Analyst: US Not in Habit of Sharing Its Offensive Cyber Capabilities

There is speculation that US could use its cyberwarfare capabilities on NATO’s behalf. Sputnik spoke with Michael O’Hanlon, Senior Fellow and Director of Research of the Foreign Policy Program at the Brookings Institution to find out if such a large amount of intelligence sharing feasible.
Sputnik

Sputnik: How likely is Washington to go ahead with the announcement reported by the Associated Press?

Michael O'Hanlon: I’m a little bit wary of this story. There have been a lot of funny comments this week about NATO, starting with Ambassador Hutchison’s comments and continuing through this story.

The United States is not really in the habit of sharing its deepest and most sophisticated cyber intelligence or offensive cyber capabilities, with really anybody, with the possible exception of the so called five eyes, the five English speaking countries that have been the closest intelligence sharing partners for a long time; the United States, the United Kingdom, New Zealand, Australia and Canada. Even there I don’t think we would share everything with, let’s say New Zealand. So this doesn’t quite ring true.

NATO Supports UK, Dutch Cyberattack Accusations Against Russia - Stoltenberg
Sputnik: If it happens, what would it mean for NATO and its cyber capabilities and what kinds of cyber services can the United States provide to NATO?

Michael O'Hanlon: I think that it certainly is true that the United States has an interest in NATO being resilient to cyber-attack, and it certainly is true that NATO would want countries to have certain abilities to offer partial retaliation of certain types, but I think that would be done case by case and in terms of which country, which technology and which method of attack. I don’t buy the idea of a sweeping sharing of all capability.

Sputnik: In your view, is this statement more of a symbolic nature than anything else? Isn’t the US already providing cyber support to NATO and if so, what goals does it aim to achieve?

NATO Could Trigger Article 5 in Event of Alleged Russian Cyberattack - Reports
Michael O'Hanlon: I’m not very inclined to go down the path of speculating about things that I don’t think are going to happen and reinforcing rumours that I think may be false.

Again, it doesn’t smack of being true to me, I think that the more likely debate now, is about how we can all share the best cyber defence capabilities, where I think we would tend to err on the side sharing a lot, and where there may be very specific situations.

Let’s say if there’s been a known attack against Estonia, we all know about the purported Russian attack against Estonia’s infrastructure back in 2007.
If there was something like that, that happened again, or let’s say some kind of election related problem in another country, you could imagine trying to figure out ways to retaliate directly against whatever web address or email address was conducting that attack if you could figure out quickly who it was, and perhaps giving the country that was attacked the means to respond in kind. If you could imagine that, that is where I think the debate is more likely to be happening.

The views expressed in this article are those of the speaker, and do not necessarily reflect those of Sputnik.

Discuss