A major cyber attack could prompt a collective response by NATO, according to NATO secretary general Jens Stoltenberg.
"A severe cyber attack may be classified as a case for the alliance. Then NATO can and must react," Stoltenberg told Germany's Bild newspaper.
"How, that will depend on the severity of the attack."
He spoke after a decision this week by NATO ministers to designate cyber as an official operational domain of warfare, along with air, sea, and land.
In 2014 the US-led alliance assessed that cyber attacks could potentially trigger NATO'S mutual defense guarantee, or Article 5. That means NATO could potentially respond to a cyber attack with conventional weapons, although the response would be decided by consensus.
The NATO chief told Bild that the alliance needed to adjust to the increasingly complex series of threats it faces, which is why NATO members have agreed to defend against attacks in cyberspace just as they do against attacks launched against targets on land, in the air and at sea.
The United States and other NATO states have become increasingly vocal about cyber attacks launched from Russia, China and Iran, but officials say it remains hard to determine if such attacks stem from government bodies or private groups.
Recognising cyber as an official domain of warfare will allow NATO to improve planning and better manage resources, training and personnel needs for cyber defense operations, a NATO official said, speaking on condition of anonymity.
The official stressed that NATO's cyber activities would remain purely defensive.
"We have no offensive cyber doctrine or offensive cyber capability. And there are no plans for NATO as a body to use such capabilities. NATO's core cyber defense task is to defend NATO's own networks," they said.
Individual members have already declared cyber an operational warfare domain, including the United States, which said in 2011 that it would respond to hostile attacks in cyberspace as it would to any other threat.