The United States and the other 27 members of the North Atlantic Treaty Organization plan to aid the defense of any other NATO country in the event of a major cyber attack, according to an agreement that will be ratified this week at a major alliance meeting.

On Thursday, NATO members will meet with 40 partner countries at a major summit in Wales, United Kingdom, to discuss the future security of the region. While the conflict in eastern Ukraine will dominate the meeting, the alliance will also agree to work together to defend its communications network and aid each other against major cyber attacks.

The policy, endorsed by NATO ministers in June, will task NATO countries with sharing information on cyber threats, lending expertise to harden member nations' communications and information systems (CIS), and working with industry partners to improve NATO's ability to respond to cyber attacks.

"The policy establishes that cyber defense is part of the Alliance’s core task of collective defense, confirms that international law applies in cyberspace and intensifies NATO’s cooperation with industry," NATO stated in a position paper in early August. "The top priority is the protection of the communications systems owned and operated by the Alliance."

The agreement will put cyber attacks in the same policy bucket as kinetic acts that may trigger Article 5 of the Washington Treaty, the founding document of NATO, according to policy experts. Article 5—"an armed attack against one or more ... shall be considered an attack against them all"—calls for signatories to aid any member attacked by another country.

Yet, determining whether a cyber attack is significant enough to trigger the treaty provision will be complex, said Richard Bejtlich, chief security strategist for FireEye. Until an actual attack happens, the issues surrounding mutual defense will remain foggy.

"I think that lack of clarity will continue until there is an event that people consider, 'Maybe that should trigger Article 5,' and there will be a debate about whether it does," he said. "It will not be a speed-of-light type of thing."

In 2009, a denial-of-service attack on the communications networks of Estonia disrupted government and financial services for three weeks. While members of a Kremlin-backed youth group claimed responsibility, most analysts have concluded that Russia architected the attack. At the time, Estonia, a member of NATO, asked for aid and received technical support from NATO. Because Estonia relied on the Internet to deliver many government services, the impact of the attack was significant.

Being vague about what exact actions could trigger Article 5—which has only been invoked following the terrorist attacks of September 11, 2001—will likely deter attackers more than specific criteria, said Kenneth Geers, a researcher and ambassador for NATO's Cooperative Cyber Defense Center of Excellence (CCD CoE) in Estonia.

"You actually create deterrence by putting a question in the mind of the attacker," he said in an interview from Kiev, Ukraine. "Is what they are going to do going to offend you enough to lead to retaliation?"

Focused on Afghanistan for the past decade, NATO now finds itself re-evaluating its priorities and strategies. At the summit, the role of cyber conflict will take second stage next to the unfolding drama in Ukraine. Russia, with which the alliance had treatied for the first decade of this century, is now considered an aggressor. And, while historically, NATO offset Russia's power in the region, now the alliance needs to update itself, said FireEye's Bejtlich.

"The Ukraine is somewhat like their 9-11," he said. "It is causing them to re-evaluate their perceptions of security."

Over the past five years, Russia has increased military spending by 50 percent, while NATO countries collectively have slashed spending by 20 percent, NATO Deputy Secretary General Alexander Vershbow said in a speech on Tuesday. Such trends look like a weakness for the current occupants of the Kremlin to exploit, and not just through conventional means, he said.

"We have seen Russia use a wide range of overt and covert military tactics, sabotage, economic blackmail, cyber attacks, disinformation and propaganda," he said. "Our (plan) is also about making sure that NATO is ready and able to respond to this kind of hybrid warfare."

As part of the summit, NATO is proposing a Readiness Action Plan, or RAP, that will boost the focus on cyber defense, improve the NATO Response Force, and create a new force that can quickly respond to threats.

Listing image by Courtesy of NATO