- By Joshua Keating
Joshua Keating is associate editor at Foreign Policy and the editor of the Passport blog. He has worked as a researcher, editorial assistant, and deputy Web editor since joining the FP staff in 2007. In addition to being featured in Foreign Policy, his writing has been published by the Washington Post, Newsweek International, Radio Prague, the Center for Defense Information, and Romania's Adevarul newspaper. He has appeared as a commentator on CNN International, C-Span, ABC News, Al Jazeera, NPR, BBC radio, and others. A native of Brooklyn, New York, he studied comparative politics at Oberlin College.
Next month, NATO is due to release a new "strategic concept" strategy document. But according to EU Observer, the drafting of the document has been held up by a disagreement between the U.S. and Europe over the concept of "active" cyberdefense:
"Active cyberdefence is a very sensitive topic. Many experts have brought it up, that in order to have defence, you need some offence as well. I would be very surprised if Nato at 28 will find consensus to include it," a diplomat from one of the Baltic states said.
Following attacks in 2008 on its "classified military network" the Pentagon established a new cyber-command, making "active cyberdefence" one of its policy pillars, US deputy secretary of defence William J. Lynn said on 15 September in Brussels at an event hosted by the Security and Defence Agenda think-tank.
The US cyber-command goes beyond the passive "Maginot Line" mentality of the past, he explained. Passive defence systems are sufficient to meet 80 percent of attacks. But the other 20 percent need active systems, such as sensors that operate at network speed to detect and block intrusions.
Against this background, Mr Lynn in September called for "collective defence" – the core principle of the alliance – to be applied to computer networks. "The Cold War concepts of shared warning apply in the 21st century to cyber security. Just as our air defences, our missile defences have been linked so too do our cyber defences need to be linked as well," he said.
European allies are keen to protect themselves against Estonia-type cyber strikes (which saw bank and government websites paralysed in 2007). But they are showing little appetite for US-model "pre-emptive cyber-strikes" on hostile countries or organisations.
The argument takes place against the backdrop of suspicion that the United States was behind the "Stuxnet" computer worm, which may have targeted Iran’s nuclear infrastructure.
Gordon Lubold is a national security reporter for Foreign Policy. He is also the author of FP's Situation Report, an e-mailed newsletter that is blasted out to more than 70,000 national security and foreign affairs subscribers each morning that includes the top nat-sec news, breaking news, tidbits, nuggets and what he likes to call "candy." Before arriving at FP, he was a senior advisor at the United States Institute of Peace in Washington, where he wrote on national security and foreign policy. Prior to his arrival at USIP, he was a defense reporter for Politico, where he launched the popular Morning Defense early morning blog and tip-sheet. Prior to that, he was the Pentagon and national security correspondent for the Christian Science Monitor, and before that he was the Pentagon correspondent for the Army Times chain of newspapers. He has covered conflict in Iraq, Afghanistan, Pakistan and other countries in South Asia, and has reported on military matters in sub-Saharan Africa, East Asia and Latin America as well as at American military bases across the country. He has spoken frequently on the sometimes-contentious relationship between the military and the media as a guest on numerous panels. He also appears on radio and television, including on CNN, public radio's Diane Rehm and To the Point, and C-SPAN's Washington Journal. He lives in Alexandria with his wife and two children.| The Complex |