NATO has announced plans to develop virtual rapid response capabilities “to respond to significant malicious cyber activities.”
These plans were published in a declaration made following the NATO Summit in Madrid, last week. The latest summit was significant in light of Russia’s invasion of Ukraine earlier this year, amid fears of the conflict spreading further. Referring to the invasion, the declaration stated: “We, the Heads of State and Government of the North Atlantic Alliance, have gathered in Madrid as war has returned to the European continent. We face a critical time for our security and international peace and stability.”
The declaration outlined an agreement between member countries “on a voluntary basis and using national assets, to build and exercise a virtual rapid response cyber capability,” among other things. NATO acknowledged that: “we are confronted by cyber, space and hybrid and other asymmetric threats, and by the malicious use of emerging and disruptive technologies.”
NATO heads of state and government participating in the summit pledged to accelerate the delivery of non-lethal defence equipment to Ukraine, including boosting the country’s cyber-resilience.
Since February, Russia have launched numerous cyber operations against Ukraine. This includes targeting Ukraine’s national telecommunications provider in April, causing significant internet outages.
Adam Marrè, CISO of Arctic Wolf, said: “As the declaration outlines, NATO currently faces cyber and other asymmetric threats from multiple nations. The announcement of this cyber rapid response capability is a recognition that we must do more to coordinate the efforts to combat ongoing and prepare for future nation-state conducted and/or sponsored cyber campaigns.”
“A virtual rapid response cyber capability will greatly increase NATO’s capability to have a more coordinated and effective response to significant malicious cyber activities.”
“This capability will likely be similar to the EU Cyber Rapid Response Teams (CRRT) that have already been created and have been deployed in the Ukraine conflict.”
Discussing the requirements needed to create such a capability, Marrè went on to say: “The new NATO cyber response force will need to develop common cyber operations toolkits with incident detection, prevention, and response capabilities to have an effective coordinated response.
“In addition, they will need to identify and select team members with different domains of expertise, including incident response, forensics and vulnerability assessment that can form cohesive and holistic teams that can rapidly deploy virtually.”
In 2021, NATO warned that it would consider treating cyber-attacks in the same way as an armed attack against any of its allies and issue a military response against the perpetrators. A decision to invoke Article 5 would be taken on a case-by-case basis.