Feeds

Nato should tool up for cyber war, say globo-bigwigs

Albright demands 'passive and active' measures

High performance access to file storage

Nato believes there is not likely to be a conventional military attack on its members in the future but that some form of cyber-attack is one of three most probable dangers facing the alliance.

The organisation is the midst of finding itself a new purpose. A group of bigwigs have been appointed to find "a New Strategic Concept". Nato has gone through several changes since its creation in the wake of the Second World War as a defensive alliance against the Soviet Union.

Although Nato said the possibility of conventional military attack could not be ignored it is more likely to face an attack by ballistic missile, a terrorist attack or a cyber attack.

Other less probable attacks include disruption to energy or maritime supply lines, a financial crisis or harmful consequences of climate change.

Dealing with cyber attacks will require more cooperation with the European Union, the experts conclude, because the EU has more expertise in dealing with such attacks.

The report warns: "The next significant attack on the Alliance may well come down a fibre optic cable. Already, cyber attacks against NATO systems occur frequently, but most often below the threshold of political concern."

It recommends a major effort to increase monitoring of Nato's critical network in order to find and fix vulnerabilities. The Centre for Excellence should improve members' training in cyber-defence. Nato members should expand their early warning network monitoring systems. Nato should have a team ready to dispatch to areas under or threatened by cyber attack.

Finally the experts said that over time Nato should "plan to mount a fully adequate array of cyber defence capabilities, including passive and active elements".

The group, chaired by Madeleine Albright, also looked at Nato enlargement, relations with groups and countries outside the Alliance - particularly Russia - but warned that such partnerships need to be a two-way street.

The press release and links to the full report are here. ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
OpenSSL Heartbleed: Bloody nose for open-source bleeding hearts
Bloke behind the cockup says not enough people are helping crucial crypto project
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
Experian subsidiary faces MEGA-PROBE for 'selling consumer data to fraudster'
US attorneys general roll up sleeves, snap on gloves
NSA denies it knew about and USED Heartbleed encryption flaw for TWO YEARS
Agency forgets it exists to protect communications, not just spy on them
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.