NATO ministers agreed on Tuesday to strengthen the organisation's cyber defences but differed about how much NATO should do to protect smaller allies from potentially devastating hacking attacks.
Last year, NATO dealt with over 2,500 “significant cases” of cyber attacks on its systems, NATO's chief, Anders Fogh Rasmussen, said at the alliance's first in-depth review of cyber defence, a meeting that showed how the issue has risen to the top of the security agenda.
“We are all closely connected, so an attack on one ally, if it is not dealt with quickly and effectively, can affect us all. Cyber defence is only as effective as the weakest link in the chain. By working together we strengthen the chain,” Rasmussen told a news conference.
Boosting Cyber Defence
The Pentagon accused China last month of using cyber espionage to modernise its military, which Beijing denied. The Washington Post said last week that Chinese hackers had gained access to designs of more than two dozen major U.S. weapons systems.
Defence ministers from the 28 allies agreed that NATO's cyber defence capability should be fully operational by October, extending NATO protection to all of the dozens of computer networks owned and operated by the alliance, Rasmussen said.
They have also agreed to establish rapid reaction teams to help protect NATO's own systems.
NATO members agree that the organisation's priority must be to defend NATO's own computer networks, since these are the systems used to coordinate military operations among the allies.
But there is disagreement about how the alliance should respond to requests for help from members that come under cyber attack.
Smaller countries with limited resources are keen to take advantage of NATO's cyber defence capabilities and Rasmussen believes NATO should have a capacity to help.
But larger members, such as the United States, Britain, France and Germany, disagree. Since they spend large sums on cyber defence at home, they are reluctant to divert money to NATO activities that will largely benefit others.
“NATO must not replace the will of individual members to defend themselves in cyber(space) as in other areas,” one NATO diplomat said.
Rasmussen said one option may be to use NATO's rapid reaction teams to help countries that come under cyber attack.
Another could be for one NATO member to use its own cyber capabilities to help another ally, Rasmussen said, likening this to the decision by the United States, Germany and the Netherlands to send Patriot anti-missile systems to Turkey this year.
NATO was alerted to the threat of cyber attacks in 2007, when Estonia's Internet network was paralysed by an electronic attack that Estonia blamed on Russia. The incident prompted NATO to review its readiness to defend against cyber warfare.