NATO Cooperative Cyber Defence
Centre of Excellence

Papers: Concepts, Strategy & Law

Conscription and Cyber Conflict: Legal Issues
Susan W. Brenner, Leo L. Clarke
This paper examines legal issues that could arise from utilizing a civilian cyber defense corps to defend a nation-state and its assets from cyber attacks.  We use Estonia’s Cyber Defense League as an analytical device, and we examine issues that may arise under the CDL as it is currently configured and as it might be configured. Our analysis focuses on ten specific issues. We argue that the nature and inherent ambiguity of cyber war will require a reserve corps of IT specialists who can be conscripted if there is a substantial likelihood that a cyber attack will materially disrupt the public order. We also consider the practical and legal aspects of the criteria to be used to select conscripts and factors that will affect the duration of conscription.  […]

Cyber Security on Military Deployed Networks  - A Case Study on Real Information Leakage
Fabio Mulazzani, Salvatore A. Sarcia’
This paper reports on real information leakage occurred in a multinational mission. To investigate the nature of the leakage, we performed a survey among the military operators which showed that technical and cultural problems were key elements of the security shortfall. We also show that military deployed networks present some peculiarities with respect to infrastructure homeland networks. Therefore, the former should be managed differently from the latter. In particular, we highlight two reasons concerning either the operators or the networks: (1) Temporary nature of deployed networks and (2) Lack of training and guidance (es. SOPs). Finally, we propose a new approach that would strengthen the defense attitude of signal units and check whether protection activities are effective and reliable.

Developing an International Cooperation on Cyber Defense and Deterrence against Cyber Terrorism
Murat Dogrul, Adil Aslan, Eyyup Celik
[…] This paper evaluates the importance of building international cooperation on cyber defense and deterrence against cyber terrorism.  It aims to improve and further existing contents and definitions of cyber terrorism; discusses the attractiveness of cyber attacks for terrorists and past experiences on cyber terrorism. It emphasizes establishing international legal measures and cooperation between nations against cyber terrorism in order to maintain the international stability and prosperity.  In accordance with NATO’s new strategic concept, it focuses on developing the member nations’ ability to prevent, detect, defend against and recover from cyber attacks to enhance and coordinate national cyber defense capabilities. It provides necessary steps that have to be taken globally in order to counter cyber terrorism. 

“Information Troops” – a Russian Cyber Command?
Keir Giles
Appraisals of Russian military performance during the armed conflict with Georgia in August 2008 noted, among other deficiencies, poor performance in Information Warfare (IW). This led to calls in informed commentary for the creation of dedicated “Information Troops” within the Russian armed forces, whose duties would include what we would define as cyber operations. This stemmed from a perception in parts of the Russian Armed Forces that the "information war" against Georgia had been lost. 
[…] This paper draws on unclassified open-source media and interviews with serving Russian military officers to consider the Russian military view of cyber operations as a subset of information war, and the prospects for creation of “information troops” (whether given this name or not) in the context of ongoing Russian military transformation. Informal links with volunteer and co-opted cyber forces are also considered.

Is the Swedish Territorial Defence Ordinance applicable on the fourth arena?
Victoria Ekstedt
Like other modern societies, Sweden is highly dependent on its digital infrastructure in order to run vital functions such as electricity, water purification, information and communications. Even though this infrastructure is characterized by transboundary features, it is clearly a part of the Swedish state. In peacetime, the Swedish armed forces are tasked to protect and defend the geographic territory of the state from violations, and the authority to do so is given by the Territorial Defence Ordinance. However, according to the analysis of this paper, the ordinance cannot be applied on the digital parts of the society, by the military called “the fourth arena”. Numerous difficulties rises with an application of the ordinance in its present wording and against this background, it is of interest to clarify the present legal situation and suggest a way forward in order to achieve adequate protection on the same premises as the other arenas. The interdependency between national and international law on this matter is pointed out and international law is used to interpret the national ordinance. […]

Rationale and Blueprint for a Cyber Red Team Within NATO
Luc Dandurand
This paper provides the rationale and blueprint for a “cyber red team”, a dedicated military capability whose objective is to improve the cyber defence of the Alliance through the controlled execution of cyber attacks. These cyber attacks would be specifically designed to achieve three goals. The first goal is to assess the effectiveness of the existing security measures in providing mission assurance, at both the technical and procedural levels. The second goal is to demonstrate the possible impact of these cyber attacks to senior management and key stakeholders. The third goal is to improve the cyber security staff’s ability to detect and respond to cyber attacks by exposing them to realistic, unannounced attacks in their specific working environment. Details of the proposal cover governance, command and control, modus operandi, organizational structure, skills and experience required  for team members as well as recommendations for  personnel selection. It also identifies a number of controls that would address concerns related to its implementation.

Towards Establishment of Cyberspace Deterrence Strategy
Dmitri Alperovitch
The question of whether strategic deterrence in cyberspace is achievable given the challenges of detection, attribution and credible retaliation is a topic of contention among military and civilian defense strategists. This paper presents a taxonomy of cyberattacks that identifies which type of threats present the greatest risk to nation-state economic and military security, including their political and social facets, and must be covered by a broad cyberdeterrence strategy.  By applying traditional strategic deterrence theory, a potential cyberdeterrence strategy is put forth that can enhance national security against devastating cyberattacks through a credible declaratory retaliation capability.


28 June 2011 Conference material now online
13 June 2011 The Third International Conference on Cyber Conflict brought together 380 experts from across the world
01 June 2011 3rd ICCC - Analyse the Nature of Cyber Forces
26 April 2011 3rd ICCC - Agenda available
15 March 2011 Registration Opens for ICCC