The North Atlantic Treaty Organization (NATO) is reportedly making the decision to integrate cyber warfare into its command, representing a major policy shift in recent decades compared to its previous reliance on brute force to achieve its military aims.
“Capitalizing on the multinational coalition’s recognition of cyberspace as a theater of operations at last year’s Warsaw Summit, NATO Secretary General Jens Stoltenberg announced last month the creation of Cyber Operations Center as part of an overall effort to update and adopt a more expansive and efficient command structure. Last week, retired Air Force Colonel Rizwan Ali revealed how the decision, which he helped write and implement, could affect the way NATO conducts operations and counters threats from abroad.”
Newsweek reports that according to Ali, one of the leading officials who drafted the strategy, the new policy shift represents a stark modern day warning to American foes, especially Russia.
“In short, NATO embraced the use of cyber weaponry in NATO operations. This is a marked departure from NATO’s historical stance of using cyber only defensively, mainly to ward off incursions against its own networks,” Ali wrote in Foreign Policy earlier this month.
The more aggressive approach was intended as a strong message, primarily to Russia, that NATO intends to use the cyber capabilities of its members to deter attacks in the same way it uses land, sea and air weaponry,” he added.
Perhaps NATO will use cyber warfare against the Russians in the years to come — or perhaps much further down the line when a global conflict becomes that much more inevitable. However, despite the thus far baseless claims that Russia is capable of hacking the U.S.’ elections, in the more foreseeable future, NATO’s cyber warfare policy is actually directed primarily at Iran, not Russia.
Iran has allegedly conducted a number of very successfully damaging cyber attacks against the United States in recent years, though these have received little to no media hysteria compared to the attention and outrage the alleged Russiagate scandal has garnered.
From the Conversation:
“It was clear by the mid-2000s that Iran would become a source of cyberattacks: Its hackers had started taking over websites worldwide and posting their own messages on them, a practice called ‘defacing.’ Often it was just for fun, but some hackers wanted to stand up for their country and Muslims. One prominent group, Iran Hackers Sabotage, launched in 2004 ‘with the aim of showing the world that Iranian hackers have something to say in the worldwide security.’”
Just to give the reader a few examples of what Iranian hackers have been capable of recently, the Conversation summarizes the following (among others):
“Ashiyane [the Ashiyane Digital Security Team] defaced 500 websites in 2009 during the Israeli incursion into Gaza and 1,000 sites in the U.S., U.K. and France in 2010 for supporting what the group said were anti-Iranian terrorist groups. By May 2011, Zone-H had recorded 23,532 defacements by the group. Its leader, Behrouz Kamalian, said his group cooperated with the Iranian military, but operated independently and spontaneously.”
However, over the years, Iranian hackers have gone further than merely “defacing” websites and calling the West’s reputation into question. According to the Conversation, by 2012, “Iranian cyberattacks had gone beyond simple web defacements and hijacks to ones that destroyed data and shut down access to critical websites.” [emphasis added]
The Conversation notes a number of instances in which Iranian hackers allegedly directed and disrupted major Saudi oil companies, as well as American banks, not to mention companies related to Sheldon Adelson, one of the most powerful anti-Iranian figures in the oligarchic class. At the time, then-Defense Secretary Leon Panetta said Iran’s alleged retaliatory cyber-attacks were “probably the most destructive attack the private sector has seen to date.”
However, there is one crucial development that even the Conversation overlooked. This year alone, the U.S. Navy has had a number of awkward collisions and accidents in which a number of personnel died. These accidents have already prompted concerns regarding the potential for hackers to target U.S. warships. This is because, as Business Insider notes, “the number of accidents involving warships in the western Pacific during ‘the most basic of operations’ – has stirred concern that outside factors are affecting the ships and their crews.”
“There’s something more than just human error going on because there would have been a lot of humans to be checks and balances” when transiting a narrow body of water such as the Strait of Malacca, Jeff Stutzman, a former Navy information warfare specialist, told McClatchy DC.
“When you are going through the Strait of Malacca, you can’t tell me that a Navy destroyer doesn’t have a full navigation team going with full lookouts on every wing and extra people on radar,” he also stated.
Unsurprisingly, the military was forced to conduct an investigation into whether or not cyber warfare was responsible for at least one of the accidents. As Foreign Policy explains:
“If hackers breached the McCain’s digital defenses, it would represent a startling development in naval warfare. American intelligence officials have theorized that hackers working on behalf of an enemy state could conceivably hack into a ship’s computer systems and blind its commander by, for example, displaying an inaccurate location of the ship on its charts.”
According to the U.S. Navy’s official website, ships are already being misdirected through the hacking of their GPS systems:
“During June 2017, a commercial ship off the Russian coast discovered its GPS navigation system erroneously located the ship at an airport 32 kilometers inland. At least 20 other ships in the area had similar problems with their Automatic Identification System, which U.S. Navy ships also use. ‘Experts think this is the first documented use of GPS misdirection – a spoofing attack that has long been warned of but never seen in the wild.’”
The Navy’s website also acknowledged that cyber threats “can come from nations with highly sophisticated cyber programs, countries with lesser technical capabilities but possibly more disruptive intent, ideologically motivated hackers or extremists and/or insiders within our organizations, with a variety of motivations. Even cyber criminals threaten the Navy because they sell malicious software to state and non-state actors, thereby increasing the number of potential threat actors.”
While the investigation’s conclusion attempted to curb these concerns by stating that the problem was most likely caused by human error alone, it could easily be the case that admitting the U.S. Navy is capable of being compromised by adversarial states is far too embarrassing, even if acknowledging the threat would create a decent pretext to go to war with Iran. In that context, one might wonder if the U.S. would ever openly admit that a country like Iran could cause such a humiliating spate of defects to the greatest military force in the world. The Navy’s conclusion also doesn’t deal with all of the accidents that occurred during the year, making it unclear if at least one of them may have been caused by a cyber attack.
Nevertheless, it is something worth keeping an eye on in the very near future. A country like Iran cannot rely on brute force to take on the United States, but it has certainly developed alternative avenues to disrupt the progress of the countries seeking to overthrow the Iranian government. Now, it appears NATO is looking to follow suit in order to keep up with the developments these adversarial states have attained, and one might expect a rise in this type of cyber-related activity and a number of other “avoidable” accidents occurring as a result, as well.