The CEO of AI cybersecurity firm Darktrace has called for a “Tech NATO” to counter growing cybersecurity threats.
Poppy Gustafsson spoke on Wednesday at the Royal United Services Institute (RUSI) – the UK’s leading and world’s oldest defense think thank – on the evolving cyber threat landscape.
Russia’s illegal and unprovoked invasion of Ukraine has led to a global rethinking of security.
While some in the West had begun questioning the need for NATO post-cold war, and many members have failed to meet their defense spending commitments, the invasion of Ukraine has proven why the defense alliance remains a bedrock of Western security.
NATO members are now spending more on defense, increasing cooperation, and the alliance is now preparing to accept Sweden and Finland into its fold.
Russia has thrown out the rule book with its conduct and will eventually face war crime trials as a result. NATO members, in contrast, have acted in accordance with the UN charter and only provided resources to Ukraine that it can use to defend its territory from the invaders.
However, any provision of long-range weapons that could pose a threat to Moscow would be seen as going beyond helping an ally to defend itself into helping attack Russia itself—likely triggering a disastrous global conflict.
Those kinds of norms around conventional warfare are well-established. In the cybersphere, they’re yet to be set.
“There remains a persistent lack of clarity around how we define an act of war in the cybersphere,” said Gustafsson.
Gustafsson wants to see the creation of a dedicated international cyber task force, or a “tech NATO”, where global partners can collaborate, agree, and ratify norms for the cybersphere—including what kind of response would be warranted for breaches.
At the beginning of Russia’s invasion, the country attacked Viasat to disable Ukrainian communications. The attack spilt over into other European countries, including rendering 5,800 Enercon wind turbines in Germany unable to communicate for remote monitoring or control.
“The attack on the Viasat satellite that disabled Ukrainian military communications one hour before the invasion was a key component of the beginning of this war,” added Gustafsson. “We have seen UK, US, and EU officials jointly attribute this attack to Russia, an immensely political act. That is unprecedented.”
No-one reasonable would suggest that incident is worth triggering a full-scale war between NATO and Russia, but clarity is needed on what the response should be. If a cyberattack leads to serious loss of life, should it have any different response than if it was a missile?
“There is a shocking tolerance for cyberattacks, and that has to change,” argued Gustafsson. “Organisations that are custodians of valuable, private data can not be allowed to let that data fall into criminal hands through negligence and face no consequences.”
Darktrace says it has witnessed a global increase in attacks on critical national infrastructure bodies across its customer base—including a 90 percent increase in high priority security incidents on the networks of energy companies in Europe during the initial week of Russia’s invasion.
“Issues that we had thought about speculatively have now become our reality. We are facing war in Europe and there is an essential cyber component both to the way it is being fought and to its international ramifications,” says Professor Madeline Carr, Senior RUSI Associate Fellow and Professor of Global Politics and Cybersecurity at University College London.
“This is a complex area which is the subject of a wealth of academic debate and what is needed is clarity, consensus, and cooperation.”
Greater cooperation is certainly needed to combat evolving cyber threats. However, Gustafsson’s call for a “Tech NATO” is surprising—not least because NATO itself already has one in the form of the CCDCOE (Cooperative Cyber Defence Centre of Excellence).
Despite being run by NATO, the CCDCOE is open to “like-minded non-NATO nations”. Earlier this month, non-NATO member South Korea joined the organisation alongside NATO members Canada and Luxembourg. In March, Ukraine also joined the CCDCOE despite not being a full NATO member.
“Cooperation, sharing of information, skills, and best practices are essential for tackling the challenges we face in cyberspace,” said a spokesperson for the Embassy of the Grand Duchy of Luxembourg, following the country’s admission to the CCDCOE.
The CCDCOE leans more towards collaboration between public agencies but also brings together representatives from academia and the private sector to discuss cyber norms and improve members’ defenses.
“Each member of the CCDCOE plays an important role in building and advancing a strong and efficient unity against cyber threats,” explained Colonel Jaak Tarien, Head of the CCDCOE.
“In the long run, the conditions for peace in the cyber realm and a response to the security threats to the modern world cannot be created without united and committed support.”
We’ve reached out to Darktrace for clarification on Gustafsson’s call for a “Tech NATO” and how it would differ from the CCDCOE. We presume it would have a greater focus on private sector companies like Darktrace but will update this article when/if we receive an official response.
Related: US disrupts large Russian botnet ‘before it could be used’
Want to learn more about cybersecurity and the cloud from industry leaders? Check out Cyber Security & Cloud Expo taking place in Amsterdam, California, and London. The event is being co-hosted with the AI & Big Data Expo.
Explore other upcoming enterprise technology events and webinars powered by TechForge here.