Vladimir Putin's aggressive rhetoric, threats and gesticulations as part of the 2022 war in Ukraine have provided a timely – if unwelcome – reminder of the risks posed by nuclear weapons. At the time of this writing, there are still more than 13,000 nuclear weapons in the world, most of them far more powerful than the two US bombs that killed an estimated 200,000 people in Hiroshima and Nagasaki at the end of World War II. Although, fortunately, nuclear weapons have not been used in a theater of war since August 1945, that absence should not be confused with the idea that we have somehow solved the nuclear puzzle, or that the situation of mutually assured destruction ( MAD) on which the nuclear order is based is somewhat perfect. That nuclear weapons have not been used in the last seventy-five years is, at least in part, due to luck; And as we move into a new chapter of our nuclear history that will be marked by the return of great-power nuclear competition and, at the same time, by the emergence of a host of disruptive military technologies, it is essential to guard against overconfidence .
A critical component of the evolving global nuclear order is the impact of rapid technological change and innovations on nuclear risks and dangers. At the core of such a challenge is a set of capabilities and dynamics that are often grouped under the name of cyber threats. Cyber is a poorly defined concept used differently by different agents to refer to different things; however, there is a general consensus that cyber-attacks/cyber-operations and cyber-interference can and will have a significant impact on the safety and security of nuclear weapons, and thus on the way we try to maintain global nuclear peace. The worst possible scenario, that of hackers managing to cause an inadvertent or unwanted nuclear launch or explosion, is undoubtedly one of the greatest challenges we face today.
When we talk about a cyber threat to nuclear weapons, we are really referring to a wide variety of different dynamics that vary in severity, scope, and probability. Often these different risks (which necessarily require different responses) are grouped together and treated as if they were homogeneous. The result is often cyber hype and confusion about the nature of the challenge.
Cyber threats to nuclear weapons systems range from espionage and theft of nuclear secrets (for example, about weapons designs or processes) likely to contribute to nuclear proliferation, through operations that seek to alter data or key information of those that nuclear weapons operators and systems rely on for general day-to-day functions (such as jamming with communications platforms or data from early warning sensors), to operations that specifically seek to directly hit weapons and control systems by inserting malware into a missile or by disrupting the nuclear command and control apparatus. In general, stealing nuclear weapons data is certainly much easier than figuring out how to get malware onto a nuclear-armed missile.
The cyber challenge also differs according to the types of agents, their capabilities and intentions. For example, one might assume that a nation state would be more interested in trying to disable or impair an adversary's nuclear weapons systems from working than in trying to cause an explosion. And that, on the contrary, a non-state actor or a terrorist group will be more interested in causing a launch or an explosion. In general, nation states are more likely to have the time and resources to carry out sophisticated cyber attacks, while less capable non-state attackers will find it easier to find non-cyber means to achieve their ends or attempt to indirectly escalate a nuclear crisis. .
This is an important distinction, because the two types of challenge (enabling attacks and disabling attacks) have different implications. Clearly, preventing the inadvertent use of nuclear power as a result of third-party interference is in the interest of all nuclear-weapon states (no one wants an accidental nuclear war). However, paradoxically, the possibility of damaging an adversary's nuclear weapons systems so that they cannot be used by them is still potentially attractive. In fact, therein lies the core of the US missile defense concept called left-off-launch, which attempts to use cyberattacks to prevent the use of nuclear weapons. The problem, of course, is that the intangible nature of cyber capabilities makes it difficult to know which nuclear systems might be attacked and vulnerable.
The vulnerability of nuclear weapon systems to hackers depends on a number of different factors, and attackers have numerous ways to hack.
In any case, it may be useful to first unravel what we mean by a cyber attack. In its most basic form, a cyber attack (it would be better to say an operation on computer networks) is a digital interference in the computer code and software that control a certain process; in that case, one where nuclear weapons are involved. This interference may involve the deletion or modification of data or the implantation of new malicious code that changes a specific process. It can also include the denial of access to a particular computer or network, known as a denial-of-service attack. All these operations can be carried out remotely (for example, by infiltrating a specific computer or network that is connected to the Internet, circumventing its security protocols) or directly by physically accessing computers and networks on-site. The term cyber has also often been used more broadly to refer to all kinds of interference with computers, the software used and the data produced.
In terms of access to systems, hackers could target the supply chain of software and hardware used in the nuclear weapons project (often involving private companies), or target human operators (unbeknownst to them). account, through phishing attacks or by planting malware on their computers; or openly through blackmail induced by social engineering). It is also possible to exploit holes in security systems, so-called zero-day attacks, to gain access through unsecured networks, or malware can be directly introduced into systems by other means (i.e. USB drives), or even using the electromagnetic spectrum.
The now famous Stuxnet cyberattack against Iran's Natanz nuclear enrichment plant, which became known in 2010, is a good example of the formation of a sophisticated cyber operation. First, the attackers (presumably the US) needed to map the system they wanted to attack in order to understand the details of how it worked; second, code had to be written capable of altering an exact process in that system (the industrial control systems that monitored the speed of the enrichment centrifuge); ideally, in a way that would be difficult to discover and would not affect other processes. It is conceivable that getting there took considerable time and effort and possibly many years of refinement. Thirdly, a way had to be found to insert the malware into the system: the computer systems that controlled the enrichment at Natanz were not, of course, connected to the internet, so it is believed that the malware was introduced into the laptop of a contractor who, in turn, connected it to the system and that allowed the malware to spread and go to its target.
There are, of course, innumerable possible nuclear cyber interactions that could cause us great concern (in many cases we simply don't know about them or can't imagine them); however, four scenarios stand out.
According to the first, and perhaps the most worrying, a nuclear weapon state discovers malware on its nuclear weapons systems in the midst of a crisis, but does not know what the malware intends to do (and perhaps who is responsible). There will be many questions. Is it there by accident? Is it designed to prevent the launch of nuclear weapons? Is it just collecting data? Given enough time, it may be possible to answer those questions, but the pressure on leaders to come up with an answer is very great in a crisis and can exacerbate the pressure on them to use or lose those weapons out of fear that they are compromised.
In the second, a state believes that it has gained the ability to weaken its adversary's nuclear systems through multiple cyber intrusions and thus takes much greater strategic risks. The belief that the opponent's systems have been compromised could be communicated or signaled to the adversary and used for strategic coercion, or conceivably to degrade their nuclear weapons systems as part of an attack. Of course, such a cyberintrusion would not necessarily occur individually, but would be supported by other means of undermining the adversary's nuclear forces, for example, through precision strike capabilities and air and missile defenses.
According to the third scenario, a cyber operation designed to attack a non-nuclear weapon or support system is (mis)interpreted or inadvertently impacts nuclear weapon systems. This is known as entanglement and could lead to unintentional escalation. A good example would be a cyber attack against conventional missile support systems or satellites that support non-nuclear operations. Many satellites and command and control systems are dual-capable, able to support both nuclear and non-nuclear missions (and sometimes dual-use, i.e., civil and military), and it is therefore plausible to interpret any interference as part of a surprise neutralization attack to destabilize the ability to use nuclear weapons.
And fourth, a false flag cyberattack is carried out by a non-state actor or third party with the deliberate intent to escalate a crisis between nuclear-armed states. That can happen in a number of ways: by trying to temporarily blind early warning sensors and creating some kind of false alarm of impending attack, by spreading sensitive or embarrassing data about leaders, or by jamming nuclear command and control systems and personnel so that are unable to perform their duties as planned and distrust their systems. The key here is that the attacked state is likely to assume that these actions are carried out by its immediate rival/opponent, which in turn will fuel a rapid escalation.
Any of these cybernuclear scenarios has the capacity to lead to the use of nuclear weapons. What also unites them, however, is the fact that they are potentially much more dangerous during a crisis and to states that have limited nuclear counterstrike capability (i.e. the ability to threaten nuclear retaliation following a surprise attack). and they keep those weapons on a heightened state of alert.
Hackers will not act in a vacuum, and hopefully they will be opposed, but it is unlikely that there will be a single arms control solution to the problem. In fact, the mechanisms to mitigate and reduce cyber nuclear risks could be very different from the treaties used in the past to moderate conventional and nuclear weapons systems.
At the most basic level, protecting nuclear systems from hackers is about improving the culture of protection, defense, hygiene, and security. All of that essentially refers to the various mechanisms designed to make it harder for attackers to get in; in the ideal case, it is a question of both making it difficult for them to enter and dissuading them from attacking. Things as simple as password security, not using portable drives, firewalls to block unauthorized access, and various types of active defenses (teams of IT security professionals, for example, or even incorporating intelligence artificial) contribute to making systems safer. In addition to training operators and staff, further hardening is possible by air-baking nuclear systems, ie physically separating them from the internet and wider networks. However, improving security often comes at the expense of functionality, speed, and usability, meaning systems will never be as secure as they could be.
These preventive mechanisms could be enhanced by keeping nuclear weapons systems and their command and control apparatus separate from non-nuclear weapons infrastructure to minimize the chances of inadvertent attacks due to entanglement. And also, instead of increasing their complexity, keeping them as simple as possible to make it easier to diagnose interferences and problems. There are also reasons to keep old analog or legacy command and control systems and dumb weapons, which are harder to jam and can be stopped in the event of a cyber attack. In addition, it is possible to reduce the risks of cyber interference by not deploying nuclear weapons systems at high alert levels (that is, capable of being fired in a very short period of time) and, above all, by not delegating any part of the delivery of nuclear weapons to artificial intelligence systems.
It is possible that the mutual interest in minimizing cyber risks to nuclear systems translates into the establishment among nuclear weapons states of certain standards of behaviour, some of which could become formal or legally binding. An example could be a moratorium or an agreement for such states not to carry out cyber attacks against other nuclear command and control systems. That could be part of a broader notion of cyber deterrence, in which states are effectively deterred from carrying out the most risky and dangerous attacks against nuclear systems for fear of possible retaliation.
At the time of this writing, it seems inconceivable that digital technologies are going to stop their inexorable march toward ever greater dominance of our daily lives, and that will apply equally to the realm of nuclear weapons. In fact, in 2022, the nine nuclear weapon states (USA, Russia, UK, France, China, Israel, India, Pakistan and North Korea) are already in the process of modernizing and, in some cases, expansion of their arsenals and nuclear weapons projects. Almost without exception, that means a parallel move to digitize the various systems on which those capabilities are based, which means an ever-increasing number of lines of code and complex software that are susceptible to attack. While such an evolution may provide increased functionality in terms of real-time war planning, early warning, and nuclear usage options, it also makes systems potentially more prone to cyber interference.
As we enter a new era in which the return of great power competition between the US, Russia and China seems likely, raising concerns about geopolitical hot spots – and at the same time, a return to nuclear weapons diplomacy, nuclear rhetoric and gesticulation also seems likely – we must be aware that we are sleepwalking into a much more dangerous nuclear world. Cyber threats are not the only technological challenge that must be addressed to preserve the fragile nuclear peace, but they do represent perhaps the most pressing and possibly the main one when it comes to keeping nuclear weapons safe and secure. No one wants the plot of the 1983 Hollywood movie War Games to come true, in which a teenager nearly triggered World War III by hacking into the computers that control US nuclear weapons.
Andrew Futter is Professor of International Politics. University of Leicester