In 2015, Tzrifin Base, one of the architects of the Israeli military’s cyber defence force proposed the launch of a collective global security alliance – similar to that of NATO – to defend against cyber threats. As stated by Brigadier General Daniel Bren of the Israeli Defense Forces (IDF), “We’re thinking of a military type of coalition that will co-defend like-minded nations … If you like, in a very coarse and indelicate comparison, like Article 5 of NATO; like a Cyber Article 5.” Additionally, Israeli Prime Minister Benjamin Netanyahu described this Cyber Security Authority as “a new Air Force to deal with new threats.”
Israel is an established hotbed for cyber security. Thanks to heavy military investments, a sea of high-tech security startups, and unique economic conditions, the country has become one of the foremost leaders in cyber security. With more than 300 cyber security companies, Israel is the world’s second largest exporter of cyber products after the United States.
Is this cyber alliance a viable solution for NATO?
The Internet as the New Frontline
The NATO Cooperative Cyber Defence Centre of Excellence (CCD CoE) in Tallinn, Estonia, although not a part of the command structure, offers expertise and experience to member states. Cyber Coalition 2014 is perhaps the closest existing NATO model for the Israeli project. As the largest cyber defense initiative to date, it is not just a way to test and improve NATO’s online responsiveness, but also a unique platform that brings together more than 600 experts from across the Alliance.
NATO’s clearest commitment to this level of cyber cooperation to date was its update of Article 5 of the North Atlantic Treaty to include cyber attacks, which now states that major digital attacks on a member state will equivocate to an attack on all members. However, as a recent report by Chatham House states, it only shifts the security dilemma forward. Thus begging the question of what constitutes as a “major” digital attack?
Although the inclusion of cyber attacks into Article 5 occurred in 2011, while joint cyber-defense exercises have been ongoing for nearly a decade, cyber attacks have become increasingly intrusive and effective. They have become part of contemporary military strategy.
Following the country’s 2008 confrontation with Georgia, Russian hackers delved into the Georgian Ministries of Internal Affairs. In 2007 as well, large-scale cyber attacks occurred in Estonia, while in 1999, during NATO’s operation in Kosovo, NATO military forces faced crude cyber assaults.
And this is but a glimpse of Russia’s capabilities. According to FireEye, a cyber security company, Russia, since 2007, has also targeted several other Eastern European governments and militaries, and key European security organizations. iSight Partners reported last year that “Russian hackers exploited a vulnerability in Microsoft Windows to spy on computers used by NATO and other western governments.”
These attacks are becoming the norm for military operations; assessing an enemy’s responsiveness before making the first move. This is why, as NATO’s main security partner, CISCO argues, increased cyber cooperation among members is essential. But the advantages of cooperation are often offset by the imperative to protect cutting-edge technologies and state secrets.
The Geopolitics of Cyber Policy
One of many challenges concerning the development of a coherent policy by the Alliance is that not all members have agreed to share cyber-sensitive intelligence. Article 5 commitments now ask member states to reveal their cyber-defense capabilities, which even when limited to NATO allies, could be harmful for the American intelligence community. As a matter of fact, this could easily backfire against everybody involved.
NATO’s second immediate challenge is that, since most of the members states are situated in Europe, there is an obvious institutional overlap with the European Union, leading many policy makers do doubt whether or not NATO should be heading European cyber defence.
Ironically, security is where the seemingly borderless digital world hits a wall. As Seán McGurk, Director of the National Cyber Security and Communications Integration Center with the US Department of Homeland Security has stated, “There are no boundaries in cyberspace.” Policy, however, works differently. Not all economies have recovered equally from the 2008 financial crisis, and considering how far behind some NATO members are, the costs of building substantial cyber defence capabilities are a major hindrance.
Options for a Cyber NATO: Looking East
Israel is a champion of cyber security policy. Its strategy, however, is still a reflection of local security concerns, and so is its ambition for a global cyber alliance. Its extensive legal framework can nevertheless be a great model for NATO. As its chief technological architect stated, the mission of Israel’s cyber alliance, is to “detect and thwart threats before member nations would need to activate the ‘cyber Article 5’ collective defense mechanism.’’
It is exactly this preemptive capability – stopping security breaches before they hit the point of no return – that feeds the call for a major improvement of NATO’s cyber integration. Anders Corr, an intelligence expert writing for Forbes was pleading earlier this year for an increased engagement with the Asia-Pacific to help NATO keep ahead of the curve in cyber security: “protecting NATO countries from cyber-attack and cyber-theft of military and other sensitive technology now requires extension of a NATO cyber security umbrella to developed democracies in the Asia-Pacific.” This would not be without precedent. NATO already has opened up cyber defense to non-members: in 2015, Sweden joined the NATO Cooperative Cyber Defense Centre of Excellence as a Contributing Participant.