Top Nato Allies Believe Cyberattacks On Hospitals Are An Act Of War. They’re Still Struggling To Fight Back.

NATO countries’ restrained response to hybrid attacks is at odds with public opinion, new polling shows: Broad swaths of the public in key allied countries say actions such as cyberattacks on hospitals should be considered acts of war.

The POLITICO Poll, conducted in the United States, Canada, France, Germany and the United Kingdom, showed a majority of people agreed that a cyberattack that shuts down hospitals or power grids constitutes an act of war. Canadians felt the strongest about the issue, with 73 percent agreeing.

Respondents from all five countries also rallied behind the idea that sabotaging undersea cables or energy pipelines — which has occurred more frequently in recent years — should be considered be an act of war.

The online survey was conducted from Feb. 6 to 9 by the independent London-based polling company Public First.

State-backed hackers — often linked to Russia — have increasingly targeted critical sectors in recent years. But NATO allies are struggling to respond effectively.

In 2024, a Russia-based ransomware gang conducted a massive cyberattack on U.S.-based medical bill clearinghouse, Change Healthcare, which exposed sensitive data on more than 190 million people. The U.K.’s National Health Service confirmed last year that a cyberattack on its systems, also committed by a Russian hacking group, contributed to a patient’s death. And in 2022, the Federal Bureau of Investigation accused Iranian government-backed hackers of attempting to infiltrate the Boston Children’s Hospital computer network.

While these actions have not been officially labeled as acts of war, global governments are taking attacks on critical systems more seriously. NATO in 2014 said that a foreign cyberattack could trigger the alliance's mutual defense clause, Article 5, effectively calling for multilateral action in response to hacks. But a NATO official said in 2022 that it's unclear how severe a cyberattack would have to be to trigger a response, which could include “diplomatic and economic sanctions, cyber measures or even conventional forces, depending on the nature of the attack.”

Security services in Europe have also more firmly called out the Kremlin for orchestrating digital attacks in the West, most recently targeting Poland’s energy infrastructure. But views on Russia as a global threat vary greatly between Europe and North America. A majority of respondents in Germany, France and the U.K. said Russia represents the biggest threat to peace, while fewer in the U.S. (39 percent) and Canada (29 percent) agreed.

While the people surveyed in these five countries overwhelmingly considered major cyberattacks by adversaries against public infrastructure as acts of war, they felt less strongly about smaller-scale acts of digital sabotage.

Less than half of the respondents across all five countries said that hacking and leaking the private conversations of political leaders should be considered an act of war. Even fewer considered spreading misinformation to influence an election to be an act of war.

Still, there is a clear understanding that governments need to incorporate cyber capabilities and AI into their defense strategies. A plurality of respondents from all countries said that cyber, AI and traditional military power all matter equally.

At least a third of respondents in each country agreed that cybersecurity and defense against cyber attacks should be among their countries’ highest priorities for defense spending.

“Just being resilient alone, you can't absorb all threats,” Dag Baehr, Vice President of Germany’s federal intelligence service (BND), said at the Munich Cyber Security Conference last week. “You need to be active in defending.”

U.S. officials are pushing for more offensive military responses to cyberattacks, particularly following the massive 2024 hack of global telecommunications networks by the China-linked hacking group Salt Typhoon.

The White House is due to release a new national cyber strategy in the coming weeks that would encourage the U.S. to be less “reactive” in cyberspace. National Cyber Director Sean Cairncross told an audience at the Munich Security Conference last week that a “mindset change” was needed to make it harder for attackers to succeed.

In recent months, the Trump administration has become more vocal about using its cyber strength to attack, revealing that U.S. cyber forces helped turn off the lights in Caracas during the January strikes that resulted in the capture of former Venezuelan President Nicolás Maduro. U.S. Cyber Command and the National Security Agency were also involved in last year’s U.S. missile strikes on Iranian nuclear facilities, and reportedly helped to disable Iranian air defense systems.

In Germany, the government is preparing an overhaul of its intelligence and cybersecurity powers to strike back against foreign hackers and spies.