It seems more and more obvious that Russia played a significant role in the 2016 U.S. elections. Meanwhile, officials in the Netherlands, France, and Germany are increasingly concerned about Russian government-backed efforts to influence upcoming elections in 2017. This kind of interference constitutes an attack on a state’s political independence and potentially on its stability and security.

However, it remains unclear whether Russian operations to tarnish Western elections and cast doubt on the legitimacy of Western leaders and institutions are a violation under Article 5 of the North Atlantic Treaty. Were that the case, NATO as a collective alliance would be obliged to defend a member state under attack.

Clearer rules of the road are necessary between the West and Russia, as is a clearer consensus within the West on employing the full range of defensive and offensive cybercapabilities in proportional, direct, and collective response to Russian actions.

Attempts by governments to influence the elections of other countries are nothing new. As Central and Eastern Europeans know all too well, Moscow was intimately involved in elections in the region immediately after World War II. Similarly, the United States deposed or propped up regimes during the Cold War in countries as diverse as Chile, Iran, and Vietnam, typically in the name of fighting global communism.

In recent months and years, it has become clear that Russia is again resorting to so-called active measures as a means of countering and undermining perceived adversaries, including the West. In October 2016, all sixteen agencies of the U.S. intelligence community concluded that “the Russian Government,” with authorization from “Russia’s senior-most officials,” “directed the recent compromises of e-mails from US persons and institutions, including from US political organizations,” with the intention to “interfere with the US election process.”

In May 2016, German domestic security officials revealed that Russia was behind recent hacks against the German parliament as part of an effort to access parliamentarians’ computers and gather data on critical German infrastructure. Attention has also focused on Russian government-backed efforts to plant and propagate false news stories designed to sway public opinion and influence voting behavior as well as government decisions in countries such as Sweden, the UK, and the United States.

The most recent spate of activity may not be unusual for Russia, but Moscow’s behavior nonetheless appears threatening, for several reasons. First, people’s memories are short, so Russian actions seem novel. Second, the United States and other leading Western states are not used to being on the receiving end of this sort of interference. Third, Russian actions today appear even more threatening than Cold War–era agitprop because of the means Moscow employs—namely, the Internet and citizens’ seeming dependence on the ubiquitous smartphone. Finally, many in the West perceive U.S. President-elect Donald Trump—and his inconsistent, even alarming views on NATO, Russian President Vladimir Putin, and allied solidarity—as the primary beneficiary of Russian interference.

Beyond threat perceptions, the fact that the Russian government has meddled in Western elections constitutes an assault on the transatlantic community. From a NATO perspective, these actions undermine member states’ efforts to fulfill Article 2 of the North Atlantic Treaty, which calls on allies to strengthen their “free institutions,” and they damage member states’ “political independence” as noted in Article 4. From Washington’s perspective, foreign meddling in domestic elections is an assault on U.S. institutions and homeland security. More broadly, interference in domestic elections fundamentally violates the rules-based order that is the cornerstone of Western security.

Unfortunately, looking ahead, it seems the West is in for a particularly intense season of electoral interference and institutional attacks from Russia. On the heels of the U.S. elections, officials in Berlin are already assuming Russia will attempt to interfere in the German parliamentary election in fall 2017, and French intelligence officials have reportedly warned of possible Russian interference in the French presidential election in the spring.

In addition to multilateral efforts by the EU and NATO to refute Russian-directed or -inspired propaganda, a two-track approach to cyberdefense vis-à-vis Russia from the transatlantic community may work best. NATO has pursued similar efforts in the past to offer both diplomacy and deterrence to Russia, most notably in the context of intermediate-range nuclear weapons and ballistic missile defense.

On cyberdefense, the first track ought to focus on establishing rules of the road regarding what the West will and will not tolerate when it comes to government exploitation of the Internet and related technologies. Although Russian government-sponsored efforts to hack Western e-mail accounts may never end, it is reasonable to expect Moscow to better control and protect whatever it learns. In time, this track might include confidence- and security-building measures in cyberspace.

Using the first track as the benchmark for Russian behavior, the second track ought to emphasize the sticks at the West’s disposal. At the least controversial end of the spectrum, these should include continued efforts to build better defenses among NATO member states through the defense-planning process, especially in the less affluent, less capable members of the alliance. Similarly, NATO allies should build on the role and success of NATO’s Cooperative Cyber Defence Centre of Excellence as an information clearinghouse and training venue. And all members of the alliance should incorporate cyberscenarios into every brigade-level and larger exercise.

Perhaps more controversially, offensive cyberactivity in direct and proportional response to a Russian violation of established rules must be an acknowledged part of the West’s arsenal, and a part the West is comfortable employing. The United States has the ability and will to conduct retaliatory cyberstrikes, and it is probable that other key allies have similar capabilities. In any case, a collective approach is necessary: Russia must know that if it employs cybermeans to undermine the integrity and legitimacy of elections in a smaller ally, it will have the cyberstrike capabilities of the United States to contend with. Otherwise, Moscow will easily pick off the smaller, less capable allies, undermine legitimacy in NATO member states, and fundamentally dismantle allied cohesion, which is arguably the West’s center of gravity.

In 2014, the alliance declared for the first time that cyberdefense is part of its core collective defense task and hence subject to Article 5. This, in conjunction with other changes the alliance has implemented over the last two years, is a step in the right direction. What remains now is for NATO to make clear to Moscow—through direct dialogue as part of a diplomatic track—that undermining an ally’s institutional integrity through cybermeans constitutes an assault on that member state’s political independence and an attack as described in Article 5.


John R. Deni is a research professor of security studies at the Strategic Studies Institute of the U.S. Army War College and an adjunct professor at the American University’s School of International Service. The views expressed here are his alone.