Mar 19, 2017

Red alert: NATO not sure it's allowed to stop Russia cyberattacks

Shannon Vavra

Illustration by Rebecca Zisser / Axios

NATO is so unprepared for a cyber attack that the group of experts it assembled to write about cyber espionage can't definitively say whether it's legal or not. As the NATO Cooperative Cyber Centre of Excellence report put it, "cyber espionage, as a general matter, does not violate international law."

Why it matters: Countries under attack are paralyzed to defend themselves since the definition of a lawful response is unclear. That leaves NATO's responses to cyber attacks on member countries at a standstill.

Why is that the case? Due to gaps in current international law, there is no set standard for how states can respond to attacks, and there's no agreed upon definition for what a "cyber attack" even is. Some interpretations say there must be a "use of force" for a cyber action to be a "cyber attack," while others say it must be an "armed conflict."

What this tells us about Russian hacking: Those legal gaps have left the door wide open for states with hacking capabilities to interfere in other countries basically unchecked, because how states can respond to attacks is legally unclear, too — and Russia knows it. As Retired Major General Charlie Dunlap told Axios:

Russia seeks to exploit the ambiguity and uncertainty in the law today.

Why doesn't someone clarify what's legal? It's strategic, according to Dunlap, who told Axios the "U.S. and other countries may not want such a norm to develop because it would obviously restrict their own activities."

Just last year NATO agreed a cyber attack on a member state justifies using NATO mutual defenses, and six years ago the U.S. decided it would respond to cyber attacks just as it responds to other attacks on land, air, or sea. But even then, the U.K. Defense Secretary warned the "NATO machinery is not geared up" for a cyber attack, and two weeks ago U.S. Sen. Jeanne Shaheen said Congress should determine whether Russia's election hacking was an act of war.

So how can the U.S. or any country respond to attacks?

  • Proportionally: Gleider Hernández, who helped draft the NATO expert manual on cyber espionage, said he personally believes "...countermeasures must...be proportionate and may not be retaliatory...it is generally understood that countermeasures cannot themselves be forcible acts."
  • Or militarily — and this is key: Ret. Maj. Gen. Dunlap agreed that responses must be proportional but said countries can lawfully employ traditional military attacks (those outside of the cyber realm) to take a stand.

Go deeper

Axios

World coronavirus updates: Confirmed cases top 1 million

Data: The Center for Systems Science and Engineering at Johns Hopkins, the CDC and China's Health Ministry. Note: China numbers are for the mainland only and U.S. numbers include repatriated citizens and confirmed plus presumptive cases from the CDC

Novel coronavirus infections have hit the 1 million mark after "near exponential growth" that's reached "almost every country," World Health Organization Director-General Tedros Adhanom Ghebreyesus said Thursday.

The big picture: The global death toll exceeded 50,000 on Thursday, per Johns Hopkins data. Italy has reported nearly 14,000 deaths. Governments around the world have introduced public health and economic measures to try and curb the impact of the virus.

Go deeperArrowUpdated 11 mins ago - Health
Axios

Coronavirus dashboard

Illustration: Sarah Grillo/Axios

  1. Global: Total confirmed cases as of 6 p.m. ET: 1,007,997 — Total deaths: 52,771 — Total recoveries: 210,055Map.
  2. U.S.: Total confirmed cases as of 6 p.m. ET: 236,339 — Total deaths: 5,648 — Total recoveries: 8,861Map.
  3. 2020 update: The Democratic National Committee said its July convention will be postponed until August because of the coronavirus.
  4. Jobs latest: The coronavirus unemployment numbers are like a natural disaster hitting every state
  5. Public health latest: FDA allows blood donations from gay men after 3-month waiting period, citing "urgent need."
  6. U.S.S. Theodore Roosevelt: Navy removes captain of aircraft carrier who sounded alarm about coronavirus.
  7. What should I do? Answers about the virus from Axios expertsWhat to know about social distancingQ&A: Minimizing your coronavirus risk.
  8. Other resources: CDC on how to avoid the virus, what to do if you get it.

Subscribe to Mike Allen's Axios AM to follow our coronavirus coverage each morning from your inbox.

Keep ReadingArrowUpdated 24 mins ago - Politics & Policy
Fadel Allassan

Judge declines to delay Wisconsin April 7 primary, extends absentee deadline

Photo: Darren Hauck/Getty Images

A federal judge on Thursday declined to delay Wisconsin's April 7 primary election, saying he doesn't have the authority to do so.

Why it matters: Wisconsin is the only state scheduled to vote next Tuesday that has not yet delayed its primary.

Go deeperArrow1 hour ago - Politics & Policy