Boundaries DA

Having definite boundaries would lead to consequences, if NATO wants to trigger A5 is

a strategic move, it would be hindered by specific guidelines
Kagubare 22 (Cybersecurity Reporter, “when would a cyberattack trigger a NATO response? It’s a
mystery”, Ines Kagubare, 10/24/22, https://thehill.com/policy/cybersecurity/3699052-when-would-a-cyberattack-trigger-a-nato-
response-its-a-mystery/)

Cyberattacks are increasingly a key part of modern warfare, but NATO’s treaty that says an attack on one nation represents an attack on all has
not covered these aggressive actions.
Several NATO members have been hit with recent cyberattacks, but there
has been no signal from NATO on when such attacks might ever trigger Article 5 , which states that an act of
war against a NATO member will prompt a response from the full alliance. “Article 5 was written in the days when
things were much clearer,” said James Lewis, a senior vice president and director with the strategic technologies program at the Center for
Strategic and International Studies. “We don’t have that clarity with cyberattacks,” he added. Experts
have been wondering why
government officials have yet to clearly  define what constitutes a major cyberattack and what the
thresholds are for responding against one. “I don’t believe we’re any closer today than we were five years ago in defining what
a major cyberattack is,” said Paul Capasso, vice president of strategic programs at cybersecurity firm Telos. “Without a clear definition, how do
you determine what those thresholds are?” he added. The experts, however, said that
government officials are perhaps
deliberately keeping the thresholds ambiguous because once they define and establish red lines, they
have to follow through on it because failure to do so gives the enemy permission to continue the attacks
with no consequences. “Governments don’t like to define ‘cyberwar’ or even cyberattack because it ties their hands,” Lewis said. NATO
Secretary General Jens Stoltenberg has said that although cyberattacks against a NATO member can trigger Article 5 , the
alliance is reluctant to publicly disclose under what circumstances the article would be invoked . “On cyber,
we have stated that cyberattacks can trigger Article 5, but we have never gone into that position where we give a potential adversary the
privilege of finding exactly when we trigger Article 5,” Stoltenberg told reporters in February at a press conference in Brussels. By
leaving
the door open, it’s up to member states to determine whether a cyberattack was destructive enough to
start the process of invoking the article with the full support from the alliance. Albania, a NATO member
since 2009, did consider invoking the article after it suffered a series of massive cyberattacks that
targeted the country’s government websites and computer systems used by law enforcement.
Ultimately, the Balkan nation refrained from it to avoid unnecessary escalation . “It was too much for us to think
about and to get to the decision that we should ask NATO to trigger Article Five,” said Albanian Prime Minister Edi Rama in a recent interview
with Politico. Albania blamed Iran for the attack and immediately cut diplomatic ties with the Middle Eastern country. Iran denied responsibility
for the cyberattack. Although none of the member states invoked Article 5, the U.S. Treasury Department did sanction Iran’s intelligence
ministry and its top intelligence official in response to the cyberattack. “We will not tolerate Iran’s increasingly aggressive cyber activities
targeting the United States or our allies and partners,” said Brian Nelson, the under secretary of Treasury for terrorism and financial
intelligence. Albania is one of several NATO members this year that suffered cyberattacks likely launched by state-sponsored
hackers. Lithuania, Estonia, Montenegro and most recently the United States. were all victims of a series of hacks that targeted government
websites and critical infrastructure. In Montenegro, the hackers targeted the country’s water supply systems, transportation services and online
government services. Although the attack was major, it did not permanently damage state infrastructure, officials said. Meanwhile, in the
U.S., state government and airport websites were temporarily offline earlier this month following a cyberattack reportedly carried out by
Russian-backed hacking group Killnet. the group also claimed responsibility for the cyberattacks in Lithuania and Estonia .
Experts said
none of the recent cyberattacks that targeted the NATO members reached the level where the alliance
would seriously consider triggering Article 5 . “Russia has been using cyber operations against NATO for
decades and none have ever risen to the level of triggering Article 5,” Lewis said. Although the thresholds are still
unclear when it comes to cyberwarfare, Lewis said that a cyberattack would have to cause significant damage that is equivalent to an armed
attack, including permanent destruction of critical infrastructure, casualties, and loss of life.  However, experts
said even if those
thresholds were met, there’s no guarantee that the alliance would immediately trigger Article 5. The
member countries would still have to weigh the risks of invoking the article and determine whether the
attack is worth going to war.  Major cloud, email hosting provider blames ransomware attack for outage US did not encourage or
enable Ukraine to strike inside Russia, Blinken says Melissa Griffith, a lecturer in technology and national security at
the Johns Hopkins University School of Advanced International Studies, said that while it’s important to determine whether the effects of a
cyberattack “meet the thresholds of an armed attack when considering whether to invoke Article 5, a far more [pressing] question is “what
would a state gain and what would a state, and the alliance, be risking by making the decision to invoke [the article] in a specific instance?”’
Griffith added that whether to invoke Article 5 is a political and strategic move made by the member
state attacked and the alliance, and hinges less on whether there are clearly defined thresholds.
“Countries want to preserve the right to decide when they go to war,” Lewis said, adding that
“governments don’t want automaticity, they want discretion.”

Article 5 already covers cyber attacks, setting more boundaries loses the strategic
advantage
Tiirmaa-Klaar 22 (Director of the Digital Society Institute at the European School of Management and
Technology in Berlin, Ambassador for Cyber Diplomacy and Director General for the Cyber Diplomacy
Department at the Estonian Ministry of Foreign Affairs, “CYBER SYMPOSIUM – DIPLOMATIC
CONSIDERATIONS FOR ARMED ATTACK”, Heli Tiirmaa-Klaar, 7/27/22, https://lieber.westpoint.edu/diplomatic-
considerations-armed-attack/#:~:text=Many%20countries%20consider%20a%20cyber%20operation%20as%20an,in%20loss%20of%20life
%20and%2For%20damage%20to%20property)
When cyber policymakers, diplomats or lawyers brief ministers of foreign affairs, defense, and military leaders, they are routinely asked a
simple political question – what actually constitutes an armed attack in cyberspace? The response they get varies
depending on their country’s dependency on digital technologies, on its cyber resilience and robustness of key infrastructures, as well as on its
cyber defense and offense posture. This means that the thresholds differ. A small digitally dependent State with limited resources might qualify
a cyber attack as an armed attack if its vital data and digital governance system are destroyed, whereas a larger country with significant cyber
capabilities may draw the line at a cyber attack against a civilian nuclear power station. To
date, the world has not witnessed a
declaration of war over an offensive cyber operation, nor have States openly qualified a particular cyber
attack as an armed attack. However, professional cyber policy and legal experts should be ready for this
eventuality. A number of States have articulated their opinions on the threshold of use of force or
armed attack in the compendium attached as an annex to the most recent cyber security UN Group of
Governmental Experts (UN GGE) report in 2021. Many countries consider a cyber operation as an armed attack in
cyberspace if it is conducted against critical civilian or military infrastructure, it has a scale and impact
comparable to a kinetic attack, and it results in loss of life and/or damage to property . Some countries
also specify that the cyber attack must be attributed to a State to trigger the self-defense option as laid
out in UN Charter Article 51. The United States even goes a step further and specifies how the country plans to respond to a cyber
attack that would constitute a basis for self-defense. Possible response options include the intent to use a kinetic response if this is considered
proportionate and necessary. The diversity of views among the UN Member States on the threshold of cyber armed attack, among other
questions, is considerable. During the UN GGE negotiations, the issues of attribution, self-defense and jus ad bellum topics triggered heated
discussions. This led to many developing nations voicing their concern that, due to their limited cyber capacities, they cannot perform, for
example, their due diligence responsibilities and fear consequences if their territory is used to launch malicious cyber operations. Moreover,
views on the application of international law in cyberspace still diverge among the NATO Allies as well. Similar
to Article 5 decision-
making in the kinetic domain, NATO has adopted a policy of “strategic ambiguity” on cyber threshold
issues. This allows NATO Allies to remain ambiguous on the exact threshold of an armed attack and
reserve the right to use collective self-defense by North Atlantic Council decision , i.e. by political
decision of all NATO Allies. Every politician wants to see hard evidence before declaring a war, which might be difficult to produce
efficiently and with full accuracy in case of a cyber operation. Therefore, it would be an equally complicated political decision, even if one
considers the current technological capacity of most NATO countries. In addition to defining a cyber operation as an armed attack, a good
politician will follow up with a question on how to respond to such operations. To stop ongoing hostilities and deter further use of force, the
response by in-kind or kinetic force should be imminent and not delayed by few weeks or months until the necessary attribution data can be
verified. In case other territories were used for launching the cyber operation, coordination with partner countries might be warranted. In the
end, there will be more questions than answers that political decision-makers will have. Very serious and damaging cyber operations certainly
warrant a robust response, or the culprits will grow more careless when launching future operations. Therefore, the cyber policy community in
NATO countries, together with international law experts, should clarify many legal issues and develop better national and international
coordination mechanisms concerning jus ad bellum and its application in cyberspace. In addition to defining the threshold questions, there
should equally be an understanding, what policy implications States will need to consider when developing response options and who are their
national and international coordination partners.

Even NATO security general says cyberattacks can trigger A5

Stoltenberg 22 (NATO Secretary General, “NATO Chief Says Cyberattacks Can Trigger Article 5”, 2/25/22,
https://www.c-span.org/video/?c5003322/nato-chief-cyberattacks-trigger-article-5)
NATO Secretary General Jens Stoltenberg has said that although cyberattacks against a NATO member can
trigger Article 5, the alliance is reluctant to publicly disclose under what circumstances the article would
be invoked. “On cyber, we have stated that cyberattacks can trigger Article 5, but we have never gone
into that position where we give a potential adversary the privilege of finding exactly when we trigger
Article 5,” Stoltenberg told reporters in February at a press conference in Brussels.