As stated in the NATO Strategic Concept cyber attacks are one of the top three threats facing the Alliance. A new cyber defence package, with a first tranche of €28 million, will enhance NATO's capabilities in 2012 to monitor and react to cyber incidents with its networks; equipment will be modernized and reaction teams upgraded. This will represent an important increase in NATO's investment in protecting its networks. The Alliance is also working with private cyber security companies to strengthen its ability to support Allies in case of cyber attacks
“As more people, computers and devices come online (there are approximately two billion people using the Internet today), cyber threats have grown more sophisticated and cyber criminals have successfully gathered sensitive data, disrupted critical operations or engage in other illegal activity such as fraud,” explains Dave De Bie, a Technology Strategist at Microsoft.
Facing up to the challenge
“The main challenge to combating cyber crime and cyber attacks is a lack of visibility,” adds Martin Borrett, Director of IBM’s Institute for Advanced Security Europe. “For a variety of reasons, nations, businesses and individuals are reluctant to admit they have been attacked or that they may have vulnerabilities.” Not acknowledging attacks can leave states at risk and cedes the advantage to the attacker. Mr Borett explains that“If organizations and individuals share their experiences, defences can be updated and adapted much more rapidly and shared much more widely to reduce the impact of these attacks.”
A mid-year trend report from IBM named 2011 as the year of the ‘security breach’. According to the report, an explosion of security breaches, incidents of ‘presumed state sponsored attacks and daily reports of viruses continue to show how much cyber attacks are on the increase.
“IBM participates in cyber defence projects at NATO through the provision of several software tools for intrusion protection/detection,” says Mr Borrett. “We share information freely through workshops, conferences, site visits and publications with the community at large.”
In response to these challenges many countries have sought to improve critical infrastructure, build effective information sharing and collaboration capabilities and coordinate responses to complex cyber incidents. NATO has been working with its members in the same way.
“Since 2006, NATO has been running operational cyber defence capabilities and has established a good model in deployment and operating of cyber defence technologies and capabilities,” says Suleyman Anil, Head of Cyber Defence at NATO. “Governments alone would not be able to respond to cyber threats. New and innovative cyber technologies are developed by the private sector. Sharing information and knowledge can (and should) be improved in this area, and NATO is doing its part.”
In 2010 Allied Command Transformation set up the Framework for Collaborative Interaction (FFCI) which enables NATO and private industry to work together in a non-procurement manner. Private cyber security companies have also been invited to participate in NATO cyber security events and industry days such as 2011’s Information Assurance Symposium, where speakers shared their expertise with over 800 delegates from different NATO countries.
“Industry, government and critical infrastructure operators need to find ways to cooperate better, and exchange information better in order to better understand what the threat is and how they can collectively defend themselves,” says Ilias Chantzos, Senior Director EMEA Government Relations, Symantec.
De Bie agrees, adding that “Microsoft proposes and continues to evangelize the need for global public-private partnership to ensure a healthy IT environment for Internet citizens around the world. Without international collaboration, the efforts around the world run the risk of developing solutions that are inefficient, inconsistent or, even worse, conflicting.”
Without cooperation with industry, the Alliance’s networks would almost certainly be compromised.