In an aerial view, fuel holding tanks are seen at Colonial Pipeline’s Dorsey Junction Station on May 13, 2021 in Woodbine, Maryland. The Colonial Pipeline has returned to operations following a cyberattack. Drew Angerer/Getty Images
The leaders of the 30 NATO countries agreed “that the impact of significant malicious cumulative cyber activities might, in certain circumstances, be considered as amounting to an armed attack,” an assessment that could lead to the invocation of the organization’s mutual self-defense clause, Article 5.
The countries “(reaffirmed) that a decision as to when a cyber attack would lead to the invocation of Article 5 would be taken by the North Atlantic Council on a case-by-case basis,” according to a joint statement released during the NATO leaders’ summit on Monday.
“We will make greater use of NATO as a platform for political consultation among Allies, sharing concerns about malicious cyber activities, and exchanging national approaches and responses, as well as considering possible collective responses. If necessary, we will impose costs on those who harm us,” the joint communique said.
Speaking to the press on Sunday, US National Security Adviser Jake Sullivan said that “the notion is that if someone gets hit by a massive cyberattack, and they need technical or intelligence support from another Ally to be able to deal with it, they could invoke Article 5 to be able to get that,” but underscored it would be “on a case-by-case basis.”
The NATO joint communique noted that “Cyber threats to the security of the Alliance are complex, destructive, coercive, and becoming ever more frequent.”
“This has been recently illustrated by ransomware incidents and other malicious cyber activity targeting our critical infrastructure and democratic institutions, which might have systemic effects and cause significant harm,” it said.
Some more background: The United States has been hit with a spate of cyberattacks in recent weeks, some of which are believed to have been caused by malign actors in Russia. The joint communique denounced Moscow’s “malicious cyber activities; and turning a blind eye to cyber criminals operating from its territory, including those who target and disrupt critical infrastructure in NATO countries.”
The allies said that in order to face the “evolving” challenge of cyber attacks, they on Monday “endorsed NATO’s Comprehensive Cyber Defence Policy, which will support NATO’s three core tasks and overall deterrence and defence posture, and further enhance our resilience.”
“Reaffirming NATO’s defensive mandate, the Alliance is determined to employ the full range of capabilities at all times to actively deter, defend against, and counter the full spectrum of cyber threats, including those conducted as part of hybrid campaigns, in accordance with international law,” the joint communique said.
It also noted that NATO as an organization will “continue to adapt and improve its cyber defences” and that they will “further develop NATO’s capacity to support national authorities in protecting critical infrastructure, including against malicious hybrid and cyber activity. We will ensure reliable energy supplies to our military forces.”