NATO scrambles to take the cyber high ground
By Murray Brewster, The Canadian Press
OTTAWA - It's the kind of battle you can't hear, but one that's been raging with varying degrees of intensity since the crisis in Ukraine erupted — and one the supreme commander of NATO describes in the most chilling terms.
With public attention focused on opaquely uniformed Russian special forces in Crimea and supposedly separatist militias in eastern Ukraine, an entirely different — and insidious — shadow army has been operating online in a campaign that's already exposing fault lines within the western military alliance.
Moscow's stealth annexation of Crimea was accompanied by a highly co-ordinated cyber campaign aimed at civilian and military targets — a brutally effective effort, said U.S. Gen. Phillip Breedlove, who is visiting Canada this week.
Where a bygone era of warfare saw railways, bridges, factories and command posts bombed to ashes, these days servers and websites are hacked and forced to crash, putting a grinding halt to the wheels of government and civilian life.
"Clearly, cyber was a huge part of what Russia has done," Breedlove said.
"When they took Crimea, cyber was a part of a well-planned, total decapitation of Crimea from the command and control structure of Ukraine. Ukraine was absolutely disconnected from being able to do anything with their forces in that area. Cyber was one of three tools used, and used quite exquisitely."
It's a stark warning for NATO, which has been slow to fully embrace cyberwarfare concepts and is still debating internally where the line is between a defensive and offensive posture.
The issue is so urgent and the stakes so high that staff are working furiously to come up with a position and recommendations for NATO leaders before they gather in Britain for a summit meeting in September.
"I think we will take up cyber at the summit," Breedlove said. "That question will have to be addressed."
The leaders will also consider whether NATO's recent escalation of aircraft, ships and troops in eastern Europe will continue past Dec. 31, and whether a more permanent western military presence will be necessary in countries like Poland and the Baltic states, he said.
"I think this is something we have to consider, and we will tee this up for discussion through the leaderships of our nations."
Given the unfolding unrest, Breedlove hedged on whether a previously planned U.S.-led military exercise in western Ukraine — known as Rapid Trident — would go forward in July, saying it has not yet been cancelled.
Canada's top military commander, Gen. Tom Lawson, acknowledged that Canadian troops are slated to be part of the exercise, but couldn't say how many. There are 50 soldiers currently involved in a training exercise that's already underway in Poland.
The frigate HMCS Regina and six CF-18 fighters with associated ground support are also operating in Europe.
NATO developed a cyber defence policy last year, but it's "relatively new" and only a first step, Breedlove conceded.
"The bottom line is: Good work has started. I believe more work needs to be done."
As if to underline the nature of the threat, several of NATO's public websites were shut down at the height of the Crimean crisis in March by a so-called denial of service attack — a hacking tactic that essentially overloads a website with nuisance traffic.
NATO officials said no critical networks were affected in the assault, perpetrated by a shadowy group calling itself 'Cyber Berkut' — a reference to the riot police deployed against protesters by ousted Ukrainian president Viktor Yanukovych.
There have also been published reports of a Russian-made virus infecting Ukrainian government computers and cyberattacks against the Kremlin and Russia's central bank.
By its very nature, NATO is a defensive alliance. But some in military, intelligence and cyber circles argue that the ability to go on the offensive is necessary, given the nature of modern threats.
Whether it's legitimate to pre-emptively attack and break up hacking networks, or implant virulent software viruses, as was done to disrupt Iran's nuclear program, is a legal, ethical and moral issue NATO leaders will soon have to weigh.
And then there's the alliance's timeworn internal disunity.
Some members, notably the U.S., Canada, Britain and France, have sophisticated cyber capabilities, while others — including some of NATO's more established members — are more vulnerable.
"There is a great pressure in the nations because every nation, including mine, feels like it needs to do more to defend itself," said Breedlove.
"So, there's a little reluctance to begin to spend on each other to defend each other. This is a friction that I think will be worked through in the next months — or so."