The plan is that when President Obama meets with other NATO leaders later this week, they are expected to ratify the idea that a cyberattack on any of the 28 NATO nations could be declared an attack on all of them, similar to a ground invasion or an airborne bombing.
This should put the fear of god into Russia, which was believed behind computer attacks that disrupted financial and telecommunications systems in Estonia in 2007 and Georgia in 2008, and is believed to have used them in the early days of the Ukraine crisis as well.
NATO is a bit behind when it comes to cyber security, although it now has just built a nice new computer security centre. It does run computer exercises but it possesses no cyberweapons of its own and has no cunning plan how it might use the weapons of member states to strike back in a computer conflict.
The United States and Britain, have spent billions of dollars on secret computer offensive programs but they have not told NATO leaders what kind of weapons they might contribute in a NATO-led computer conflict.
The change in NATO’s definition of an “armed attack” will leave deliberately unclear what would constitute a cyberattack so large that the alliance might think that this would be a declaration of war.
Apparently the alliance is hoping that the impact of the attack will help define the matter. Defence experts point out that deterrence is all about ambiguity, and the implicit threat that NATO would enter a computer conflict in defence of one of its members is full of those ambiguities.