► NATO, a political and military security alliance, has agreed to include cyber defense in its core defense tasks and to apply collective defense.

► NATO invited Indo-Pacific leaders including Korea to the 2022 NATO Summit in Madrid, and Korea announced its Indo-Pacific Strategy in 2022 along with its diplomatic vision to become a Global Pivotal State. As a global partner of NATO, Korea has pledged to expand the scope of cooperation with NATO to include cyber and emerging technologies.

► Korea must consider its security environment and establish principles and standards for policymaking when NATO and other allies request collective response and cooperation on cyber threats, should utilize NATO’s international joint cyber exercises as an opportunity to lay the foundation for collective response to global cyber threats, and improve its cyber crisis response capabilities.

Introduction

With transnational cyber threats on the rise and the economic damage from cyber threats undermining national interests, it is now widely accepted that cybersecurity is a national security issue. Against this backdrop, NATO, a political and military security alliance, has agreed to include cyber defense in its core defense tasks and to apply collective defense. In addition, NATO is developing policies for the collective response to cyber threats among NATO allies and strengthening national cyber defense capabilities and offense capabilities. To this end, NATO is actively utilizing joint cyber defense exercises, including Locked Shields and Cyber Coalition.

NATO’s Cybersecurity Strategy

After the end of the Cold War, NATO transitioned from just a military alliance to a guardian of peace and security in Europe and beyond. It is expanding the scope of its activities from the North Atlantic to the Indo-Pacific and from the military sphere to the social and civil spheres while pursuing a strategy of “global partnership.”[1] From this perspective, NATO is also utilizing the alliance relationship among NATO members to promote collective response and collective security in the area of cybersecurity.

Following the cyberattack on Estonia in 2007, NATO acknowledged that conflicts between states can include those in cyberspace and, in 2008, adopted its first “Policy on Cyber Defence.”[2] Later, in 2014, as a result of the Russia-Ukraine war, NATO recognized the severity of hybrid threats and stipulated that a cyberattack could trigger Article 5 (the collective defense clause) of the North Atlantic Treaty.[3] Furthermore, with the 2016 “Cyber Defence Pledge” and 2018 “Brussels Summit Declaration,” NATO recognized cyberspace as a domain of operations and announced plans to strengthen its offensive capabilities and command structure, and to employ its “full range of capabilities” to proactively deter, defend against, and counter the full spectrum of cyber threats.[4][5]

In the 2021 “Comprehensive Cyber Defence Policy,” NATO emphasized the need to counter Russia’s illicit and disruptive activities to provide deterrence against the growing number of cyberattacks in the United States and other allied nations.,[6] and agreed to recognize malicious cumulative cyber activities as amounting to an armed attack in certain circumstances. This consensus implies NATO's capability to respond to malicious cyber activities falling under the threshold of armed attack.

In this way, as the importance of cybersecurity increased, NATO sought to apply the Cold War era war deterrence strategies of deterrence by punishment and deterrence by denial to cyberspace. However, in 2022, Russia’s invasion of Ukraine raised questions about the effectiveness of NATO’s deterrence strategy, and NATO announced a new Strategic Concept to reset its deterrence posture.[7] To strengthen NATO’s deterrence posture, the Strategic Concept described the Russian and Chinese security threats to the international order in the strongest terms since the Cold War and indicated the Alliance’s willingness to respond to these threats. In terms of cybersecurity, the Strategic Concept resolidified previous cybersecurity policies while also revealing plans to adapt the NATO command and control structure for the digital age and enhance cyber capabilities for deterrence and defense.[8] Specifically, it mentioned that Russian and Chinese hybrid warfare are harming international peace and security and emphasized the need for an active response from the Alliance.

In advancing these cyber policies and strategies, NATO is actively utilizing joint exercises to reinforce the Alliance's capabilities and improve awareness. Through these joint exercises, NATO intends to create opportunities to review each country’s actual cyber capabilities, including policies, budgets, and personnel; improve interoperability for combined operations and collective response; and lay the groundwork for analyzing potential outcomes.

Korea’s Cooperation Strategy

Given the growing importance of the Indo-Pacific, NATO has declared its desire to become involved in the region’s security, expressing a commitment to respond to the threat from China. As a part of this, NATO invited Indo-Pacific leaders including Korea to the 2022 NATO Summit in Madrid. The ROK(Republic of Korea) announced its Indo-Pacific Strategy in 2022 along with its diplomatic vision to become a Global Pivotal State. As a global partner of NATO, Korea has pledged to expand the scope of cooperation with NATO to include cyber and emerging technologies.[9]

In the middle of ROK-NATO cooperation stands the United States. As a key member of NATO, the US is actively utilizing the Alliance to ensure the security of Europe and the Indo-Pacific, and is urging Korea to expand its participation in NATO to transform the ROK-US alliance into a regional alliance. However, considering Korea’s geopolitical situation, enhancing cooperation with NATO could adversely affect its relations with North Korea, China, and Russia. NATO has requested that the Korean government provide weapons to Ukraine, and although the Korean government did not accept, Chinese media still criticized the government’s humanitarian assistance to Ukraine.[10] The recent rise in hybrid threats carried out by totalitarian states like North Korea, China, and Russia against South Korea is not unrelated to the strengthening of Korea's NATO partnership and its alliance with the United States.

Therefore, to kill two birds with one stone by achieving both cyber security and capacity building through cooperation with NATO, Korea must first consider its security environment and establish principles and standards for policymaking when NATO and other allies request collective response and cooperation on cyber threats. Moreover, Korea should utilize NATO’s international joint cyber exercises as an opportunity to lay the foundation for collective response to global cyber threats and improve Korea’s cyber crisis response capabilities.