NATO officials told delegates at the International Conference on Cyber Conflict, or CyCon, in Estonia that the Western alliance would deliver a robust response in the event of a serious and prolonged attack on a member state in cyberspace. Article 5 provides for a united response by NATO states should a member nation come under attack.
“Although many of the cyberattacks that we see fall below a level in their seriousness that could trigger NATO’s Article 5, it is plausible that a cyberspace event of great magnitude could take place that might lead to the triggering of Article 5 in special circumstances,” said Catherine Lotrionte, director of CyberProject at Georgetown University.
The special circumstances that could trigger Article 5 would need to be at a substantially higher threat and risk level than propaganda of social media intrusions, Lotrionte said.
“Most attacks in cyberspace use no force. We would need to have a legal threshold for such threat situations, but the triggering of Article 5 is a real possibility. There are other issues, like time factors. A grave threat would need to be current, and not an event that happened years ago,” she added.
NATO would take a very different and offensive posture if a cyberattack event on the scale of that launched against Estonia in 2007 were to happen now, said Brig. Gen. Christos Athanasiadis, assistant chief of staff cyber at NATO’s Supreme Headquarters Allied Power Europe.
Estonia’s national intelligence services, including the military branch, suspected that the cyberattack on critical IT infrastructure was launched from Russia and…