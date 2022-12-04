NATO’s cyber forces have been watching the war in Ukraine closely, both to find ways to help Ukraine and to understand how to make it more difficult for Russia and other adversaries to hack infrastructure in NATO member states. s and their allies.

The conflict has added urgency to NATO’s annual Cyber ​​Coalition exercise, in which more than 40 member states, allies and other organizations work together to respond to and recover from simulated cyber attacks on critical infrastructure such as . power grids and ships. The exercise spanned the globe, with nearly 1,000 cyber professionals participating remotely from their home countries.

The world has never experienced an all-out cyber war in which cyber attacks are used to the same devastating effect as physical attacks, such as shutting down critical services such as power and water and preventing their restoration. The situation in Ukraine, however, is on the brink.

And NATO has been deliberately vague about the level of cyber attack it would take members to respond with either force or destructive cyber attacks of their own.

This year, cyber security officials and technical experts came to Tallinn from Europe, the United States and as far as Japan to respond to cyber attacks against the fictional island of Icebergen, located somewhere between Iceland and Norway. On November 28, hackers launched a digital attack on the fictional island in an attempt to steal intelligence and intellectual property, disrupt government services and bring down the power grid.

The US led the air command and control in the exercise, while Romania led the development of the story, the United Kingdom took control on the ground and Poland was in charge of the special operations forces.

The results were a closely guarded secret by NATO officials due to security and intelligence concerns, but US Marine Col. Charles Elliott, the exercise’s director, told reporters that no one failed the exercise. He declined to give more details about what vulnerabilities were found.

Almost 150 staff were on site for the event, double the amount that made the trip last year. US Cyber ​​Command and US European Command had about 50 people participating in person or remotely.

Elliott said it is certainly possible that the conflict in Ukraine had something to do with the increase in attendance, but declined to attribute it directly. While Ukraine has participated in previous years, it did not this year because officials there are too busy protecting their networks from a barrage of Russian attacks, including in main power substations.

The war in Ukraine has injected a new urgency into questions of how NATO would respond to a cyber attack on a member state large enough to invoke Article 5, which labels an attack against any member state as an attack against all. The government of Albania considered requiring its use earlier this year after a widespread attack on the country’s networks by Iran.

Further complicating matters is how vulnerable critical networks in NATO states are to cyber attacks. They can range from sophisticated operations to installing malware in software updates to the more common ransomware attacks, in which hackers trick a user into clicking on a link and then shut down a network to extract a payment. . In a sign of how cyberattacks are increasingly intertwined with traditional warfare, Russia has coordinated missile strikes in Ukraine with cyberattacks to intensify civilian misery on the ground.

The difficulty of keeping hackers out makes it even more important to practice how to respond once they’ve penetrated networks, officials say.

“Cyber ​​in general is still an area that I think favors the attacker more than the defender, and I hope we’re able to change the dynamic, but we’re not there yet,” David Cattler, NATO’s assistant secretary general, told reporters. for Intelligence and Security. a briefing during the exercise.

Officials said they incorporated scenarios and lessons from cyberattacks on Ukrainian infrastructure this year, including power grids.

It has made it much more vivid, its reality, Major Tobias Malm, from the headquarters of the Swedish Armed Forces, said of the war in Ukraine. It’s the real world, you sit in the middle of it, and it’s a daily struggle to address these issues.

The exercise was held at NATO’s Cyber ​​Range, a building designed and opened in 2021 to serve as a center to train NATO’s cyber security experts on how to coordinate and respond to attacks like his. which face on the ground in Ukraine. The building gives cyber professionals a secure location with independent computer networks that can simulate cyber doomsday. The building has unclassified and classified spaces and rarely opens its doors to the press in an effort to keep operations secure. Participants were prohibited from bringing any personal devices into the simulation area.

They are constantly building and tearing down these networks, so basically this whole building is a blank slate; you can reconfigure it however you want, Elliott said.

Part of the exercise involved experimenting with new technologies, including adapting the use of artificial intelligence technologies to help tackle cyber threats.

NATO is committed to maintaining its technological edge, David van Weel, NATO’s assistant secretary general for emerging security challenges, told reporters during a virtual conference Friday.

The intensified pressure on cyber professionals within NATO and allied countries has made the ability to coordinate and test communication protocols even more essential. Finland, along with Sweden, is currently being considered for NATO membership, but has long been a strong NATO cyber partner and both were involved in the exercise.

Major Markus Riihoven, a member of the Finnish Defense Forces, said the exercise was essential to develop a network of trust that could easily be used during a real-world cyber attack.

To build trust, participants mingled during frequent coffee breaks and ate lunch in a fairly relaxed environment outside the training rooms. They were kept on track by announcements from management about the schedule accompanied by songs, including, at the end of the workout, ABBA’s Waterloo blasted over the loudspeakers.

Still, hanging over society was an awareness that this test could very quickly become a real-world scenario. Not to mention the looming question of whether military defenses alone will ever be enough to stave off a large-scale cyber attack.

NATO’s Bernd said they need to move beyond the government and military to fight cyber attacks, referring to the role the private sector can play in bringing systems back online.

What this exercise showed, he said, is that the expansion of the cyber family that is dealing with cyber attacks beyond the military framework is something that we need to train how to work together.