Cyberspace is understood as the fifth domain of warfare equally critical to military operations as land, sea, air, and space. Cyber Defence (CD) is a computer network defence mechanism which includes response to actions, critical infrastructure protection and information assurance for organizations, government entities and other possible networks. CD focuses on preventing, detecting and providing timely responses to attacks or threats so that no infrastructure or information is tampered with.
With regard to significant socio-technological development, the forms and methods of defence are changing. Not only have armed conflicts over the last ten years clearly shown a considerable rise in the asymmetric (hybrid) nature of conflicts´ conduct, but they have also demonstrated that the use of cyberspace is of essential importance. Cyber-attacks may come unexpectedly from almost anywhere in the World. For these reasons, the cyberspace was at the NATO Summit held in Warsaw in July 2016 recognized as the fifth domain of operations in which NATO must defend itself and deter adversaries effectively.
The Czech Republic has reflected the need to curb cyber threats effectively in its National Cyber Security Strategy for the 2015 – 2020 period. The strategy clearly articulates the task to build and sustain CD capabilities. In the Action Plan, which is integral part of this strategy, Military Intelligence has been given the responsibility for the provision of CD which is being developed by the National Center Operations Forces for this purpose. Its task is to create an effective CD system where the Czech Republic is able to prevent, stop, mitigate and avert cyber-attacks and thus protect the population and critical infrastructure.
The Czech Government´s understanding is that CD is an autonomous specific part of a much wider concept of cyber security (CS). In this context, CD is also understood as integral part of the national defence of the Czech Republic. By the law, the defence of the Czech Republic is basically articulated as necessary measures to ensure its sovereignty and territorial integrity against external threat. Czech defence is built within given specifics of a membership in the collective defence system (NATO Alliance).
Concept for CS is that the security of cyberspace is a complex of measures to ensure integrity, confidentiality, and availability of information in cyberspace.
The difference between CD and CS lays most of all in the nature and the intensity of cyber-attacks and consequently, a possible response also differs. Furthermore, it is not always possible to ascertain whether CD or CS should be applied. Therefore, being prepared against cyber-attacks means to build a complex and holistic system that is continual in the time being. It is not enough to concentrate only on security domain of cyberspace. We need to be ready to face attacks that will have the potential to activate the defence of the state. Only the most intensive and massive cyber-attacks will activate full mighty of CD. Conceptually, CD is defined as integral part of much wider measures on state level to defend the Czech Republic during extraordinary situations.
Why Military Intelligence?
First of all, Army of the Czech Republic is responsible for defence and the Military Intelligence is an integral part of the Ministry of Defence (MoD). Being an integral part of MoD means both better coordination with the Army and continuity of taken measures on defence during crises. Moreover, there is the relevant fact that Military Intelligence is the only intelligence service in the Czech Republic that has both external and internal competencies. In addition, cyberspace is not a common battlefield, it is more about information space where intelligence services traditionally play an important role. In the majority of attacks, it is not possible to attribute them convincingly. A nature of cyber-attack might hold terroristic, criminal, espionage or many other aspects. Therefore, it is complex, complicated, if not tricky to decide whether it is correct to activate full (partial) self-defense measures on state level or not.
To build an effective and sustainable CD, it is necessary to amend current legislation (Act No. 289/2005 Call.). The amendments are to define CD-related technical provisions, procedures and measures. The current effort is to reach a proportionality between approved technical means and procedures and precautions against their misuse. The concept of proposed amendments is to ensure that new CD provisions are within already valid definitions and limits of intelligence application of technical means. New act also inter alia addresses rules for data retention as well as increases level of parliamentary control.
Future mission of Military Intelligence is to have a systematic and continual knowledge of cyberspace in order to detect threats. It is precisely that this knowledge is vitally important and irreplaceable for the effective conduct of CD, as it allows the complete identification of anomalies that may indicate early stages of a cyber-attack.
Military Intelligence created Cyber Defence Strategy of the Czech republic 2018 - 2022. Public part of this document you can read below.