<![CDATA[ NATO. Aumento dos gastos inclui cibersegurança, mas o que acontece se um membro sofrer um ataque? ]]>
![<![CDATA[ NATO. Aumento dos gastos inclui cibersegurança, mas o que acontece se um membro sofrer um ataque? ]]>](/_next/image?url=https%3A%2F%2Fcdn.sabado.pt%2Fimages%2F2025-07%2Fimg_1200x676%242025_07_25_13_53_20_742711.jpg&w=1920&q=100)
With the increase in defense spending, agreed in June, NATO member states commit to a target of spending 5% of GDP. However, 1.5% of this spending can be spent on defense-related matters, such as the protection of critical infrastructure, non-defense intelligence agencies, and space-related activities. Therefore, cybersecurity spending is now included in Article 3, but what happens if a member is attacked? Does Article 5 state that "an armed attack against one member shall be considered an attack against all"?
Sean Kilpatrick/The Canadian Press via AP
On the one hand, a broader definition of what qualifies as defense-related spending makes it easier to meet the target of spending 5% of GDP to increase "the individual and collective capacity to resist an armed attack," as referred to in Article 3. On the other hand, Diogo Alexandre Carapinha, Strategic Intelligence and Risk Analysis consultant at VisionWare, believes that "it is more than a budgetary issue, it is a political issue and means that allies are giving more importance to cyberspace, which is now a central point of collective security."
This inclusion could be quite positive, since "cyber and hybrid conflicts have been shaping geopolitical reality for over a decade," he shares with SÁBADO , and that "we are increasingly susceptible to attacks," which is why investing in the protection of critical systems is essential.
However, a question remains: if one member of the alliance is attacked, are the others expected to respond? Diogo Alexandre Carapinha raises precisely this question and states that NATO has not clarified what will happen, leaving "the question open." However, he has no doubt that the cyberattack can be considered an armed attack. The assessment must be made taking into account "three factors: the physical impact, the scale of the attack's persistence, and clear attribution of perpetrator."
This third point may be "the most complicated, how can we be sure of the authorship of an attack in time to organize a response?", asks the expert.
Therefore, Diogo Alexandre Carapinha argues that there are attacks that can justify a response from all parties. "We're talking about cyberattacks that jeopardize a country's sovereignty," "that disrupt the energy system or water distribution." Even in these cases, "the response remains non-automatic," just as it isn't in a "traditional" war, especially since Article 5 states that in the event of an attack, each member will take "the action it deems necessary."
Diogo Alexandre Carapinha reinforces that "NATO is known for trying to avoid hasty decisions, because a wrong decision can undermine its credibility," which is why he considers it unlikely that there will be an immediate response to a cyber attack: "The issue of unequivocal attribution is a real problem because it is very difficult to prove unequivocally and in a timely manner who is responsible for the attack. We can see missiles or drones, but this type of thing cannot."
The expert believes that the transatlantic alliance must find a way to respond to these questions and better clarify how it will react to these types of attacks, especially because "if cyberspace is a war-fighting domain and attacks are increasing, it is only a matter of time before NATO is faced with the decision of whether or not to activate Article 5."
The lack of responses so far is considered by Diogo Alexandre Carapinha as a "strategic silence" on the part of the alliance, which "may have advantages, but cannot last forever": "Either it evolves into a logic of cyber deterrence or it ends up seeming a bit irrelevant."
Related Articles
sabado
