A zip attachment contains a img with an exe: the malware. The other, a pdf downloading a zip with an exe: the same malware. The data is exfiltrated via SMTP.
The NATO deterrence posture against the cyber threats
The NATO Deputy Secretary General Rose Gottemoeller explained at the US Stategic Command Deterrence Symposium in Omaha the Alliance posture against the cyber threats
“We must look beyond traditional notions of deterrence and confront less traditional or emerging threats such as in the cyber arena. Such asymmetric techniques are not new: they are as old as the Trojan horse.” NATO Deputy Secretary General Rose Gottemoeller told at the US Stategic Command Deterrence Symposium in Omaha speaking about the new threats that the Alliance has to counter. “But new technologies have been a game-changer in their potential impact. The information technology revolution and the advent of social media are prime examples. It is practically impossible to imagine any conflict in the future that doesn’t include a substantial asymmetric dimension. Such asymmetric techniques are about blurring the lines between peace and crisis, spreading alternate facts, creating confusion and chaos, sowing the seeds of doubt and division: they are designed to weaken our resolve”.
Software can turn the Internet into a viral pathway to infiltrate and infect, to debilitate and destroy. NATO must be just as effective in the cyber domain as it is on land, in the air, and at sea
“Cyber-based threats are versatile.” Gottemoeller continued. “Employed maliciously, software can turn the Internet into a viral pathway to infiltrate and infect, to debilitate and destroy. This versatility – as well as the relatively low cost of cyber tools – makes them an attractive option for those who seek to harm us or undermine our cohesion. They are seen as low-risk and potentially high-benefit because they usually fall outside the recognized bounds of armed aggression and they are often difficult to detect in real time. All of this means that NATO must be just as effective in the cyber domain as we already are on land, in the air, and at sea, building up our ability to deter and defend in every way that we can”.
Gottemoeller: The NATO steps on deterrence in cyber space
“How do we at NATO think about deterrence in cyber space?” The Alliance Deputy Secretary General explained. “First, we have concentrated on the basics, steadily developing declaratory policy to deliver a clear message: we can and will respond. In just the past three summit meetings, you can see a maturation in NATO deterrence messaging in the cyber arena: At the Wales Summit in 2014, Allies stated that the impact of cyber attacks ‘could be as harmful to modern societies as a conventional attack’ and affirmed that cyber defense is part of NATO’s core task of collective defense: an attack in cyber space may call forth an Art 5 response. The allies also recognized that international law applies in cyberspace. At Warsaw in 2016, NATO leaders recognized cyberspace as a domain of operations in which NATO must defend itself as effectively as it does in the air, on land, and at sea. They also adopted a Cyber Defense Pledge to strengthen their national cyber defenses. Finally, at Brussels in 2018, NATO leaders agreed to employ the full range of capabilities, including cyber, to deter, defend against, and counter the full spectrum of cyber threats, including those conducted as part of a hybrid campaign. Allies also agreed on how to integrate sovereign cyber effects, provided voluntarily by Allies, into Alliance operations and missions”.
The Alliance Deputy Secretary General: if it must, NATO is resolved to respond to cyber attacks in a way that is consistent with our nature as a defensive alliance
“This steady evolution in NATO deterrence messaging in the cyber arena can leave potential adversaries in no doubt: if it must, NATO is resolved to respond to cyber attacks in a way that is consistent with our nature as a defensive alliance.” Gottemoeller has pointed out. “Of course, we all recognize that strong deterrence messaging must be backed up by capabilities to respond. NATO does not generally own capabilities, no matter what the domain of operations: allies provide the tanks, aircraft, ships, and the personnel to operate them. That is why it bears repeating: allies agreed on how to integrate sovereign cyber effects, provided voluntarily by them, into NATO operations. But the full range of Alliance capabilities, not just cyber tools, may be used to respond to a cyber attack”.
The Warsaw Cyber Defense Pledge is strategic to build up the resilience. Not only in NATO systems, but also in allied ones
NATO has striven to build up the resilience not only of NATO’s own systems, but also the resilience of allied systems. “The meaning of the Warsaw Cyber Defense Pledge, renewed at Brussels, is that Allies must concentrate on this task as a matter of priority.” The Alliance Deputy Secretary General concluded. “Resilience in the alliance revolves around: Redundant, robust networks; Capabilities for rapid detection, identification, and mitigation, to ensure networks continue to perform; And basic cyber hygiene for every participant across every network. By acquiring strong resilience, NATO is raising the costs for any adversary considering a cyber attack on the alliance. So NATO is adapting, building up its ability to deter in cyber space. The job is not done, and never will be, because this threat will continue to rapidly evolve. Nevertheless, by focusing on basic tools, the Alliance can and will adapt its deterrence posture to cyberspace”.
The Rose Gottemoeller keynote address at the US Strategic Command Deterrence Symposium in Omaha