In the recent NATO summit, the 30 international allies vowed to use the full force of their alliance to fight ransomware worldwide.
As a quick reminder: NATO -- the North Atlantic Treaty Organization -- is an alliance of countries from Europe and North America. It provides a unique link between these two continents, enabling them to consult and cooperate ...
During the summit, NATO members reaffirmed the Comprehensive Cyber Defence Policy spanning “collective defense, crisis management and cooperative security.” In that light, NATO said it is “determined to employ the full range of capabilities at all times to actively deter, defend against, and counter the full spectrum of cyber threats, including those conducted as part of hybrid campaigns, in accordance with international law,” the organization wrote in a communique following the international meeting. The statement appeared to be a thinly veiled message to Russia concerning its heightened cyber aggression.
Immediately prior to the NATO meeting, at the G7 Summit in Geneva, Switzerland, U.S. President Joseph Biden and Russian President Vladimir Putin had what has been described as an amicable exchange over the Kremlin’s involvement in ransomware attacks on U.S. critical infrastructure, including the recent Colonial Pipeline hack and a cyber hijacking rained down on meat packer JBS. Their meeting produced few concrete steps other than an agreement to continue talks, reports said.
Where do MSSPs and IT service providers fit into this global government war against ransomware? Keep in mind that President Biden's executive order on cybersecurity, issued in May 2021, specifically mentioned IT service providers more than a dozen times.
Meanwhile, NATO's members made it clear that NATO’s response to cyberattacks will not be confined only to a cyber response. The statements recognized the increasing frequency of cyber threats, particularly ransomware incidents targeting critical infrastructure and government. In reaffirming NATO’s defense policy, the members pledged the following on policy:
- Employ the full range of capabilities at all times to actively deter, defend against, and counter the full spectrum of cyber threats.
- A decision as to when a cyber attack would lead to the invocation of Article 5 (an attack on one member is an attack on all) would be taken by the North Atlantic Council on a case-by-case basis.
- The impact of significant malicious cumulative cyber activities might, in certain circumstances, be considered as amounting to an armed attack.
- Promote a free, open, peaceful, and secure cyberspace, enhance stability and reduce the risk of conflict by supporting international law and voluntary norms of responsible state behaviour in cyberspace.
- Make greater use of NATO as a platform for sharing concerns about malicious cyber activities, and exchanging national approaches and responses.
And, the following on response to attacks:
- Resilience and the ability to detect, prevent, mitigate, and respond to vulnerabilities and intrusions is critical, as demonstrated by malicious cyber actors’ exploitation of the COVID-19 pandemic.
- Continue to adapt and improve cyber defences. Remain committed to uphold strong national cyber defences as a matter of priority. Continue to implement cyberspace as a domain of operations.
- Further develop mutually beneficial and effective partnerships with partner countries, international organisations, industry, and academia, furthering our efforts to enhance international stability in cyberspace.
- Expand the use of their all for one, one for all, mutual defense clause to include a collective response to attacks in space.
In a summit statement, the leaders said they “consider that attacks to, from, or within space” could be a challenge to NATO that threatens “national and Euro-Atlantic prosperity, security, and stability, and could be as harmful to modern societies as a conventional attack.”
