NATO has announced plans to develop virtual rapid response capabilities “to respond to significant malicious cyber activities.”
The plans were unveiled in a declaration published following the NATO Summit in Madrid, Spain, last week. The latest summit took on extra significance in light of the Russian invasion of Ukraine earlier this year, amid fears of the conflict spilling beyond the current borders into NATO territory. Referring to the war, the declaration read: “We, the Heads of State and Government of the North Atlantic Alliance, have gathered in Madrid as war has returned to the European continent. We face a critical time for our security and international peace and stability.”
Among other areas, the declaration outlined an agreement between member countries “on a voluntary basis and using national assets, to build and exercise a virtual rapid response cyber capability.” The military alliance acknowledged that “we are confronted by cyber, space and hybrid and other asymmetric threats, and by the malicious use of emerging and disruptive technologies.”
NATO heads of state and governments participating in the summit also pledged to accelerate the delivery of non-lethal defense equipment to Ukraine, including boosting the country’s cyber-resilience.
Russia has launched numerous cyber operations against Ukraine since it began the invasion in February. This includes targeting Ukraine’s national telecommunications provider in April, causing significant internet outages across the region.
Commenting on the announcement, Adam Marrè, CISO of Arctic Wolf, said: “As the declaration outlines, NATO currently faces cyber and other asymmetric threats from multiple nations. The announcement of this cyber rapid response capability is a recognition that we must do more to coordinate the efforts to combat ongoing and prepare for future nation-state conducted and/or sponsored cyber campaigns.
“A virtual rapid response cyber capability will greatly increase NATO’s capability to have a more coordinated and effective response to significant malicious cyber activities.
“This capability will likely be similar to the EU Cyber Rapid Response Teams (CRRT) that have already been created and have been deployed in the Ukraine conflict.”
Discussing the requirements needed to create such a capability, Marrè continued: “The new NATO cyber response force will need to develop common cyber operations toolkits with incident detection, prevention, and response capabilities to have an effective coordinated response.
“In addition, they will need to identify and select team members with different domains of expertise, including incident response, forensics and vulnerability assessment that can form cohesive and holistic teams that can rapidly deploy virtually.”
Last year, NATO warned it would consider treating cyber-attacks in the same way as an armed attack against any of its allies and issue a military response against the perpetrators. A decision to invoke Article 5 would be taken on a case-by-case basis.