Cyber Threats & Nuclear Weapons

Uploaded on 2016-08-02 in NEWS-News Analysis, GOVERNMENT-Defence, FREE TO VIEW

HMS Vanguard  is a  Trident ballistic missile -armed submarine of the Royal Navy which entered service in 1994.

A RUSI paper unpacks and demystifies the cyber challenge to nuclear weapons, placing it in context and providing a framework through which to understand, evaluate and ultimately address the emerging cyber–nuclear nexus.

The development and spread of cyber ‘weapons’, information-warfare capabilities and the new dynamics of the ‘cyber age’ are providing a considerable – albeit nuanced – challenge to the management, thinking and strategy that underpins nuclear weapons. 

While the nature and extent of these challenges varies between nuclear-armed states and across nuclear systems, they do, taken together, represent a noticeable shift in the context and environment in which we think about nuclear weapons and nuclear security, manage nuclear relationships and regulate global nuclear order. 

The result is a new collection of both direct and indirect challenges for nuclear forces, which have implications for current arms control agreements and regimes, the maintenance of stable nuclear balances, and the possibility of future nuclear reductions.

The safe, secure and reliable management of nuclear weapons has always been a complex business, plagued by uncertainties and risks, and the past is littered with accidents, miscalculation and near misses. 

But many of the challenges associated with the command and control (C2) of nuclear weapons are being magnified, aggravated and, in some cases, recast by the new tools, dynamics and capabilities that fall loosely under the rubric of cyber. Of particular significance is the growing threat posed by hackers seeking to gain access to, or interfere with, these highly sensitive systems, their infrastructure, and the weapons that they control.

While it has been over two decades since John Arquilla and David Ronfeldt warned, in a seminal article on the subject, that ‘cyberwar [was] coming’, and over 30 years since a teenage hacker broke into a top-secret Pentagon computer and nearly started a nuclear Third World War in the Hollywood blockbuster War Games, the nature, challenges and implications of this new cyber–nuclear nexus remain understudied and little understood and, as a contemporary dynamic, it remains largely unaddressed.

This paper seeks to address these challenges. It begins by clarifying what is meant by the term ‘cyber’ and presents a suitable framework through which to examine the nuclear weapons enterprise, before going on to explain how and in what ways nuclear weapons systems might be vulnerable to cyber threats. 

The paper then looks at the different challenges posed by hackers. These range from espionage and threats to systems and information security, through to sabotage and the risk of interference, destruction or even unauthorised nuclear use. The actors involved, and their intentions, also vary markedly, particularly with regard to the differences between the dangers posed by non-state actors and by nation states. The third part of the paper considers the implications of the cyber challenge for strategic stability and crisis management, nuclear strategy and the logic of seeking to deter cyber-attacks with nuclear weapons.

Finally, the paper's conclusion brings the central themes and arguments of the piece together, puts cyber in context alongside other emerging techno-military dynamics affecting the contemporary global nuclear environment, outlines the key challenges for the nuclear enterprise, and makes some recommendations for policy-makers and government officials for managing the cyber–nuclear nexus in the future.

RUSI

« Was The Internet Created In A Bar?
Cyber Attacks On Banks Prompt New Regulatory Safeguards »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Prosperon Networks

Prosperon Networks

Prosperon Networks support SMB to Enterprise networks through the provisioning of network monitoring software, customisation, consultancy and installation.

QA Systems

QA Systems

QA Systems provides software testing solutions for safety and business critical sectors and software safety and security standards.

Performanta

Performanta

Performanta offer a consultative approach to people, process and technology, focusing on security projects in line with adversarial, accidental and environmental business risk.

Advanced Resource Managers (ARM)

Advanced Resource Managers (ARM)

ARM provide specialist recruitment services for technology and engineering including cyber security.

IdenTrust

IdenTrust

IdenTrust enables organizations to effectively manage the risks associated with identity authentication.

RiskIQ

RiskIQ

RiskIQ is the leader in digital threat management, providing the most comprehensive discovery, intelligence, and mitigation of threats associated with an organization’s digital presence.

Torsion Information Security

Torsion Information Security

Torsion is an innovative information security and compliance engine, which runs either in the cloud or your data centre.

CyberSeek

CyberSeek

CyberSeek provides detailed, actionable data about supply and demand in the cybersecurity job market.

Meiya Pico Information Co

Meiya Pico Information Co

Meiya Pico is the leading digital forensics and information security products and service provider in China.

SYSGO

SYSGO

SYSGO is the leading European provider of real-time operating systems for critical embedded applications in the Internet of Things (IoT).

In-Sec-M

In-Sec-M

In-Sec-M is a non-profit organization that brings together companies, learning and research institutions, and government actors to increase competitiveness of the Canadian cybersecurity industry.

Enet 1 Group1

Enet 1 Group1

Enet 1 Group audits, assesses, recommends, and delivers tested solutions for the ever-increasing threats to your critical systems and digital assets

LOGbinder

LOGbinder

LOGbinder eliminates blind spots in security intelligence for endpoints and applications.

Onevinn

Onevinn

Onevinn's goal is to create a transparent, cost-effective security that is noticed as little as possible by the users. We simply call it "intelligent security."

Support Link Technologies (SLT)

Support Link Technologies (SLT)

Support Link Technologies are an IT Solutions Company committed to achieving customer satisfaction through excellent customer service.

Oxeye

Oxeye

Oxeye fills the gap between cloud and code to show exploitable vulnerabilities, and their path from API to code. More visibility. Less noise. More time to build.