Content

New EU framework reportedly will allow member nations to consider cyberattacks acts of war

A forthcoming policy framework from the European Union will declare that cyberattacks from hostile actors can be considered an act of war that under the most serious of circumstances justifies a response with conventional weapons.

The Framework on a Joint EU Diplomatic Response to Malicious Cyber Activities is intended to be a strong measure of deterrence against countries known for launching offensive cyber operations, such as Russia and North Korea, according to UK news outlet The Telegraph, which reportedly obtained a draft of the document.

The framework reportedly will also affirm that EU member nations that suffer a cyberattack not only can defend themselves under international law, but also are entitled to assistance from other EU governments, under Article 42(7) of the EU Treaty. Such coordinated responses would likely include diplomatic pressure, public condemnation, and sanctions.

The document will remain vague in defining the limits of coordinated aid and assistance operations; however, the Telegraph notes that the EU itself cannot wage war.

An EU source told the Telegraph that the framework "will make an attacker weigh the consequences of a cyberattack more carefully," adding that formalizing a response strategy "shows we are serious."

In a June 2017 press release, the EU's European Council announced its intention to develop the framework, noting that the EU "is concerned by the increased ability and willingness of state and non-state actors to pursue their objectives through malicious cyber activities."

"Such activities may constitute wrongful acts under international law and could give rise to a joint EU response," the release stated. 

Nathan Wenzler, chief security strategist at security consulting company AsTech, said in an email interview that the framework is a “significant step" that "puts any aggressor nation or entity on notice that technology-based attacks can be viewed in the same way as a conventional physical attack..."

Wenzler expects that the policy could be very effective against some, but not all malicious actors: "For aggressor nations who are still participating in the global community and have the potential for great losses should sanctions or military actions take place, this may absolutely serve as a deterrent to continue conducing cyberattacks," said Wenzler. "However, for nations such as North Korea, who have little left to lose in the global community, this may be seen as simply another place to provoke other countries and force their hand into... having to back up what they've said they'll do if targeted by a cyberattack."

Kenneth Geers, senior research scientist at Comodo, commended the leadership of EU, as well as NATO, in an email interview.

"The EU and NATO have begun to collaborate closely on cybersecurity, in part due to the Snowden revelations, but even more so in response to Russia's invasion of Ukraine and interference in the U.S. presidential election," said Geers, also a senior fellow with the Atlantic Council and an ambassador with the NATO Cyber Centre. "The combined power of 28 sovereign democracies, including their network security, law enforcement, and counterintelligence agencies, fundamentally changes the game in cyberspace, and bolsters deterrence, investigation, and retaliation."

Cybersecurity is an international problem that requires an international solution. Therefore, the best place to see progress is within the world's strongest political and military alliances, specifically the European Union (EU) and North Atlantic Treaty Organization (NATO). National sovereignty and law enforcement jurisdiction end every time a network cable crosses a border. Cyber investigations have been hampered by the international architecture of the Internet. Hackers route attacks through nations that have poor diplomatic or law enforcement cooperation. Attribution is the single most vexing challenge in cybersecurity. If you don't know who is attacking you, it is almost impossible to deter, prosecute, or retaliate. The EU and NATO have begun to collaborate closely on cybersecurity, in part due to the Snowden revelations, but even more so in response to Russia's invasion of Ukraine and interference in the U.S. Presidential Election. The combined power of 28 sovereign democracies, including their network security, law enforcement, and counterintelligence agencies, fundamentally changes the game in cyberspace, and bolsters deterrence, investigation, and retaliation.

Many thanks and very best,

Kenneth

----
Kenneth Geers
Senior Research Scientist, Comodo
Senior Fellow, Atlantic Council
Ambassador, NATO Cyber Centre
Cybersecurity is an international problem that requires an international solution. Therefore, the best place to see progress is within the world's strongest political and military alliances, specifically the European Union (EU) and North Atlantic Treaty Organization (NATO). National sovereignty and law enforcement jurisdiction end every time a network cable crosses a border. Cyber investigations have been hampered by the international architecture of the Internet. Hackers route attacks through nations that have poor diplomatic or law enforcement cooperation. Attribution is the single most vexing challenge in cybersecurity. If you don't know who is attacking you, it is almost impossible to deter, prosecute, or retaliate. The EU and NATO have begun to collaborate closely on cybersecurity, in part due to the Snowden revelations, but even more so in response to Russia's invasion of Ukraine and interference in the U.S. Presidential Election. The combined power of 28 sovereign democracies, including their network security, law enforcement, and counterintelligence agencies, fundamentally changes the game in cyberspace, and bolsters deterrence, investigation, and retaliation.

Many thanks and very best,

Kenneth

----
Kenneth Geers
Senior Research Scientist, Comodo
Senior Fellow, Atlantic Council
Ambassador, NATO Cyber Centre
Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.