The US is ready to use its offensive and defensive cyber capabilities on behalf of NATO, if it is asked to do so, according to Katie Wheelbarger, the principal deputy assistant secretary of defense for international security affairs, during a trip to Europe with US Defense Secretary Jim Mattis.
Ever since 2014, cyber has been recognized as a domain of warfare by NATO, alongside land, air and sea. There is, however, no outlining as to what that entails.
The US decision follows the NATO summit in July, when members agreed to allow the alliance to use cyber capabilities that are provided voluntarily by allies to protect networks and respond to cyberattacks.
As reported by Reuters, in a recent summit, member nations said NATO would create a cyberspace operations center to coordinate NATO’s cyber activities. NATO has also talked about integrating individual nations’ cyber capabilities into alliance operations.
According to unnamed officials, cited by Reuters, in 2017 the United States, Britain, Germany, Norway, Spain, Denmark and the Netherlands were drawing up cyber warfare principles to guide their militaries on what justifies deploying cyberattack weapons more broadly.
The decision reflects growing concerns by the US and allies over Moscow’s alleged use of cyberoperations to influence elections in the US and elsewhere. Moscow has rejected any such accusations, and no evidence has been provided to back them.
“Russia is constantly pushing its cyber and information operations,” said Wheelbarger, adding that this is a way for the US to show its continued commitment to NATO.
Senior Baltic and British security officials say they have intelligence showing persistent Russian cyber hacks to try to bring down European energy and telecommunications networks, coupled with internet disinformation campaigns.
US intelligence officials have allegedly found that in the campaign leading to the 2016 US presidential elections, Russian hackers breached the Democratic National Committee and leaked confidential information.
“It sends a message primarily aimed at Russia,” Wheelbarger said. The action would make it clear that NATO is capable of countering the alleged Russian cyber efforts and would help create a more coherent cyber policy.
“U.S. together with the United Kingdom clearly lead in the level and sophistication of capabilities and if used, they would likely lead to tactical success,” said Klara Jordan, director of the Cyber Statecraft Initiative at the Atlantic Council think tank in Washington.
According to Heather Conley, with the Center for Strategic and International Studies, there was still a challenge in defining what the rules were when it comes to cyber weapons.
“I think that the greater challenge, and we’re certainly struggling with it here in the U.S., is what are the rules of engagement? What does the escalation ladder look like when one begins to use cyber offensive capabilities?” Conley said, she is also a former US State Department official.
In September, the White House warned foreign hackers it would increase offensive measures as part of a new national cyber security strategy.
On September 12th, US President Donald Trump signed an executive order allowing for sanctions over election meddling.
On September 26th, during his chairmanship of the UN Security council on nuclear proliferation, Trump began by accusing China of meddling in the upcoming mid-term elections, without providing proof.
Iran and North Korea have also been accused of attempting to influence US elections.
The US announcement regarding cyber security follows the UK’s announcement to create a 2,000-strong cyber force to take offensive action against the “Russian threat.” The cyber force would require a £250 million investment and it follows the reportedly successful cyber attacks carried out on ISIS targets by the Government Communications Headquarters.
Similarly to the sanctions in connection to the Skripal case, US and the UK are taking actions against Moscow without requiring any evidence to support their accusations.