as coming from any country in particular.
“There are hundreds of attacks every day of the year,” the official said, explaining that difficulties in tracing their origin were “one of the big problems”.