Government officials have warned that cyberattacks are rapidly becoming one of the greatest threats to the United States and its allies, but a new report says the North Atlantic Treaty Organization is still playing catch up.
"NATO's central missions of collective defense and cooperative security must be as effective in cyberspace as they are in the other domains of air, land, sea, and space," concluded a report released by the Atlantic Council on Monday.
While NATO enacted a new cyberdefense policy in June, the alliance now needs to focus on a core set of priorities to make cybersecurity efforts more effective, the report said.
A special worry for the miltary comes from networks controlled by private companies. The Wall Street Journal and Washington Post reported on Monday that the National Security Agency has pushed for greater cybersecurity authority but has been rebuffed by the White House over privacy concerns.
In 2002, NATO started a cyberdefense program, largely in response to cyberattacks carried out when the organization conducted military operations to force Serbian soldiers out of Kosovo in 1999. During that operation, the U.S. military reported a three-fold increase in the number of attacks aimed at defacing its websites.
NATO further expanded its cyber programs after cyberattacks against Estonia in 2007. It must continue that effort to repeatedly update and reinvent its cyber policies and capabilities, Jason Healey, director of the Atlantic Council's Cyber Statecraft Initiative, said at a panel discussion on Monday. But "NATO must be responsible for its own networks before looking to protect member states," said Healey, who helped author the report.
The report's other recommendations include developing standards and minimum levels of cybersecurity for member states; collaboration with the private sector; and treating cybersecurity as a national-security policy problem, not just a technical issue.
In the United States, businesses and government agencies have reported a growing number of sophisticated cyberattacks. In a report to Congress released in November, U.S. intelligence agencies said hackers in China and Russia are stealing large amounts of U.S. technological and trade secrets.
To confront such international threats, new cybersecurity legislation introduced in the Senate would require the U.S. government to collaborate with other countries to protect information networks.