NATO Resolution – Online Rapid Response Capability

Working together against cyber attacks
NATO Resolution – Online Rapid Response Capability

From Dr. Sebastian Schmerl

presenters on this topic

The risk for countries and their critical supply institutions to become victims of cyber-attacks is growing! At least since the aggressive war against Ukraine, cyber-attacks are no longer a fantasy, but a real possibility. In response, NATO announced during its summit at the end of June the development of a strategic concept for more cybersecurity.

Dr. says. Sebastian Schmerl. Only joint, coordinated actions can lead to success in terms of electronic protection.

This year’s NATO summit in Madrid took place against the backdrop of the Ukraine war and with a special focus on cybersecurity. Because wars are no longer limited to physical attacks; Virtual war is becoming increasingly important. But it is not only the events of the current war that are relevant to NATO decisions. Defense NATO countries are also affected by other cyber and asymmetric threats, that is, not only known and conventional dangers, but also unexpected attacks. This is shown, among other things, by reports of a “large-scale espionage operation in which more than 150 companies were hacked in Germany alone”.

In order to ensure the security of such a complex and extensive infrastructure as that of NATO, all members must work closely together.  (Photo: Framestock -

What does the NATO summit decision on cyber security mean?

The measures to ensure electronic protection can be summarized as follows: The goal is to improve resilience as part of the national responsibility. To achieve this, corresponding objectives and measures must be established at the national level. These plans should include resilience to cyber and hybrid threats and increased interoperability. Political and military means must be used in unison. This also includes expanding the partnership with industry. It is important to use national resources to develop a rapid electronic response capacity.

This online rapid response capability aims to pool national cyber defense skills and resources. Exactly what this should look like is currently not determined. However, there is an intention to standardize security standards such as security checks, intelligence sharing and collaboration in forensic analysis. Moreover, the cyber campaigns of nation states must be coordinated in order to improve preventive cyber defense and the ability to respond in the event of cyber attacks.

Why is NATO’s joint cyber defense strategy so important?

Ransomware attacks that require terrible ransom are currently causing huge economic damage; If vital national supply facilities are attacked and infrastructures crippled, this is – in the truest sense of the word – the major collapse. For example, if electricity or water supplies are widely affected, large parts of public life are threatened: supply chains are interrupted, business life is paralyzed, the health care system is subjected to a stress test. All this leads to general uncertainty among the population and can eventually lead to the destabilization of governments. Scientists and authors have already identified scenarios for the effects of sudden loss of essential services and government leadership. Restoration of the previous situation is a huge task for the state and the people, which can be compared to the reconstruction after a natural disaster: with the difference that these are mostly local or regional, as happened after the flood disaster in the Ahar Valley.

How dangerous is a cyber attack really?

In the 21st century, cyberspace has evolved into a veritable battleground: due to the digital transformation of the past decades – not least due to the push for digitalization in the past two years – the digital threat must be taken as seriously as physical attacks. As the digital attack surface continues to expand, hackers have many avenues of access. From power plants to photovoltaic power plants and sewage treatment plants – all these infrastructure facilities are highly interconnected and thus can become the target of cyber attacks. The BSI report on the state of IT security in Germany also underlines the critical security situation. An added challenge in cyberattacks: While air, land or sea attacks can often be traced back and reconstructed, this is difficult or impossible in virtual space. Therefore, a joint strategy and coordinated countermeasures is an absolute necessity.

We discuss how Russia's attack on the cyber world affects it and make recommendations for action.  (Vogel IT media)

One loophole is enough

This does not mean that resources have not been poured into protecting sensitive areas in NATO countries and national organizations. However, the measures taken so far can be expanded: countries and companies wishing to protect their infrastructure and systems as well as critical regions must be prepared for many different attack scenarios and ensure the security of all connected networks, devices, endpoints, software, data and users. On the other hand, the attacker needs a small weak point to successfully execute his attack.

This is a formidable challenge not only for companies, but also for nation states. However, if there is close cooperation between national governments, police and security forces involved as well as industry, proactive protection and cyber defense can be achieved early on. Because shared insights and speed are key to combating cyberthreats – and any other warfare.

Good things take time – also when it comes to cyber defense

Even if the foundations of cybersecurity have already been laid with significant use of resources, developing a planned rapid electronic response capability, including procedures, structures, and teams, is a process that will take some time – possibly several years. In the case of Ukraine, this initiative may come too late. However, the past few months since the start of the war have once again highlighted the need for a joint digital security initiative. Attacks against nation-states have indeed increased in recent years, but this situation has worsened since the beginning of the war, with energy supplies in particular under constant attack. This is a clear warning sign for NATO allies to strengthen cyber protection together and use synergies.

The conflict in Ukraine could mean a tipping point for the supply of information technology.  (Vogel IT media)

Conclusion: Comprehensive protection is a shared responsibility

NATO’s decision to adopt a dedicated cybersecurity strategy is a step in the right direction. Only joint, coordinated actions can lead to success in terms of electronic protection. The need for these joint missions is clear given the consequences of successful attacks. However, there is no such thing as 100% protection against attacks. However, structured cooperation can significantly reduce the likelihood of this being successfully implemented. Information, joint activities and mutual support in terms of efficient information technology, cyber defense and in other areas is the key to harmonious coexistence, sound infrastructure and the continuous smooth existence of states. But in the end, every country, every company, every organization and every authority must strive to provide adequate online protection, because the NATO initiative will essentially establish guidelines for cooperation. The concrete action is up to each individual.

About the author: Dr. Sebastian Schmerl is Director of Security Services for Europe, Middle East and Africa at Arctic Wolf. He has over 15 years of experience in cyber security, providing cyber defense services and building Enterprise Security Operations Centers (SOC) to companies such as Daimler, Volkswagen, Bosch, Datev and Bayer. Sebastian Schmerl is a permanent member of the “EU / ENISA – Working Group on Security Operations Centers” for the coordination of cyber protection for the European Union and Deputy Spokesperson for the SIDAR Group Specialized in the German Computer Science Association.

(No.: 48543552)

Leave a Comment