NATO to improve cyber defense in bid to boost alliance resilience

The virtual NATO Cyber Defense Pledge conference, an invitation-only event hosted by the government of Estonia in a virtual format because of pandemic restrictions, brought together senior government and private sector officials to discuss needed improvements in the alliance’s cyber posture.

One theme in the publicly available remarks by top leaders was a newfound urgency in protecting key infrastructure against cyberattacks, as the coronavirus pandemic has forced an even greater reliance on data connectivity across all sectors of society.

Estonian Prime Minister Kaja Kallas said “malicious cyber activities” against NATO members had increased since the global COVID-19 outbreak began in early 2020. “Sometimes it is by adversaries situated in our immediate neighborhood, sometimes by rivals across the globe,” she said in an apparent reference to Russia and China.

“We must recognize that cyberspace is at the forefront of increased global competition, and democratic nations must stand together against deviations from acceptable behavior,” Kallas said in her opening speech.

The push to harden NATO’s cyber defenses touches two key themes of the ongoing NATO 2030 reform process. For one, alliance leaders want to mandate certain levels of resilience in member nations, including in the cyber domain. The push entails everything from upkeep of transportation infrastructure to building fallback supply lines for vital goods, with the stated goal of making NATO as a whole able to bounce back from major shocks, including the ongoing pandemic.

The other theme aims to protect the alliance’s ability to harness next-generation technology for defense applications, including considerations for managing technological gaps between member states.

“Enhancing resilience and leveraging technology will be key to a strong alliance in a more competitive world,” NATO Deputy Secretary-General Mircea Geoană said. Those efforts are “essential elements of the NATO 2030 initiative, which will be at the heart of the upcoming NATO summit later this summer,” he added.

For Estonians, cyber threats emanating from Russia loom large in the national defense calculus.

“As the Estonian Foreign Intelligence Service recently concluded in their annual report, Russia continues to be one of the primary cyber threat actors to Western democracies,” Kristjan Prikk, permanent secretary of the Estonian Defence Ministry, told Defense News. “In the near future we need to prepare ourselves for potentially increasing cyber-enabled influence operations carried out by Russian special services,” he added.

In the United States, meanwhile, the Biden administration on April 15 placed sanctions on Russia for its role in the SolarWinds attack that affected several U.S. government agencies. The National Security Agency also issued a cybersecurity advisory calling out the Russian Foreign Intelligence Service (SVF) for continuing to exploit cyber vulnerabilities created by hacking the SolarWinds Orion system and other software.