MONS, Belgium (Reuters) - A new NATO military command centre to deter computer hackers should be fully staffed in 2023 and able to mount its own cyber attacks but the alliance is still grappling with ground rules for doing so, a senior general said on Tuesday.
While NATO does not have its own cyber weapons, the U.S.-led alliance established an operations centre on Aug. 31 at its military hub in Belgium. The United States, Britain, Estonia and other allies have since offered their cyber capabilities.
“This is an emerging domain and the threat is growing,” said Major General Wolfgang Renner, a German air force commander who oversees the new cyber operations centre, or CYOC, in Mons.
“We have to be prepared, to be able to execute operations in cyberspace. We have already gone beyond protection and prevention,” he told Reuters during a NATO cyber conference.
NATO communication and computer networks face hundreds of significant hacking attempts every month, according to the NATO Communication and Information Agency, while experts say Russia, North Korea and China are constantly deploying sophisticated computer hacking weapons and surveillance software.
Accusations by Western governments this month that Russia waged a global hacking campaign have raised the profile of NATO’s evolving strategy as allied governments look for a response. The European Union on Monday discussed its options, including a special economic sanctions regime to target cyber attackers.
“Our ultimate aim is to be completely aware of our cyberspace, to understand minute-by-minute the state of our networks so that commanders can rely on them,” said Ian West, chief of cyber security at the NATO communication agency.
When fully operational, the cyber centre aims to coordinate NATO’s cyber deterrent through a 70-strong team of experts fed with military intelligence and real-time information about hackers ranging from Islamist militants to organised crime groups operating on behalf of hostile governments.
NATO has formally recognised cyberspace as a new frontier in defence, along with land, air and sea, meaning battles could henceforth be waged on computer networks.
The centre could potentially use cyber weapons that can knock out enemy missiles or air defences, or destroy foes’ computer networks if commanders judge such a cyber attack is less harmful to human life than a traditional offensive with live weaponry.
That is now the subject of intense debate at NATO, with alliance commanders saying publicly that cyber will be an integral part of future warfare but allies unclear what would trigger NATO’s Article 5 (collective defence) clause.
“Our concept of operations, a toolbox for short-notice decisions about how to respond, is not in place yet. This is one of the challenges we face,” Renner said.
If NATO can agree cyber warfare principles, the alliance hopes to integrate individual nations’ cyber capabilities into alliance operations, coordinated through the Mons cyber operations centre and under the command of NATO’s top general, the Supreme Allied Commander Europe, or SACEUR.
That could allow the top general to take quick decisions on whether to use cyber weapons, similar to existing agreements for NATO’s air defences and its ballistic missile shield, where a commander has only minutes to decide what action to take.
“From my point of view, this is basically possible, but it has to be arranged,” Renner said.
Reporting by Robin Emmott; Editing by Mark Heinrich