NATO and Article 5 in Cyberspace

NATO has designated cyberspace as a domain of warfare and recognized that an adversarial cyber campaign could trigger the Alliance’s collective defense mechanism under Article 5. Given the complexities of cyberattacks and the difficulties of designing an effective response, it is unknown whether and what kind of cyberattack(s) might trigger a collective defense response from the Alliance, argues Sarah Wiedemar in this CSS Analysis.

Screens at the NATO Cooperative Cyber Defence Centre of Exellence
The NATO Cooperative Cyber Defence Centre of Exellence (CCDCOE) in Tallinn, Estonia, during the Locked Shields cyber defense exercise on April 2019. Ints Kalnins/ Reuters

At the NATO Summit in Wales nearly a decade ago, NATO recognized that cyber defense is an inseparable part of collective defense. Therefore, a cyberattack against one or more member states can trigger the collective defense clause enshrined in Article 5 of the Washington Treaty, the cornerstone of the military alliance. Article 5 is based on the principle that an attack against one member state is considered an attack against all member states, and that by exercising their right of individual or collective self-defense – as recognized in Article 51 of the UN Charter – Allies may take collective action to restore the security of the North Atlantic area. Once triggered by one or more member states, the North Atlantic Council (NAC), the principal decision-making body of the Alliance, must unanimously decide whether the attack warrants the use of Article 5. If so, it is up to each individual member to determine how to respond and to what extent assistance will be provided in concert with the other NATO partners. Since its inception in 1949, Article 5 has only been invoked once, following the terrorist attacks on 11 September 2001.

Download To the publication (PDF, 529 KB)

JavaScript has been disabled in your browser