NATO must impose costs on Russia, China over cyber and hybrid attacks, says deputy chief

MUNICH, Germany — NATO must be ready to hit back and make cyber and hybrid attacks more costly for Russia and China, the alliance’s deputy secretary general said Friday, as Western governments face growing threats to power grids, government services and private networks.

Speaking at the Munich Cyber Security Conference, Radmila Shekerinska said the security environment has become “more complex” and “more contested,” with rivals operating at the same time in the physical and digital worlds.

“What we see across the globe, and very much in our region, is that both Russia and China are challenging us,” she said. “They are challenging us in the physical and the digital world, both at the same time.”

Shekerinska said Moscow and Beijing are drawing their defense industries closer together, exchanging dual-use technologies and investing more in emerging and disruptive capabilities, including offensive cyber tools. She said these operations are often designed to blur responsibility and allow plausible deniability.

“That makes the whole picture even more challenging,” she said.

Shekerinska warned that NATO’s adversaries are not only targeting military systems but also trying to degrade critical infrastructure, interfere with government and private services, and spy on Western societies.

She pointed to a series of incidents in December in Poland, where coordinated cyberattacks sought to disrupt parts of the country’s critical energy infrastructure. The attack was stopped, she said, but the impact would have been significant, especially for energy supplies to key parts of Polish society.

“This is dangerous, and this is the world we live in,” she said.

Shekerinska said NATO is responding by strengthening defense, boosting innovation and production, and focusing on resilience. A key outcome of the alliance’s recent summit in The Hague, she said, was the decision to “prioritize defense,” with cyber defense at the center.

“We need to invest more in key cyber communities. We must impose costs on those seeking harm,” she said, adding that NATO also needs to better integrate governments, militaries and industry.

She referenced new spending commitments set out at the summit, when allies agreed to increase total spending to 5% of GDP within a decade, with 3.5% allocated to core defense and the additional 1.5% earmarked for indirect defense and resilience spending, including on cybersecurity capabilities.

However there are concerns that the indirect component of this could allow allies to repackage existing activity rather than delivering new capability, as British parliamentarians have warned.

While NATO has formal accounting rules for core defense spending, there is no standardized definition for civilian investments counted under resilience spending, which may include protection of energy systems, logistics hubs, supply chains and critical national infrastructure. Critics have warned that the lack of clarity could encourage creative accounting among allies.

Justifying the indirect defence expenditure commitment, Shekerinska said military capabilities can no longer be designed or exercised without accounting for cyber threats, noting that cyber elements are increasingly being built into NATO exercises.

Some allies, she said, have become more willing to publicly call out hostile cyber activity. She cited the United Kingdom’s decision last year to blame Russia for malicious cyber operations and to expose China-based companies for what she called “reckless and irresponsible” attacks.

She also referenced Germany strengthening its national countermeasures, although there are ongoing debates in the country about what the appropriate legal framework will be to allow the country’s intelligence and security services to counter adversaries.

“All these elements are important, but our collective objective has to be to take action and to be able to strike back,” she said.

She said faster and more coordinated responses are needed to change the “risk calculus” of NATO’s adversaries, stating: “This is the only way in which we can affect the calculus of our adversaries — to make it more expensive, to make it riskier for them to act.”

As a 32-nation alliance, Shekerinska said NATO is well positioned to share information, spread innovation and coordinate collective defense in cyberspace. But she stressed that securing cyberspace is not NATO’s job alone. “It is a team effort,” she said, calling for closer cooperation among the military, civilian authorities and industry.

She highlighted NATO’s integrated cyber defense center — first reported by Recorded Future News — which aims to bring together military and civilian staff and industry experts to assess vulnerabilities, analyze threats and advise commanders on risks to both military and civilian networks.

“Our militaries rely on your networks, and you also need this military component to support and protect your networks,” she said, calling it a “two-way street.”

Echoing the call for partnerships expressed by U.S. National Cyber Director Sean Cairncross, Shekerinska said NATO’s message is that “no one stands alone,” especially in cyberspace, where borders matter less and attacks can spread quickly.

By investing more in capabilities, being ready to impose costs and working closely with partners, she said, the alliance aims to strengthen deterrence and better protect its members in the digital age.