Center for Strategic Decision Research

Paris '07 Workshop

CYBER-WAR AND NATO

U.S. Asst Sec of Defense John Grimes with Cyber-defense panel

Lieutenant General Ulrich Wolf
Director, NATO CIS Service Agency

Lieutenant General Ulrich Wolf (left) with former SACEUR General James Jones.

"[During] robot attacks... thousands of computers are connected to overload a targeted storage device with messages
and with the aim to shut down its services. The systems used are high-jacked by the attacker... An estimated
50 million machines around the world have been compromised in this way."

The threat of cyber-war is real and it is amongst and could be waged against all of us. Are you aware that you might be a cyber-terrorist? While of course you would not be one intentionally, there is a chance you might be one by accident.

THE POSSIBILITY OF ROBOT ATTACKS

            Let me explain this statement. There are such things as "robot attacks" in which thousands of computers are connected to overload a targeted storage device with messages and with the aim to shut down its services. The systems used are high-jacked by the attacker and are distributed all over the world. An estimated 50 million machines around the world have been compromised in this way, and are ready to be used in these types of denial-of-service attacks. One of them could be your computer, in your home or your office, or it could be your children's computer.

            The attack on Estonia was the first of its kind against a NATO member. However, defending against attempted intrusion into NATO’s data networks is a daily reality. NCSA is responsible for secure end-to-end communication services and is therefore the first line of resistance in the cyber-defense of the Alliance. We receive about one million e-mails at SHAPE Headquarters each month. Nearly half of them are unwanted SPAM and about 76,000 viruses were stopped at our firewalls.

NATO'S CYBER-DEFENSE PROGRAM

            NATO’s cyber-defense program, which was initiated three years ago, is at its initial operating capability. At my headquarters in Mons we have a state-of-the-art NATO Computer Incident Response Capability Technical Center, whose intrusion prevention system saw 14.5 million potential security incidents in 2006.  But most of us consider cyber-security as a subject for computer specialists and nothing to really worry about. It’s a bit like it was during the Cold War: We theoretically are aware of the threat, but in our day-to-day private lives and businesses we do not care. But cyber-war threatens our entire society—the military, government institutions, industry, finance, and health systems, as well as all of us individually. Therefore defense against this threat should be a matter of importance for all of us.

            It is the responsibility of our governments to develop a comprehensive defense concept horizontally across all departments and vertically from the state down to the community level. We need to find new forms of coalitions that include industry and the financial world. ISPs and software companies also need to play a key role. But in which of our countries is this already the case?

            There is a real need for a cyber-related policy at the Alliance and the EU level—the case of Estonia may have opened the question about the need for a cyber-version of Article 5. My agency, NCSA, has taken the first steps to reach out to the information-security domains of Alliance member-nations to coordinate our efforts, share best practices and threat assessments, and establish a system for incident reports and warnings. In addition to our contracted defense capabilities we have also developed an active partnership with many of our main software and hardware vendors because they are also targets of the same enemy.

GOING FROM PASSIVE TO ACTIVE DEFENSE

            There is much work still to do. One of the most important areas that urgently needs further development is a common intelligence capability that will enable us to go from mere reaction to active prevention. NATO has no capability for active cyber-warfare. Why is this? Is it not time to reconsider the rationale for cyber-warfare?

            What I recommend is an open, politically driven discussion, a thorough, in-depth threat assessment that should lead to a common, realistic understanding of the situation. It should also lead to the development of a comprehensive strategy and finally to an effective multi-organizational and multi-national defense capability that includes an element of active cyber-warfare. NATO should take the lead in this. There must also be the necessary investments of money and manpower, which will definitely not be small.

            On a personal level, I would like to end by advising you to update your Internet security software on a regular basis in order to avoid being turned into a cyber-terrorist unintentionally.

Top of page | Home | ©2007 Center for Strategic Decision Research