Russia a potential threat actor in cybersecurity: NATO
A senior NATO official warned Thursday that Russia "has demonstrated that it has the potential to be a comprehensive actor."
In an exclusive interview with Anadolu Agency, Merle Maigre, director of the NATO Cooperative Cyber Defense Centre of Excellence, spoke on cybersecurity and the threats NATO faces.
When asked the gravity of the cyber-threat faced by NATO nations, Maigre said such threats "do not recognize geographical or institutional borders. In cyberspace, everything is merged into one battlefield."
"On the cybersecurity front, the current Russian government has demonstrated that it has the potential to be a comprehensive threat actor," she said.
"Moscow possesses the technological skills, from being able to distribute denial of service attacks to trolls to more advanced persistent threats. It has a strategy in place to derail any global consensus on cyberspace from emerging, from the Gerassimov doctrine to Internet governance, and is engaging in operations, such as the recent US election hacks and NotPetya attack.
"Last but not least, its long-term legal approach has been to undermine the UN Group of Governmental Experts."
Asked whether cyberattacks are being effectively used to alter elections, Maigre said: "Cyber operations have started to play a key role in the toolbox of political and military intelligence-gathering and information operations."
"Hybrid challenges call for hybrid response. A combination of legislative, organizational and technical measures need to be implemented in a comprehensive, whole-of-society manner. That includes a unified effort by government, businesses, and a civil society of IT community," she added.
Asked to elaborate on the cooperation with member countries including Turkey, Maigre said the NATO Cooperative Cyber Defense Centre of Excellence (NATO CCDCOE) has grown into a 20-nation-strong cyber defense hub with several flagships.
"The world's most complex international live-fire cyber defense exercise Locked Shields, international conference and community-building event CyCon, and the already mentioned Tallinn Manual," she listed, adding that all member countries, including Turkey, have contributed to the success of the center and these highlights.
- Cyber-defense hub
"We highly value the participation of Turkey and recognize and appreciate how Turkey has contributed to the success of our cyber-defense hub by sending us the best people," she added.
Explaining the center's practices, Maigre said it is a NATO-accredited cyber defense hub focusing on research, training, and exercises.
"The international military organization based in Estonia currently includes 20 nations providing a 360-degree look at cyber defense, with expertise in the areas of technology, strategy, operations, and the law," she said.
"We have a diverse mix of experts from the military, government, academia, and industry working together on the most relevant topics in cyber defense. In addition to the flagships mentioned above, we carry out a number of cutting-edge trainings in all our focus areas.
"As of January 2018, NATO CCDCOE is responsible for identifying the cyber defense operations training requirements and coordinating training solutions for all NATO bodies across the Alliance."
On the center's 2018 plans, Maigre said the program Locked Shields will take place again at the end of April.
The program, organized by the center since 2010, focuses on training the cyber defenders who protect national IT systems.
"Every year, national Blue Teams are put under intense pressure to maintain the networks and services of a fictional country, handling and reporting incidents, solving forensic challenges, and responding to legal, strategic communication and scenario injects.
"In 2017 the exercise enabled nearly 900 cybersecurity experts from 25 countries to practice the defense of IT systems and critical infrastructure under the intense pressure of a severe cyberattack. The focus is on realistic scenarios, cutting-edge technologies, and simulating the entire complexity of a massive cyber incident. For the first time, in 2017, a strategic track ran parallel to the technical exercise," she said.
"It's too early to speak of any details, but the exercise in 2018 will definitely involve new challenges and special systems together with a strategic track that is integrated with the entire scenario," she added.