Cyber offense in NATO: challenges and opportunities

Abstract

Abstract As a response to the Russian invasion of Crimea, NATO returned to the core military concepts of deterrence and collective defence. This NATO adaption has recently come to include attempts to integrate offensive cyber effects into NATO force structure and response doctrine. The article argues—counter to what is publicly declared—that such an integration does little to strengthen NATO's deterrence posture and is unlikely to deter non-military, hybrid cyber activity below the threshold of collective defence. The article identifies several practical challenges to the current integration effort, which include the temporal dimension of developing exploits, battle damage assessment and deconfliction. With these challenges in mind, the article suggests that deploying minor and less resourceful cyber effects that cause persistent ‘cyber annoyances’ holds an unappreciated potential as they can drain opponent resources, disturb vital IT-systems and complicate decision-making. The article ends by arguing that NATO should not adapt its collective defence clause to cyberspace. A more active NATO in cyberspace risks undermining the cyber-intelligence norm that so far has prevented escalation and thereby increasing the likelihood that Russia misinterprets intelligence and active cyber defence activities as military preparation, armament or an attack in the making.