NATO to Set Up Cyber Attack Response Teams

NATO will soon set-up two rapid reaction teams that can help protect its networks in the event of a cyber attack. The two cyber-defence teams are expected to be up and running in weeks in response to significant cases of cyber-attacks recorded every year, a NATO official told defenseworld.net. 

In 2012, NATO recorded 2,500 "significant cases" of cyber attacks on its systems. This year there have been no significant rises or reductions in attacks compared to 2012. “Exact 2013 figures have not yet been compiled. What we can see is that the incidents recorded by NATO experts so far this year are comparable to what similar organisations have faced and generally consistent with 2012 levels,” the official said.

Part of that success is attributed to the 58 million euro upgrade to the NATO Cyber Incident Response Centre (NCIRC) which includes state of the art sensors, scanners and intelligent analytic capabilities to better prevent, detect and respond to cyber threats.

Northrop Grumman and Finmeccanica were awarded a contract by the NATO Consultation, Command and Control (NATO C3) Agency last year to develop, implement and support the NATO Computer Incident Response Capability (NCIRC) – Full Operating Capability (FOC).

The contract is for an extensive managed service which will provide information assurance to approximately 50 NATO sites and headquarters throughout 28 countries worldwide, according to Northrop Grumman.

“This upgrade will significantly enhance NATO’s ability to protect its own networks. The NCIRC has proven to be a vital hub for dealing with cyber incidents and for disseminating cyber security information across the Alliance,” the NATO official said.

“Looking to 2014, we expect to see the operational benefits of the increased detection and response capability which we are currently achieving by upgrading the NCIRC. Our defensive efforts will focus on tuning our new system to maximum effect.”

In 2011, NATO Defence Ministers agreed on a revised cyber defence policy which aims to improve the Alliance’s coordination on cyber defence, with a focus on prevention and building resilience.

According to the terms of this policy, all NATO structures will be brought under centralised protection. The policy clarifies political and operational mechanisms of NATO’s response to cyber attacks, and integrates cyber defence into NATO’s Defence Planning Process, a NATO official told Defenseworld.net.

Earlier this year, defence ministers from NATO countries approved the first step of integrating cyber defence capability targets into the defence planning process.  This effort centres on bringing allies up to a minimum standard in terms of cyber defence capabilities and preparedness. Capability targets can include the introduction of national cyber policies, a national cyber authority and the creation of national cyber defence response capabilities.