Cyber threats

Once considered only a limited potentially destructive risk, cyber attacks have become a real and increasingly serious threat.

România Internațional, 06.09.2013, 11:53

Last year alone, cyber attacks caused losses of 90 billion euros according to Interpol President Mireille Ballestrazzi. Hackers are still difficult to track and they know no limits, she said, adding that the spread of electronic payment and research and the difficulty of tracking criminals encourage cyber crime. NATO states, which are strongly dependant on electronic communication, have become vulnerable to this new type of security challenge and are constantly looking for solutions.

One such solution is the creation in 2010 of a division for emerging security risks. The division deals with issues related to cyber defence, energy security, the non-proliferation of weapons of mass destruction, the fight against terrorism and the Alliance’s strategic analysis capability. Romania’s NATO ambassador Sorin Ducaru, who will take over the position of Assistant to the NATO Secretary General for Emerging Security Risks this autumn, spoke about the various incidents related to the cyber space in an interview on Radio Romania.

Sorin Ducaru: “Incidents in cyber space take different shapes. One area is cyber crime, which leads to fraud and the theft of resources and money over the Internet. Another area is cyber espionage which, in the worst-case scenario, may target critical infrastructure in various countries. The problem is that when it comes to cyber space, it’s difficult to locate the source accurately and this usually takes a long time. However, we at NATO are in a stage where we are establishing our priorities and the number one priority is to ensure the security of the Alliance’s own systems. I’m referring to the command structure, the NATO agencies and the general headquarters. Basically, by the end of the year, we should be able to ensure full protection for all NATO systems. Each state must invest in equipment and technology, but being part of an alliance makes our defence more efficient and even financially cheaper.”

Shortly after 9/11, NATO started to improve its ability to defend itself from cyber attacks, while focusing on the implementation of passive protection measures requested by its military structures. It wasn’t until the events of 2007 in Estonia, when cyber attacks paralysed the country’s almost entire information infrastructure that NATO started to reconsider its cyber defence policy radically. In January 2008, the Alliance drafted for the first time a NATO cyber defence policy. One of the most serious attacks so far occurred in the US in that same year, when an undetected spy programme spread to classified and unclassified files via a memory stick connected to an army laptop computer at a military base in the Middle East.

Ever since, cyber espionage has turned into an almost constant threat, reads the NATO magazine published in Bucharest. The publication also speaks about the impact of massive cyber attacks against Georgian government websites and servers during the conflict in Russia. It is believed that they weakened the Georgian government at a crucial stage in the conflict. In 2012, the Alliance’s network had to deal with over 2,500 cases of unusual cyber activity and attempts to penetrate the network, that is once every three hours, both day and night, every day of the year, said NATO Secretary General Anders Fogh Rasmussen. The cyber area is also linked to terrorism, says Sorin Ducaru.

Sorin Ducaru: “We know that a certain piece of intelligence coming from an airport on the movement of a person or group under surveillance may have an effect in another country, unless it is blocked. Terrorism also has a connection to this cyber area because in many cases communication is achieved via cyber information systems. The main effort and the biggest challenge are to put together all these resources and generate a more efficient response to prevent crisis situations. To this end, an Intelligence Unit was set up within the Alliance three years ago. One of its main goals is the assessment of the situation across all NATO countries.”

Once this monitoring system in place, says Sorin Ducaru, all movement occurring in a certain place may indicate possible terrorist attacks or incidents that could not be otherwise predicted.