NATO Secretary General Jens Stoltenberg and British Secretary of State for Foreign Affairs Jeremy Hunt called on Thursday 23 May, for strengthening the Alliance's deterrence in cyberspace.
"We need to consider how we can deter attacks in cyberspace", Stoltenberg said at the conference at the National Cyber Security Centre in London.
According to him, part of the deterrence involves attributing attacks. "Cyber attackers need to know that they will be exposed", he said.
But according to the Secretary General, the Allies should be ready to go further. "If necessary, we must be prepared to use our cyber capabilities to fight an enemy", he explained, taking as an example the United Kingdom's campaign against the propaganda of the Islamic State organisation. "By using national cyber effects - or offensive cyber attacks, [the British] have suppressed ISIS propaganda and reduced its ability to coordinate attacks and disrupted its recruitment of foreign fighters", Stoltenberg said.
"For deterrence to have its full effect, potential attackers must know that we are not limited to reacting in cyberspace when we are attacked in cyberspace. We can and will use the full range of capabilities at our disposal", he also warned. A warning supported by Mr Hunt.
"We must be crystal clear that any cyber operations designed to manipulate another country’s electoral system and alter the result would breach international law - and justify a proportionate response", the Secretary General warned.
He added: "Together, we possess options for responding to any attacks that fall below the threshold for Article V. We should be prepared to use them". In his opinion, doing nothing is in itself an "important" decision and can have serious consequences. According to Article V, an attack against one ally is considered an attack against all Allies. NATO has designated cyberspace as a military domain.
"The more we communicate our resolve to act, the more we lower the risk of miscalculation. The more we work together to develop an array of appropriate response options - and signal our willingness to employ them - the greater our power of deterrence", he added, adding that a balance must be struck between the "clarity about our determination to act" and the "constructive ambiguity about exactly what we would do in specific circumstances".
Mr Stoltenberg recalled that the Allies had agreed to integrate national or cyber-offensive capabilities into Alliance operations and missions. According to Mr Hunt, the United Kingdom was the first ally to offer its offensive cyber capabilities to NATO, and eight Allies did the same.
As evidence of the interest in cyber defence, strengthening cyber defence and resilience will be at the top of the agenda of Allied Heads of State and Government at their summit on 3 and 4 December 2019 in London. And next week in Brussels, NATO's Secretary General also convened a meeting of National Security Advisors, the first of its kind for the Alliance. (Original version in French by Camille-Cerise Gessant)