Would NATO Go to War Over a Cyberattack?
They could determine, rather, that the appropriate Article 5 threshold in response to cyberevents might also be triggered by the far more likely consequences of large-scale economic disruption with corresponding national- and international-security implications.
This, of course, would require all twenty-eight members to reconsider their long-established views on what constitutes an armed attack under international law, and to achieve consensus on a far more forward-leaning approach. This would, no doubt, be a hugely difficult undertaking. Nevertheless, the development of international law is a continuous process, and states and international organizations should move to adapt it to help meet changing threats.
Allies need to seriously discuss what potential cyberscenarios they would consider to cross the Article 5 threshold, along with how individual members would be willing to respond in collective defense in the case of a cyberattack. Following these discussions, the organization should revise its cyber doctrine, training and educational frameworks to test the scenarios and potential responses.
NATO’s adoption of the policy that the collective-defense pledge applies in the cyber-realm is a huge first step in bringing NATO’s cyberdefenses up to speed with the evolution of threats. Resolving the practical questions related to application of Article 5 in response to cyberattacks, however, remains critical for the Alliance to achieve full integration of cyberdefense into its toolkit of collective-defense measures.
Klara Tothova Jordan is assistant director of the Atlantic Council’s Cyber Statecraft Initiative.
Image: Flickr/Free Grunge Textures/CC by 2.0