NATO-EU COOPERATION IN CYBERSECURITY AND CYBER DEFENSE IN THE AGE OF INCREASED GREAT POWERS COMPETITIONS
|
List of Abbreviations
Introduction 5
Chapter I. Theoretical Framework: Critical Theory of International Relations and
Global Security Studies 14
1.1 Critical theory of International Relations 14
1.2 Critical theory and Security Studies 19
Chapter II. Understanding the European Union and the North Atlantic Treaty Organization’s approach to cybersecurity and cyber defense 22
2.1 NATO Cyber Defense Policy: actors, threats and risks perception 30
2.2 Strengths and Weaknesses ofNATO's Cyberdefense Posture 36
2.3 EU Cyber Security Policy 38
2.4 The EU as a Coherent Cybersecurity Actor 43
Chapter III. NATO-EU cooperation in cybersecurity and cyber defense 48
3.1 EU-NATO Cooperation and Strategic Autonomy 48
3.2 EU-NATO cybersecurity and cyber defense cooperation 53
3.3 Comparative analysis of NATO and EU’s approaches to cybersecurity 56
Conclusion 70
Bibliography 74
Appendix
Introduction 5
Chapter I. Theoretical Framework: Critical Theory of International Relations and
Global Security Studies 14
1.1 Critical theory of International Relations 14
1.2 Critical theory and Security Studies 19
Chapter II. Understanding the European Union and the North Atlantic Treaty Organization’s approach to cybersecurity and cyber defense 22
2.1 NATO Cyber Defense Policy: actors, threats and risks perception 30
2.2 Strengths and Weaknesses ofNATO's Cyberdefense Posture 36
2.3 EU Cyber Security Policy 38
2.4 The EU as a Coherent Cybersecurity Actor 43
Chapter III. NATO-EU cooperation in cybersecurity and cyber defense 48
3.1 EU-NATO Cooperation and Strategic Autonomy 48
3.2 EU-NATO cybersecurity and cyber defense cooperation 53
3.3 Comparative analysis of NATO and EU’s approaches to cybersecurity 56
Conclusion 70
Bibliography 74
Appendix
The relevance of the study is determined by the Information revolution and its impact on social, economic, and technological development in a post-industrial society. At the impressive speed the development and interconnectedness of Information and Communication technologies (ICTs) are spreading around the globe, and internet is one of the most salient examples. According to Datareporter, 5 billion people around the world use the internet today - equivalent to 63 percent of the world’s total population1. As a result, the economic and political incentives to exploit the network for malicious purposes have also increased, and cybersecurity has reached head-of-state- level attention.
In the past two decades, cyberspace has emerged as a priority security issue on international diplomatic agendas. It is often presented as the field that will revolutionize the conduct of politics both at the national level and within the international system. Cyberspace per se, unlike many other traditional domains of International Relations, is created by human beings. Thus, actors of International Relations elaborate this space in their own image depending on their understanding of cyberspace, the rules that could be applied in this domain, and the limitations states impose in cyberspace.
Not only states, as actors of International Relations, attempt to navigate in the domain which lacks rigid international rules, but also international organizations. Analysis of the EU-NATO cooperation within the field of cyberspace has important scientific and practical significance. The North Atlantic Treaty Organization (NATO) and the European Union (EU) are different in their raison d’etre, their essence, and their membership. Any direct bilateral agenda is difficult to imagine. Thus, the analysis of the cooperation between the European Union and NATO in cyberspace is very unusual, almost unique insofar as cyberspace is still quite marginal within the field of International Relations, but that notwithstanding cyber incidents have become more complex, more disruptive, and in many cases more political. According to many polls, cyber incidents are one of the most prominent threats in the international agenda. Following the TechTarget report, cyber-attacks cost US$114 billion each year2. Today, NATO and EU Member States face a more diverse, complex and rapidly evolving security environment than at any time since the end of the Cold War.
The analysis of EU-NATO cybersecurity and cyber defense are of special interest inasmuch as at NATO cyber is declared as a domain of operations and a large-scale cyberattack on a Member State could potentially invoke Article 5 of the Washington Treaty. Similarly, to the North Atlantic Treaty Organization, a damaging cyberattack on the EU Member State may trigger a common response from all EU Members: the solidarity clause (Article 222 TFEU) could be invoked on the grounds of "a particularly serious cyber incident or attack"3.
The comparative analysis of the legal framework, as well as the available tools to address threats in cyberspace in NATO and the EU, is of great scientific and practical importance. The aforesaid circumstances predetermined the relevance of the chosen topic of the study.
Practical significance of the study. Certain provisions of the study represent the basis for analytical forecasting of the further development of the “cyber” in the EU-NATO relations. Some of the results gained in this work can be used in the educational process, in the development and leading courses on International relations, world politics and regional studies.
The scientific novelty of the research lies in the inter-institutional analysis of the interaction between the European Union and The North Atlantic Treaty Organization with regards to cybersecurity and defense. For the first time a comparative analysis of legal, resilience, information, education and training capacities of two aforementioned international organizations have been conducted. On this basis the previous fragmented and non-comprehensive knowledge has been visualized which demonstrated how the harmonization of the EU cybersecurity policy and the NATO cyber defense policy could not only complement one another but strengthen each other and ensure security for all parties engaged.
The research question guiding this thesis is the following, ‘What is the current state of progress and shortcomings in cyberspace cooperation between NATO and the European Union with regard to cybersecurity and defense?’.
The object of the study is the European Union and The North Atlantic Treaty Organization’s cyber policies.
The subject of the study is the NATO-EU cooperation in cybersecurity and cyber defense in the age of increased great powers competitions.
The aim of the work is to identify the features of the EU-NATO cooperation in cyberspace with regards to cybersecurity and defense from a critical theoretical framework that ensures that the technological impact of cyberspace on this political relationship is not overlooked in order to determine how two international organizations could complement one another.....
In the past two decades, cyberspace has emerged as a priority security issue on international diplomatic agendas. It is often presented as the field that will revolutionize the conduct of politics both at the national level and within the international system. Cyberspace per se, unlike many other traditional domains of International Relations, is created by human beings. Thus, actors of International Relations elaborate this space in their own image depending on their understanding of cyberspace, the rules that could be applied in this domain, and the limitations states impose in cyberspace.
Not only states, as actors of International Relations, attempt to navigate in the domain which lacks rigid international rules, but also international organizations. Analysis of the EU-NATO cooperation within the field of cyberspace has important scientific and practical significance. The North Atlantic Treaty Organization (NATO) and the European Union (EU) are different in their raison d’etre, their essence, and their membership. Any direct bilateral agenda is difficult to imagine. Thus, the analysis of the cooperation between the European Union and NATO in cyberspace is very unusual, almost unique insofar as cyberspace is still quite marginal within the field of International Relations, but that notwithstanding cyber incidents have become more complex, more disruptive, and in many cases more political. According to many polls, cyber incidents are one of the most prominent threats in the international agenda. Following the TechTarget report, cyber-attacks cost US$114 billion each year2. Today, NATO and EU Member States face a more diverse, complex and rapidly evolving security environment than at any time since the end of the Cold War.
The analysis of EU-NATO cybersecurity and cyber defense are of special interest inasmuch as at NATO cyber is declared as a domain of operations and a large-scale cyberattack on a Member State could potentially invoke Article 5 of the Washington Treaty. Similarly, to the North Atlantic Treaty Organization, a damaging cyberattack on the EU Member State may trigger a common response from all EU Members: the solidarity clause (Article 222 TFEU) could be invoked on the grounds of "a particularly serious cyber incident or attack"3.
The comparative analysis of the legal framework, as well as the available tools to address threats in cyberspace in NATO and the EU, is of great scientific and practical importance. The aforesaid circumstances predetermined the relevance of the chosen topic of the study.
Practical significance of the study. Certain provisions of the study represent the basis for analytical forecasting of the further development of the “cyber” in the EU-NATO relations. Some of the results gained in this work can be used in the educational process, in the development and leading courses on International relations, world politics and regional studies.
The scientific novelty of the research lies in the inter-institutional analysis of the interaction between the European Union and The North Atlantic Treaty Organization with regards to cybersecurity and defense. For the first time a comparative analysis of legal, resilience, information, education and training capacities of two aforementioned international organizations have been conducted. On this basis the previous fragmented and non-comprehensive knowledge has been visualized which demonstrated how the harmonization of the EU cybersecurity policy and the NATO cyber defense policy could not only complement one another but strengthen each other and ensure security for all parties engaged.
The research question guiding this thesis is the following, ‘What is the current state of progress and shortcomings in cyberspace cooperation between NATO and the European Union with regard to cybersecurity and defense?’.
The object of the study is the European Union and The North Atlantic Treaty Organization’s cyber policies.
The subject of the study is the NATO-EU cooperation in cybersecurity and cyber defense in the age of increased great powers competitions.
The aim of the work is to identify the features of the EU-NATO cooperation in cyberspace with regards to cybersecurity and defense from a critical theoretical framework that ensures that the technological impact of cyberspace on this political relationship is not overlooked in order to determine how two international organizations could complement one another.....
The increasing role of cyberspace and its impact on social, economic, and technological development in a post-industrial society makes the study of how NATO and the EU could complement one another in terms of cybersecurity and cyber defense of special importance. Undoubtedly, “cyber” reaches head-of-state attention due to the increased political and economic incentives to explore the internet for malicious purposes.
The research question guiding this Master Thesis, ‘What is the current state of progress and shortcomings in cyberspace cooperation between NATO and the European Union with regard to cybersecurity and defense?’, has been answered by analyzing the results of quantitative, qualitative content, and comparative . It has been proved in the Master Thesis that the use of the term "cyber" in official NATO documents increased dramatically in the 2004-2018 time period, and the geopolitical situation in 2007-2009 as well as in 2014 is the reason for the increased presence of the term "cyber" in NATO's official documentation. Content analysis, performed in this Thesis, to determine the presence of words such as ‘cyber’, ‘cybersecurity’, ‘cyberthreat’, ‘cyber incident’ as well as ‘cyberattack’ in the official documents of both international organizations, proved that NATO and the EU’s perception of cybersecurity, cyber defense its main actors, and threats changed over time and helped the author to determine the reasons behind these changes. This proves that Hypothesis 1 and 2 hold true.
Thus, the impact of critical junctures on NATO and the EU’s perception such as cyber - attacks on its Member States should not be downplayed. It was not until the 2007 cyber-attack against Estonia (EU and NATO Member State) that the cyber threat became part of the political agenda. The 2008 cyberattacks against Georgia, an aspiring NATO and EU member country, demonstrated how cyber-attacks could support military forces in armed conflict, confirming the entry into the political and strategic realm of a concern that had until then remained essentially in the hands of experts and technicians. The 2014 cyberattacks against Ukraine proved once again how a cyberattack may damage physical infrastructure, such as the power grid. These attacks raised the question of the inviolability of Article 5 of the Washington Treaty in the event of cyber-attacks, and, if so, the response to be adopted (computer counterattack or conventional response). Thus, in 2014 cyber defense is recognized as part of NATO's core task of collective defense, opening the possibility of invoking Article 5 of the Washington Treaty. It would then be up to the North Atlantic Council to decide, on a case-by-case basis, whether the circumstances for such an invocation would be met following a cyber-attack.
NATO and the EU’s perception of a threat and actor in the cyber field has been determined by using a coding process of keywords and associations of official EU and NATO documents and researchers’ papers on this topic. The search was co nducted using the following search terms ‘APT’, ‘Adware’, Botnets’, ‘Malware’, ‘DDoS’, ‘Espionage’, ‘Cybercrime’, ‘Phishing’, ‘Zero-days’, ‘Man-in-the Middle’, Ransomware’, ‘Disinformation’, ‘False flag’, ‘Terrorism’, ‘Spyware’ as well as ‘Election meddling’. The data and the findings demonstrate that NATO sees individual states and state-sponsored groups as one of the most active actors. Cyberattacks on Ukraine, Estonia, and Georgia, as it was aforesaid, largely contributed to the development of this topic at NATO and its individual states' perception as primary actors, which proves Hypothesis 2 to hold true. The European Union, in its turn, stresses upon the idea of hackers and cybercriminals are the most dangerous actors in cyberspace. According to Europol’s European Cybercrime Centre (EC3) 2019 report, hackers and cyber criminals cause the Member States the most harm. Thus, perceived by two international entities, NATO and the EU, cyber threats will deeper international cooperation between aforementioned organizations.
Critical theory with a sub-section of Critical Security Theory permitted the author to determine how discourse on cyberdefense and cybersecurity progressed and changed throughout the critical junctures and how cooperation evolved between NATO and the European Union. Cyber space, as stated before, is a man-made sphere of International relations, which means that it from our understanding comes the way we perceive it. This was especially important inasmuch as the understanding of how cyber realm became a security issue helped the author to determine why cyber threats were legitimated as one of the main threats both in the European Union and NATO.
The result of the comparative analysis permitted to compare EU-NATO Cyber Strategies, their similarities and differences, which enabled the author to determine prosperities for EU- NATO cooperation in the field of cybersecurity and cyber defense.
The EU and NATO share similar approaches when it comes to the applicability of international law in cyberspace, confidence-building measures, and relations with the private sector and international entities. Thus, these elements are avenues for developing a common or complementary approach to cyber defense and cybersecurity.
Nowadays cooperation between the Union and NATO in cyberspace includes information sharing, coordinated planning and concrete cooperation in the areas of hybrid threats, operational cooperation, cybersecurity, capacity-building, defense capacities, industry and research. However, since NATO and the European Union have not developed their policies jointly, there is some confusion about the roles of NATO and the EU in the field of cyberspace, particularly in the military sphere. It is very difficult to see elements of subsidiarity or complementarity in each other's work emerging. Yet there is no doubt that the security of the
European Union and NATO are indeed very interconnected....
The research question guiding this Master Thesis, ‘What is the current state of progress and shortcomings in cyberspace cooperation between NATO and the European Union with regard to cybersecurity and defense?’, has been answered by analyzing the results of quantitative, qualitative content, and comparative . It has been proved in the Master Thesis that the use of the term "cyber" in official NATO documents increased dramatically in the 2004-2018 time period, and the geopolitical situation in 2007-2009 as well as in 2014 is the reason for the increased presence of the term "cyber" in NATO's official documentation. Content analysis, performed in this Thesis, to determine the presence of words such as ‘cyber’, ‘cybersecurity’, ‘cyberthreat’, ‘cyber incident’ as well as ‘cyberattack’ in the official documents of both international organizations, proved that NATO and the EU’s perception of cybersecurity, cyber defense its main actors, and threats changed over time and helped the author to determine the reasons behind these changes. This proves that Hypothesis 1 and 2 hold true.
Thus, the impact of critical junctures on NATO and the EU’s perception such as cyber - attacks on its Member States should not be downplayed. It was not until the 2007 cyber-attack against Estonia (EU and NATO Member State) that the cyber threat became part of the political agenda. The 2008 cyberattacks against Georgia, an aspiring NATO and EU member country, demonstrated how cyber-attacks could support military forces in armed conflict, confirming the entry into the political and strategic realm of a concern that had until then remained essentially in the hands of experts and technicians. The 2014 cyberattacks against Ukraine proved once again how a cyberattack may damage physical infrastructure, such as the power grid. These attacks raised the question of the inviolability of Article 5 of the Washington Treaty in the event of cyber-attacks, and, if so, the response to be adopted (computer counterattack or conventional response). Thus, in 2014 cyber defense is recognized as part of NATO's core task of collective defense, opening the possibility of invoking Article 5 of the Washington Treaty. It would then be up to the North Atlantic Council to decide, on a case-by-case basis, whether the circumstances for such an invocation would be met following a cyber-attack.
NATO and the EU’s perception of a threat and actor in the cyber field has been determined by using a coding process of keywords and associations of official EU and NATO documents and researchers’ papers on this topic. The search was co nducted using the following search terms ‘APT’, ‘Adware’, Botnets’, ‘Malware’, ‘DDoS’, ‘Espionage’, ‘Cybercrime’, ‘Phishing’, ‘Zero-days’, ‘Man-in-the Middle’, Ransomware’, ‘Disinformation’, ‘False flag’, ‘Terrorism’, ‘Spyware’ as well as ‘Election meddling’. The data and the findings demonstrate that NATO sees individual states and state-sponsored groups as one of the most active actors. Cyberattacks on Ukraine, Estonia, and Georgia, as it was aforesaid, largely contributed to the development of this topic at NATO and its individual states' perception as primary actors, which proves Hypothesis 2 to hold true. The European Union, in its turn, stresses upon the idea of hackers and cybercriminals are the most dangerous actors in cyberspace. According to Europol’s European Cybercrime Centre (EC3) 2019 report, hackers and cyber criminals cause the Member States the most harm. Thus, perceived by two international entities, NATO and the EU, cyber threats will deeper international cooperation between aforementioned organizations.
Critical theory with a sub-section of Critical Security Theory permitted the author to determine how discourse on cyberdefense and cybersecurity progressed and changed throughout the critical junctures and how cooperation evolved between NATO and the European Union. Cyber space, as stated before, is a man-made sphere of International relations, which means that it from our understanding comes the way we perceive it. This was especially important inasmuch as the understanding of how cyber realm became a security issue helped the author to determine why cyber threats were legitimated as one of the main threats both in the European Union and NATO.
The result of the comparative analysis permitted to compare EU-NATO Cyber Strategies, their similarities and differences, which enabled the author to determine prosperities for EU- NATO cooperation in the field of cybersecurity and cyber defense.
The EU and NATO share similar approaches when it comes to the applicability of international law in cyberspace, confidence-building measures, and relations with the private sector and international entities. Thus, these elements are avenues for developing a common or complementary approach to cyber defense and cybersecurity.
Nowadays cooperation between the Union and NATO in cyberspace includes information sharing, coordinated planning and concrete cooperation in the areas of hybrid threats, operational cooperation, cybersecurity, capacity-building, defense capacities, industry and research. However, since NATO and the European Union have not developed their policies jointly, there is some confusion about the roles of NATO and the EU in the field of cyberspace, particularly in the military sphere. It is very difficult to see elements of subsidiarity or complementarity in each other's work emerging. Yet there is no doubt that the security of the
European Union and NATO are indeed very interconnected....
