Last month, the United States and other North Atlantic Treaty Organization (NATO) nations endorsed a new cyber defense policy while in Brussels, Belgium. Part of the new policy addressed the invocation of Article 5 of the North Atlantic Treaty, which – as reported by The Hill – states that “if a NATO allied nation is attacked, other members would consider it an attack against all NATO nations and consider actions to respond.”
A communique released after the summit read: “Allies recognise that the impact of significant malicious cumulative cyber activities might, in certain circumstances, be considered as amounting to an armed attack.”
One News Now spoke to global security expert Benjamin Varlese about the new cyber defense policy and the malicious cyber-activity it attempts to curtail.
“[While] disruption incidents like the recent ransomware attacks against the Colonial Pipeline and JBS meat processing facilities would be difficult to justify a response with conventional weapons,” he says, “[other occurrences] could almost certainly be considered an act of war.” He explains that would include cyberattacks with “kinetic” or physical effects, especially those against critical infrastructure like electricity, water, and transportation.
Varlese also warns that “a cyberattack could initiate a CBRN [chemical, biological, radiological, or nuclear] event.”
So … who might the attackers be?
The former U.S. Army Mountain Infantry platoon sergeant agrees that a cyberattack resulting in kinetic or physical effects – or any number of the types of cyberattacks against infrastructure – could warrant a military response. In fact, he argues that a few countries around the world are worthy of mention … countries that are more inclined to initiate nefarious cyber activities.
“Russia offers the most pressing threat in the traditional conflict sense,” Varlese points out. “[The country has] become adept at incorporating kinetic and disruptive cyberattacks in conjunction with information warfare to create civil unrest,” adding that, in his opinion, the U.S. and partner states are not fully prepared to counter or mitigate these kinds of actions.
Another potential culprit, Varlese says, is China – “[which] is playing the long game and has been focusing on the collection side of cyber warfare.” He considers breaches of databases and other methods of identifying U.S. personnel and assets to be “a substantive intelligence win” for China. As a result, U.S. and allied military and intelligence operations in the region could be significantly delayed or disrupted.
“Similarly, theft of intellectual property from U.S. and partner state companies keeps China competitive in global markets and undermines rivals’ technological advantages,” he adds.
Varlese deems the rapidly growing capabilities of North Korea and Iran to be worthy of mention, as well.
“North Korea regularly uses cyber campaigns as a source of funding to circumvent sanctions and hostile acts towards South Korea,” he tells One News Now. “[And] Iran has utilized its budding cyber program to disrupt, deny, or delay rivals, [and] collect intelligence.”
Not enough being done about it
While various countries are growing their cyber capabilities, the expert on global security laments what he considers inadequate attention being given to the potential for a cyberattack to produce a mass casualty event in the public sphere.
“Outside of national security journals, there seemingly has not been adequate consideration given to utilizing a crippling cyberattack as an initiator to a conventional attack,” he concludes.