Hungarian general to assume duties of ACOS Cyber at top NATO command

From where and how has your path led to the NATO CIS & Cyber Defence Directorate?

I decided to become a soldier already in secondary school. In making this decision, I was motivated by family traditions too, as my father was a soldier and my mother a civilian employee. I applied for the Zalka Máté Military Technical College, but I did not graduate from there because after accepting an offer I went to the Soviet Union to study at the military college in Ulyanovsk for six years from 1980 on, although I pursued my studies at its university faculty in the field of communication and information systems. In 1986, I graduated summa cum laude from there and left the city as a military radio signal engineer. When I returned home to Hungary, I was transferred as workshop commander to the then Hungarian People’s Army (HPA) 1st Troposcatter Main Signal Centre, and after two years I was appointed deputy commander of the 2nd Troposcatter Signal Centre in Tiszavasvári. I owe much to those years, because it was there that I really learnt how to put into practice all the theory I had learnt during the college years. In 1993 I was ordered to Budapest, where I completed a signal staff officer course, and then participated in a two-year combined-arms basic training program at the Miklós Zrínyi National Defence University. In 1997 I was transferred to the legal predecessor of the General Staff Signal and IT Directorate, and have been serving here in different positions since then. In the 2000s I made a lateral move, when I worked for three years at the Office of the Military Representative of Hungary in Brussels. In 2010 I spent a year at the National Defense University in Washington DC, and having returned home, I was first appointed acting head of directorate at the General Staff, and six months later I was promoted to brigadier-general and confirmed as permanent head of directorate.

How did you obtain such a leadership position at NATO’s highest level of command?

This summer a NATO vacancy was opened for the position of the head of the newly established CIS & Cyber Defence Directorate. The NATO Military Committee has selected me from among three applicants. I would credit this achievement to my 37-year career experience, my four diplomas and of course the continuous support I receive from my superiors. Back then I started my service at the bottom of the career ladder, and I think this job in Belgium will be the crowning achievement of my professional career. I am proud of having worked my way up this far, and my colleagues’ high-level professional work and dedicated attitude have also contributed to that. I would like to take this opportunity to thank them for their continuous support.

By and large and roughly speaking, we can say that indeed, but the connections go much deeper than that, and we must be especially careful in making statements taken as certainties on battles in cyberspace. What was all that about, then? In the age of kinetic weapons, the physical presence of troops was indispensable for fighting a war. This is no longer needed in cyberspace. An attack can be launched from anywhere, anytime without any early warning signs, and its precise implementation and extent can only be surmised. The so-called Russo–Estonian conflict in 2007, often referred to as an origin, was a spectacular stage in this new form of conflict. I say “so-called" because – although that is how it was dubbed in the press, and there were some organizations claiming responsibility for it – in the cyberspace it is quite difficult to precisely track down the exact perpetrators of such a cyberattack and prove their identity. The attack on Estonia was so spectacular because about 90 per cent of Estonian public administration was already being conducted in a paperless system at the time. The suspected identity of the concrete perpetrators behind the attack can be revealed through political analysis, by making inferences and uncovering connections – but, I repeat, currently there is no way to find out the truth with complete certainty in cyberspace. That is why this form of warfare is so sophisticated, and defense against it is even more difficult. The DDoS attacks against Estonia were launched simultaneously from IP addresses of several dozen countries, and we can rule out the possibility that all of those countries were really involved in them.

At the NATO Wales Summit in 2014 – a milestone in the history of this new operational domain – the Allies agreed on the targets of NATO’s cyber defence capability development as well. Could you give us a brief summary of these targets?

The Wales Summit has indeed proven to be the most important stage in making decisions so far. The Alliance realized that a cyberattack can have an impact on NATO as a whole. For this reason, it declared that it recognizes that international law applies in cyberspace too, and affirmed that cyber defence is among the most important elements in NATO’s strategy of collective defence. It endorsed an Enhanced Policy on Cyber Defence in which concrete objectives would be formulated alongside the corresponding concrete protocols. The development of the NATO Cyber Range – a virtual training platform for member countries to test their cyber defence capabilities – was also approved at the Summit. Its perhaps most important segments are the regularly held Locked Shield exercises, which are conducted, of course, with the participation of the Hungarian Defence Forces. The most often cited point of the Summit declaration, however, is the possible invocation of Article 5 in the event of a cyberattack against a member country.

Let’s take a look at the latter. Article 5 was drafted in the age of kinetic warfare, and practically means that NATO considers an attack against one ally as an attack against all Allies, so the organization as a whole will respond to the threat under the principle of collective defence. How can it be applied in cyberspace?

One can never define a particular Article 5 response in advance, whether
we talk about kinetic warfare or a potential cyber attack. A decision
to invoke Article 5 will always be taken by the North Atlantic Council, strictly
on a case-by-case basis.

Considering the implementation of new objectives, what are the current general guiding principles of NATO’s cyber defence strategy?

Ensuring the cyber security of NATO’s own networks is a priority, just like the formulation and checking of cyber defence requirements for the networks operated by member countries connected to NATO networks. The main objectives include working out a protocol for collective defence situations, the close integration of crisis management and cyber defence into military operations and the enforcement of the provisions of international law that are already part of a system – but above all else, the development of defence capabilities. It is important to stress the word “defence", as NATO adopts a defensive stance and rejects any idea of employing collective cyberattack systems.

Was the new directorate established on the basis of extended defence objectives?

Yes. The establishment of this new organization is a clear signal that NATO intends to strengthen the role of cyber defence in operations and operational planning through integrating it into its top-level command. The three-year plan that the Alliance has approved for developing and strengthening NATO’s cyber defence capabilities is currently under preparation. NATO’s cyber defence requirements for member countries increase with every cycle, which means that besides developing its own capabilities, the Alliance has also committed itself to developing the national capabilities of member countries. In the near future, a number of further high-level cyber defence organizations are expected to be established in the member countries, and the special capabilities developed by each country will be available to NATO for use if a given country voluntarily offers them.

What will be the exact role of the CIS & Cyber Defence Directorate in the Alliance?

First and foremost, it will be responsible for planning cyber defence and integrating it into the operational planning process of organizations placed under the Allied Command Operations (ACO), listing tasks in order of priority, and evaluating cyber operations. These tasks will be carried out by three special branches of the directorate.

Three years is quite a time. Will you spend these years of service alone in Belgium?

No, I will be alone just for a couple of months, until my wife follows me. It matters a lot that she will be beside me, since I will be able to work more easily.

Photo: László Tóth