NATO Member states are concerned about Russia and China's increasingly aggressive behaviour in cyber space
NATO has warned that the impact of significant cyber attacks against any member countries might be considered 'as amounting to an armed attack' in certain circumstances.
The group issued a joint communiqué at the conclusion of the NATO summit in Brussels on Monday. The note states that Article 5 of the organisation's treaty can apply to cyber attacks. Article 5 states that an armed attack against any one of the 30 member states will be considered an attack against them all.
'Reaffirming NATO's defensive mandate, the Alliance is determined to employ the full range of capabilities at all times to actively deter, defend against, and counter the full spectrum of cyber threats, including those conducted as part of hybrid campaigns, in accordance with international law,' the communiqué said.
The statement added that a cyber attack could lead to the invocation of Article 5. However, a decision as to when such attacks would warrant a response would be 'taken by the North Atlantic Council on a case-by-case basis'.
'If necessary, we will impose costs on those who harm us,' the group warned.
NATO's commitment to the common defence of all member countries was originally intended as a response to armed attacks from the Soviet Union after the Second World War. But in recent years the alliance has broadened the definition of threat to also include cyber attacks, thereby creating a new urgency on how to address the issue of cyber security.
NATO says that cyber threats to the security of member countries are becoming more complex, frequent, and destructive. It says the Alliance needs to be prepared to defend its networks and operations from adversaries.
Many member countries have expressed concerns regarding Russia and China's increasingly aggressive behaviour in cyber space.
The joint communiqué treats both countries as threats. Russian earned 63 mentions in the document and is called 'aggressive', while China was mentioned ten times.
NATO leaders said that China's 'assertive behaviour present systemic challenges to the rules-based international order and to areas relevant to alliance security.' They also urged China to uphold its global commitments and to act responsibly in the international system.
UK Prime Minister Boris Johnson said that China had become a "new strategic consideration" for NATO but the organisation does not want to "descend into a new Cold War" with the East Asian country.
Jake Sullivan, the US National Security Adviser, stated on Sunday that NATO would increase its focus on China, saying that Beijing "will feature in the communiqué in a more robust way than we've ever seen before".
The NATO communiqué has come just after the USA has fallen victim to several major cyber attacks, including the disruptive Colonial Pipeline attack in May.
In December, at least nine federal agencies and dozens of private firms were compromised as part of the massive SolarWinds campaign, by Russian actors. Cyber security firm FireEye said the attackers launched attacks after compromising SolarWinds' network monitoring software Orion.
The US said Russia's SVR, a successor to the Soviet KGB, was behind the SolarWinds attacks.
In April, the US Treasury Department sanctioned six Russian technology firms for aiding government hackers engaged in "dangerous and disruptive cyber attacks". The Department said that those six firms had been developing infrastructure and tools, providing expertise, and carrying out malicious cyber activities on behalf of Kremlin Intelligence Services.
High-profile cyber attacks like these are just one topic under discussion at Computing's free hybrid Cyber Security Festival tomorrow. Register now to hear from experts from Metrobank, Channel 4, Covea and more.