Cyber Threats & Nuclear Weapons

HMS Vanguard  is a  Trident ballistic missile -armed submarine of the Royal Navy which entered service in 1994.

A RUSI paper unpacks and demystifies the cyber challenge to nuclear weapons, placing it in context and providing a framework through which to understand, evaluate and ultimately address the emerging cyber–nuclear nexus.

The development and spread of cyber ‘weapons’, information-warfare capabilities and the new dynamics of the ‘cyber age’ are providing a considerable – albeit nuanced – challenge to the management, thinking and strategy that underpins nuclear weapons. 

While the nature and extent of these challenges varies between nuclear-armed states and across nuclear systems, they do, taken together, represent a noticeable shift in the context and environment in which we think about nuclear weapons and nuclear security, manage nuclear relationships and regulate global nuclear order. 

The result is a new collection of both direct and indirect challenges for nuclear forces, which have implications for current arms control agreements and regimes, the maintenance of stable nuclear balances, and the possibility of future nuclear reductions.

The safe, secure and reliable management of nuclear weapons has always been a complex business, plagued by uncertainties and risks, and the past is littered with accidents, miscalculation and near misses. 

But many of the challenges associated with the command and control (C2) of nuclear weapons are being magnified, aggravated and, in some cases, recast by the new tools, dynamics and capabilities that fall loosely under the rubric of cyber. Of particular significance is the growing threat posed by hackers seeking to gain access to, or interfere with, these highly sensitive systems, their infrastructure, and the weapons that they control.

While it has been over two decades since John Arquilla and David Ronfeldt warned, in a seminal article on the subject, that ‘cyberwar [was] coming’, and over 30 years since a teenage hacker broke into a top-secret Pentagon computer and nearly started a nuclear Third World War in the Hollywood blockbuster War Games, the nature, challenges and implications of this new cyber–nuclear nexus remain understudied and little understood and, as a contemporary dynamic, it remains largely unaddressed.

This paper seeks to address these challenges. It begins by clarifying what is meant by the term ‘cyber’ and presents a suitable framework through which to examine the nuclear weapons enterprise, before going on to explain how and in what ways nuclear weapons systems might be vulnerable to cyber threats. 

The paper then looks at the different challenges posed by hackers. These range from espionage and threats to systems and information security, through to sabotage and the risk of interference, destruction or even unauthorised nuclear use. The actors involved, and their intentions, also vary markedly, particularly with regard to the differences between the dangers posed by non-state actors and by nation states. The third part of the paper considers the implications of the cyber challenge for strategic stability and crisis management, nuclear strategy and the logic of seeking to deter cyber-attacks with nuclear weapons.

Finally, the paper's conclusion brings the central themes and arguments of the piece together, puts cyber in context alongside other emerging techno-military dynamics affecting the contemporary global nuclear environment, outlines the key challenges for the nuclear enterprise, and makes some recommendations for policy-makers and government officials for managing the cyber–nuclear nexus in the future.

RUSI

« Was The Internet Created In A Bar?
Cyber Attacks On Banks Prompt New Regulatory Safeguards »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Cybertrust Japan

Cybertrust Japan

Cybertrust Japan provides a comprehensive security certification and digital authentication service, enabling customers to build and manage highly secure IT infrastructures.

Empow Cyber Security

Empow Cyber Security

Empow has developed a way for enterprises to orchestrate their security infrastructure, get the most out of each security product, and better mitigate attacks, while using fewer resources to do so.

InnoSec

InnoSec

InnoSec is a software manufacturer of cyber risk management technology.

Niagara Networks

Niagara Networks

Niagara Networks is a Network Visibility industry leader, with emphasis in 1/10/40/100 Gigabit systems and mission-critical IT and security appliances.

Suprema

Suprema

Suprema is a leading global provider of access control and biometrics solutions.

Hacker House

Hacker House

Hacker House teaches you what hackers can learn about your business and systems so that preventative solutions to protect your assets can be applied through active measures.

Physec

Physec

Physec offers innovative security products and solutions for the Internet of Things ecosystem.

Greylock Partners

Greylock Partners

Greylock Partners is a leading venture capital firm based in Silicon Valley. We invest in all sectors of enterprise software technology including applications, cloud/SaaS, networking and security.

BlueRiSC

BlueRiSC

BlueRiSC invent cutting-edge system assurance solutions for the 21st century with novel software and hardware designs focusing on security technologies that can be game changing.

RhodeCode

RhodeCode

RhodeCode is an open source repository management platform. It provides unified security and team collaboration across Git, Subversion, and Mercurial.

ADGS

ADGS

ADGS is a deeptech company focused in the fields of Agent-Based simulations (Emergent Behavior), Cybersecurity and Biometrics, Social Dynamics, Natural Language Processing and Artificial Intelligence.

NARIS

NARIS

NARIS is the leading provider of an integrated Governance, Risk and Compliance platform called NARIS GRC.

Drawbridge

Drawbridge

Drawbridge is a premier provider of cybersecurity software and solutions to the alternative investment industry.

Picnic

Picnic

Picnic is a gritty, pioneering team of intelligence and cybersecurity specialists focused on solving the security challenge of our time - social engineering.

TheGreenBow

TheGreenBow

TheGreenBow is a trusted VPN software company. We help organizations and individuals become cyber-responsible. For this, we design and develop reliable and easy-to-use solutions.

Coretelligent

Coretelligent

Coretelligent is a leading providers of Managed and Co-Managed IT, cybersecurity and private cloud services.