By Mehmet Bildik*
NATO is implementing a coordinated approach to cyber defence that encompasses planning and capability development aspects in addition to response mechanisms in the event of a cyber attack. To achieve this, NATO is incorporating and integrating cyber defence measures across all Alliance missions. NATO is also developing minimum requirements for those national networks that are connected to NATO information.
Therefore, NATO is identifying its critical dependencies on its allies’ national information systems and working with its allies to develop minimum cyber defence requirements. NATO is defending its territory and populations against all threats, including emerging security challenges through cyber defence. On that point, the NATO policy on Cyber Defence reiterates that any collective defence response is subject to decisions of the North Atlantic Council, which is enhancing NATO consultation mechanisms, early warning, situational awareness and information-sharing among the allies. In this regard, Russian hacker groups affiliated with the Russian government carried several cyber attacks to the computers of Ukrainian administration officials and to agencies in NATO.
Russia has been using a form of hybrid warfare in Ukraine since early 2014 that relies on an element of information warfare that Russia calls “reflexive control”. The primary objective of the reflexive control techniques Moscow has employed in the Ukrainian situation has been to persuade the West and strong NATO allies to remain on the sidelines as Russia dismantles Ukraine. Russia has used force against Ukraine by engaging in “hybrid warfare”. Rather than openly using military power to secure its political objectives in Ukraine, Russia has adopted an approach intended to give the Kremlin “plausible deniability” while reducing the cost associated with engaging Ukraine’s armed force directly. On that point, cyber conflict and cyber warfare present great examples of the use of new technologies within the scope of hybrid warfare. The adversary is usually difficult to locate and to respond to in the cyber domain. Cyber space allows for a great deal of anonymity and attacks can be routed through servers all over the globe to mask its origin. On December 23, 2015 the power grid in the Ivano-Frankivsk region of Ukraine went down for a reported six hours, leaving about 1.4 million people without power.
The Russian cyber assault on Estonia in 2007 was a blueprint for a geopolitically inspired and just-deniable-enough digital disruption. When the Estonian government decided to move a Soviet war memorial from the center of its capital in Tallin to a military cemetery on the outskirts of town, Russia responded by encouraging “patriotic hackers” to engage in a three week long Distributed Denial- Of-Service (DDoS) attack against numerous sectors of the Estonian economy, including the government, media, and financial institutions. Russia might, alternately, hold off on such disruptive attacks in favor of increasingly aggressive espionage in which Russian state-sponsored hackers are believed to have compromised the U.S Department of State, then used that access to penetrate the unclassified network of the Executive Office of the President. Unlike previous intrusions linked to Russia, on this occasion the digital spies did not back out of the system once they were discovered but fought back in order to maintain their foothold in the network and intrusion which forced the Pentagon to take the system down for several days. On February 9, 2016, President Barack Obama announced his Cyber Security National Action Plan, which proposed investing over $19 billion, 35 percent more than last year, in cyber security in 2017.
Turkey is reeling under a massive cyber attack purportedly carried out by the hacker group called Anonymous. The targets of the attacks include websites of governments and banks. The two-week-long cyber campaign intensified over financial and state-run sites. These sites have experienced Distributed Denial of Service (DDoS) attacks, resulting in the crippling of transactions. Anonymous claimed responsibility for the cyber terrorist attacks. Their cyber attacks are mainly targeting airports, military assets and private state connections in Turkey. More than 400,000 websites registered under Turkey’s top-level internet domain “.tr” have experienced problems. The computer servers of government agencies and private entities have suffered systematic cyber attacks. It’s likely that Russia is behind the cyber attacks in retaliation for Ankara’s downing of a Russian jet in November 2015. Russia is taking the lead in developing a combat doctrine that encompasses both kinetic and cybernetic activity. In the case of Ukraine, cyberspace operations enable Russia to continue denying its involvement with it’s neighbor, while at the same time persisting in efforts to attack it.
In a climate of growing global awareness of the risks of privacy breaches in the World Wide Web, the world is increasingly relying on Israel’s expertise to ward off computer threats and keep information secure. Combining exceptional high-tech capabilities with skills honed over decades, contending with the threats over terrorism, its is seen that Israel were exported more than 3 billion dollar worth of cyber products in 2015. Furthermore the Israeli government has established the National Cyber Bureau, which is engaged in target efforts to secure the cyber front. The NATO Strategic Concept allows for an interesting window of opportunity and more room for Israel to get closer to NATO. The aim of the new Strategic Concept is to address NATO’s challenges and new forms of strategic threats, such as cyber warfare. Israel is also thinking of a military type of coalition on the basis of Cyber Article 5, which Israel has a Cyber Article 5 and so does NATO. Therefore NATO is reassessing the format and structure of its relations with Israel. In this respect, Israel is assessing its goals with regard to future relations with its alliances.
Turkey has become a member of the NATO Cooperative Cyber Defense Center of Excellence (CCDCOE), which focuses on consultations, training and exercises in the field of cyber security. NATO Cooperative Cyber Defense Center is also enhancing capability, cooperation and information sharing between NATO, its members and its partners in cyber defense. The fate of NATO’s superiority in the Euroasian space will be determined by the success of Operation Inherent Resolve, which is being led by the United States against DEASH from NATO’s Incirlik Airbase in Turkey. On the other hand, two ılyushin-20 surveillance planes settled into Syrian airspace to provide a major upgrade for the Russian air fleet of Sukhoi-30 fighter jets. The Coot-20 can supply Russian forces and commanders with a complete, detailed electronic activity on the ground and collate the data gathered and transmit it to the intelligence command center at the Latkia Airbase, which posses significant threats for Israel in terms of IDF presence in Golan Heights. In this vein, Turkey, NATO and Israel are developing a cyber system with capability to counteract Russian hybrid warfare in the Middle East.
*Mehmet Bildik is a research fellow studying military and strategic affairs with the Turkish Ministry of Foreign Affairs and a research assistant at the military and strategic affairs cyber security program of The Institute for National Security Studies under the Israeli Ministry of Foreign Affairs. He received his MA degree at Bucharest National School of Political Science and Public Administrative Studies as a Security and Diplomacy Scholarship holder under the Turkish Ministry of Foreign Affairs.