Director of cyberdefense center points to decision-makers' lack of skills
Merle Maigre, director of the Tallinn-based NATO Cooperative Cyber Defence Centre of Excellence (CCD COE), wrote in a piece published in German business paper Handelsblatt on Thursday that the current lack of skills and knowledge regarding cyberattacks and how to deal with them is worrying, and that more international cooperation is needed to address it.
"The digital era, with all of its benefits, has profoundly changed the security environment of liberal democracies. We face potential destruction of national infrastructures and militaries in ways unimaginable a quarter century ago." This quote by former President Toomas Hendrik Ilves, according to Maigre, illustrates perfectly a security situation that today has become a lot broader.
Cyberattacks as part of warfare already a reality
Energy, telecommunications, healthcare, education, transportation, traffic, utilities, banking, business, all of these sectors are part of a network through which they can be singled out and attacked.
Should this happen, the consequences could have a lasting impact on the development of whole societies. By now the domain of cyberspace has moved on from what Maigre describes as a playground of hackers and petty criminals to a separate domain of warfare.
As Maigre points out, cyberattacks have already become a significant component of conflicts in which cybercrime syndicates, politically motivated non-state entities, and sophisticated state actors with offensive cyber capabilities are counted among adversaries as much as conventional military forces.
Adversaries can act very quickly and adapt to changes in the situation as well. Because the legal space in which they exist is only slowly developing and an actual practice of applying international law to incidents concerning cyberspace is a matter of experience, the current situation presents a formidable challenge to policymakers.
Authorities show lack of skills that needs to be addressed
In her article Maigre also pointed to the worrying global shortage of relevant skills. According to the White House's cybersecurity coordinator, the United States alone is short of some 300,000 personnel.
Adding to this are scarce resources and talent constraints in the public sector, along with a lack of coordination among agencies even of single governments and authorities in countries around the world only slowly reacting to developments that often happen at break-neck speed.
And though political leaders by now are making cybersecurity a campaign and policy issue, their understanding just how and why the subject should be approached in detail is often insufficient.
To make up for this lack of readiness and skills, organizations as well as governments should invest in preparation, which in turn requires knowledge. A solid knowledge base for cyber defense can only be developed in practice, which means that what is needed is a community of specialists and teams.
International cooperation crucial, realms of diplomacy and law affected as well
In practice, this means that both the military and civilian authorities need to know about cross-dependencies and the different systems in use. As it is already done at the cyberdefense center in Tallinn, exercises need to be based on scenarios that are as close as possible to real life.
Apart from the technological dimension there is also the legal and the diplomatic realm, both of which are important here. How should a country react to being attacked if it isn't immediately obvious where exactly the attack is coming from? Once the country of origin is identified, what then?
A hostile operation in cyberspace is taxed as an attack not based on whether it is directed against public or private infrastructure or against military or civilian personnel, but by the scale and effects of the operation. This is where international law comes in, as it is important to interpret an individual attack based on the existing legal means.
All of this is of great importance in a domain where politics can get lost in technical and legal matters. Identifying, spoiling, tracking, and reacting to cyberattacks takes skills and a level of preparation that in too many cases the current generation of decision-makers don't have.
According to Maigre, international coordination is crucial. National and institutional borders don't exist in the virtual world, where all aspects are merged into a single theater. European and transatlantic cooperation is the key to more effective prevention, detection, and deterrence of cyberattacks, and this cooperation needs to be closer in the future.
Editor: Dario Cavegn