The military alliance has agreed to set up a new body to coordinate responses to cyber attacks carried out against its members and gather intelligence to prevent them from happening in the future, a NATO official said.
It is expected that the move will be endorsed at the NATO summit which will take place in April in Bucharest, Romania. “There is agreement to set up a new body to share intelligence and coordinate actions against cyber crime,” said Major General Georges D’Hollander, who leads the NATO agency dealing with such capabilities.
The first role of the new authority would be to gather intelligence about cyber crime and potential acts of cyber terrorism. “First, we have to be able to identify who brings the attack,” the official said at a conference organised this week in Brussels by the Security and Defence Agenda (SDA) think tank.
Indeed, it is often very difficult to understand where an attack comes from. “Recently, the United Kingdom’s official servers received an attack, which was originally deemed to be from North Korea or Latvia. But later it was discovered that it came from a 16-year-old teenager from London,” explained Professor Peter Sommer, an expert on security of information systems at the London School of Economics (LSE).
At the same time, the alliance has to improve its coordinated response in case of attack. “It seems to be an Article 4 issue,” said General D’Hollander. Article 4 of the NATO Treaty reads: “The Parties will consult together whenever, in the opinion of any of them, the territorial integrity, political independence or security of any of the Parties is threatened.”
So far NATO has concentrated its efforts against cyber attacks on protecting its own communication system. “The question is if now we are going to extend the policing to other sensitive infrastructure,” a NATO official told EURACTIV.
In the recent attack on Estonia, which is one of the most wired economies in the world, servers of national bank and public websites were blocked. “In my country 90% of tax declarations are carried out through the Internet. You can image the feeling of vulnerability of my people when those services were made unavailable due to an attack,” explained Estonian Defence Minister Jaak Aaviksoo.