Threats to the cybersecurity of nuclear weapons 

This article is part of the World Economic Forum's Geostrategy platform

Nuclear weapons systems were first developed at a time when computer capabilities were in their infancy and little consideration was given to potential malicious cyber vulnerabilities.

Many of the assumptions on which current nuclear strategies are based pre-date the current widespread use of digital technology in nuclear command, control and communication systems, write Beyza Unal and Patricia Lewis, in Cybersecurity of Nuclear Weapons Systems – Threats, Vulnerabilities and Consequences.

There are a number of vulnerabilities and pathways through which a malicious actor may infiltrate a nuclear weapons system without a state’s knowledge. Human error, system failures, design vulnerabilities, and susceptibilities within the supply chain all represent common security issues in nuclear weapons systems.

Cyberattack methods such as data manipulation, digital jamming and cyber spoofing could jeopardize the integrity of communication, leading to increased uncertainty in decision-making.

During peacetime, offensive cyber activities would create a dilemma for a state as it may not know whether its systems have been the subject of a cyberattack. This unknown could have implications for military decision-making, particularly for decisions affecting nuclear weapons deterrence policies.

At times of heightened tension, cyberattacks on nuclear weapons systems could cause an escalation, which results in their use. Inadvertent nuclear launches could stem from an unwitting reliance on false information and data. Moreover, a system that is compromised cannot be trusted in decision-making.

Recommendations

Actions to reduce the risk of cybersecurity vulnerabilities may take place in the public and private sector, as well as at the national and international levels.

The private sector is often on the cutting edge of innovation in cyber development. Therefore, in order to avoid being left behind the technological curve, it is important for states to retain private sector expertise into national defence strategies.

Closer coordination between national defence departments and the private sector will ensure that the most recent technology is used and that defence policies are in sync with cyber innovation.

However, there is a contradiction in cooperating with the private sector.

Cyber offense

Although states need to limit their own cyber vulnerabilities, the existence of technical vulnerabilities could give them an advantage in future cyber offensive campaigns. In other words, national cyber agencies may prefer to be at the forefront of writing malicious codes and infiltrating industrial control systems, rather than openly sharing information about software vulnerabilities with manufacturers or users.

For example, the NSA has been accused of developing and storing cyber vulnerabilities, which was demonstrated by the discovery of the WannaCry ransomware.

At the national level, in times of uncertainty, states will tend to err on the side of shifting away from behaviour that could be misinterpreted. Russia, for instance, cancelled its air force exercises and called off planned missile testing in response to the 11 September 2001 Al-Qaeda attack.

The continuation of this type of behaviour will help prevent unintentional escalations at times of heightened tensions, particularly when time is limited and there is political and public pressure to respond to an attack.

Risk scenarios

Cybersecurity preparedness requires the analysis of possible cyber risk scenarios and an evaluation of threat vectors and consequences.

There are nine countries that possess nuclear weapons and therefore, at a minimum, 18 scenarios involving two actors, an aggressor and a defender.

The likelihood of these scenarios and survivability of nuclear forces should be examined in detail in these studies.

Survivability of nuclear forces differs from country-to-country and country-specific analysis should be incorporated in preparations.

Defence planners already usually account for system failures and an opponent’s defence mechanisms in their targeting strategies. A useful addition to this would be to take into account cyberattacks and their consequences. By understanding such pressures states can explore arms control and other cooperative security measures to reduce miscalculation and avoid unintentional destabilizing actions.

Better decisions

Mitigation measures to prevent misunderstanding between nuclear weapons states may include building in more time in the decision-making process to allow for better informed decisions.

In addition, increasing the number of people responsible for decisions in nuclear command and control, and increasing the number of intelligence-sharing measures, may lead to better informed decisions. For critical systems, redundancy measures are very important – meaning that if a component fails, the system would continue to function through back-up components.

One of the redundancy measures employed in nuclear weapons systems, for example, is to rely both on digital and analogue routes for command and control. Ongoing system engineering should also be incorporated into the whole lifecycle of weapons systems and used to maintain system integrity even under stress. To achieve this, cybersecurity needs to be considered and included from the design stage onwards.

Stress testing

Further precautionary measures may involve states reviewing significant procurement processes in the defence sector with special attention paid to cybersecurity. Such measures could include conducting stress-testing and simulation exercises to judge the suitability of components to provide reliable information.

Moreover, engaging in multilateral threat and intelligence sharing with allies would help to rapidly assess the credibility of communication and information. On the technical side, examining the vulnerability management lifecycle of cyber systems would be a useful precautionary measure to ensure ongoing compatibility as IT systems and industrial control systems have different lifecycles.

Protocols for submarine and other platforms and facilities and developing well-understood standards may help reduce the false belief about the security of air-gapping, the process of isolating computer systems from the internet.

Cyber incident hotlines that provide direct links between governments for use in times of heightened tension would allow them to re-examine the emerging situation, to acknowledge the threat and respond accordingly.

As part of this approach it may be essential to have a dedicated cybersecurity team on submarine patrols going forward. Similarly, it may become imperative to establish national cyber emergency response teams that focus fundamentally on industrial control systems in nuclear weapons complexes.

Dangers and risks

Cyber vulnerabilities within nuclear weapons systems and structures present a whole set of dangers and risks. At best, cyber insecurity in nuclear weapons systems is likely to undermine trust and confidence in military capabilities and in the nuclear weapons infrastructure. At worst, cyberattacks could lead to deliberate misinformation and the inadvertent launch of nuclear weapons.

In times of crisis, loss of confidence in nuclear weapons capabilities would factor into decision-making and could undermine beliefs in nuclear deterrence – particularly in extending nuclear deterrence to allied countries.

The challenges that cyber risks pose to nuclear weapons systems could be seen as an opportunity to create a cross-cutting risk mitigation measure that benefits both traditional adherents and sceptics of nuclear deterrence.

The loss of trust in nuclear weapons systems due to compromised data integrity or a systems failure would create significant issues for policymakers. In that eventuality, strategies that give decision-makers more time to respond will help to ease the process. Redundancy in communication systems may help to increase system resilience and help check the trustworthiness of information.

At a time when decision-makers do not trust nuclear weapons systems, verification of information through diversified intelligence sources would be crucial. Decision-makers should be informed about the confidence and uncertainties in the cybersecurity of nuclear weapons systems.

Red teaming

They should also take part in simulations where decision-making processes can be elaborated in detail. For example, red-teaming exercises role play situations of high-uncertainty and reduced time frames to make decisions.

It is highly important that decision makers, rather than their deputies or staff, take part in this process.

Cyber vulnerabilities of nuclear weapons systems are presenting dangers that have been seldom considered in the public domain. The subject requires urgent attention from academia and governments – including those without nuclear weapons but which have nuclear allies, particularly if nuclear weapons are stationed on their territories, and in any country that might be affected by the use of nuclear weapons.

It is unlikely that nuclear weapons possessing governments will be forthcoming in public or with each other on the cyber vulnerabilities of nuclear weapons systems. The one exception may be between the UK and the US, both of which possess systems that are already highly integrated and connected from the design to the deployment stages.

However, it is vital that academics, thinktanks and NGOs press for information and reassurances from governments that such issues are being addressed, and that those governments are holding open discussions with the public, including the media and parliamentarians.

After all, it is the public that will pay the ultimate price for complacency regarding cybersecurity of nuclear weapons systems.

Cybersecurity of Nuclear Weapons Systems – Threats, Vulnerabilities and Consequences, Beyza Unal and Patricia Lewis