Novel Response to Collaborative Cyber Resilience and Response
Lithuania, Estonia, Croatia, Poland, the Netherlands and Romania have come together to form a Cyber Rapid Response Team (CRRT) under a memorandum of understanding signed on 4 March, according to an announcement on Lithuania’s Ministry of National Defence website.
The teams will be located at permanent sites and maintained at high readiness, with the ability to respond immediately should a cyber attack occur. The announcement states that the CRRTs are “formed by civilian and military experts…[and] will join neutralisation and investigation of dangerous cyber incidents virtually or, if necessary, physically.”
Lithuania’s Minister of National Defence, Raimundas Karoblis, stated the venture was completely novel and initiated by Lithuania. “Every state faces cybersecurity challenges, we have to join forces because cyber warfare is ongoing and it knows no borders,” he said.
The CRRTs will have a range of responsibilities, including preventive actions, cyber vulnerability checks and dissemination of best practices. The announcement adds that the first CRRT was formed in 2019, while the first multi-national CRRT started its rotation at the beginning of 2020.
The initiative was initiated by Lithuania in 2017 within the EU’s Permanent Structured Cooperation (PESCO) framework. Seven other countries will be observing the projects, including France, Belgium and Finland.
The CRRTs present one of the first attempts by EU nations to present a coordinated multi-national response to cyber threats. Already in existence is the NATO Cooperative Cyber Defence Centre of Excellence (CCDCE): five of the CRRT member nations are part of the NATO initiative.
However, as the CCDCE’s website states, “our mission is to support our member nations and NATO with unique interdisciplinary expertise in the field of cyber defence research, training and exercises covering the focus areas of technology, strategy and law.” The organisation provides training and knowledge, as opposed to actual power when it comes to mitigating the effects of a cyber attack.
Cyber attacks have become increasingly damaging; the 2007 attack on Estonia was apparently stopped only after the funds for the attack were exhausted, but left the country crippled for over 24 hours. The 2017 NotPetya attack on the Maersk shipping company caused $10 billion (€8.85 billion) in damages and threatened a fifth of the world’s shipping. More recently, the October 2019 attack against Georgia downed 2,000 websites and sought to undermine the country’s sovereignty, according to the BBC.
Other attacks against Ukraine have denied power to the country’s capital and left thousands without electricity: individual businesses have also been targeted by Russia’s GRU. The world’s increasing dependence on the Internet for all things, coupled with worrying plans such as the US Army’s goal to move 2,000 of its applications to the cloud, indicate that cyber security will only increase in importance. As this occurs, the cost of conventional war-fighting platforms will spiral as technologies improve, which means defence procurement will generate fewer and fewer tangible outcomes.
All this indicates that even the world’s largest powers will face difficult decisions between the ‘hard power’ that has been the bastion of national defence – for as long as such concepts have existed – and ‘soft powers’ such as greater cyber security. At present, neither can nor should be neglected.
Miles Quartermain in London for MON