A recent paper by Jason Fritz available at the International Commission on Nuclear Nonproliferation and Disarmament notionally discusses hacking nuclear command and control. The paper is mostly a cursory overview of nuclear C2 with speculation added, e.g. “such systems might depend on X which hackers might be able to exploit [in some unspecified way Y]“. Some choice quotes:
If access to command and control centres is obtained, terrorists could fake or actually cause one nuclear-armed state to attack another, thus provoking a nuclear response from another nuclear power. This may be an easier alternative for terrorist groups than building or acquiring a nuclear weapon or dirty bomb themselves. …
Efforts by militaries to place increasing reliance on computer networks, including experimental technology such as autonomous systems, and their desire to have multiple launch options, such as nuclear triad capability, enables multiple entry points for terrorists. For example, if a terrestrial command centre is impenetrable, perhaps isolating one nuclear armed submarine would prove an easier task. There is evidence to suggest multiple attempts have been made by hackers to compromise the extremely low radio frequency once used by the US Navy to send nuclear launch approval to submerged submarines. …
A sophisticated and all encompassing combination of traditional terrorism and cyber terrorism could be enough to launch nuclear weapons on its own, without the need for compromising command and control centres directly. …
It may take years to prepare an attack against advanced networks, including the identification of exploits, development of tools, and the implementation of a plan, yet technology is rapidly advancing and networks continually updating, possibly disrupting those plans. Terrorist organisations may not be able to keep up with the massive financial backing of nation states. State-sponsored hackers have this problem themselves. Despite the possibility of exaggerated claims, a threat remains…
Cyber terrorists [seeking to provoke a US nuclear launch through spoofing] would not need deception that could stand up over time; they would only need to be believable for the first 15 minutes or so. …
Some reports have noted a Pentagon review, which showed a potential “electronic back door into the US Navy’s system for broadcasting nuclear launch orders to Trident submarines”. The investigation showed that cyber terrorists could potentially infiltrate this network and insert false orders for launch. The investigation led to “elaborate new instructions for validating launch orders”. …
Nuclear command and control structures are vulnerable to cyber terrorism…Inherent flaws in current nuclear postures provide increasing opportunities for computer exploitation. Despite claims that nuclear launch orders can only come from the highest authorities, numerous examples point towards an ability to sidestep the chain of command and insert orders at lower levels. Cyber terrorists could also provoke a nuclear launch by spoofing early warning and identification systems or by degrading communication networks.
The juicy-looking bit about hacking SSBNs is from this reference, and the relevant quote is below:
The sobering results of the still- classified work by a Pentagon “Commission on Nuclear Fail-Safe” – to which [Bruce] Blair testified about Soviet nuclear safeguards, inside a vault at the Pentagon around 1992 – point to US vulnerabilities that could also apply to Russian systems today. Investigators found an “electronic back door” into the US Navy’s system for broadcasting nuclear launch orders to Trident submarines.
“This deficiency allowed unauthorized hackers, which could be terrorists or high school mischief makers, to potentially insert a launch order and transmit it to the Trident,” Blair says. The gap was so serious that Navy launch order verifications had to be revised.
Notice the bit about 1992.
After reading this paper and having studied nuclear weapons policy both in coursework and informally over the years (to illustrate, a review I wrote in 2007 for a book on Chinese nuclear policy is here), the paper struck me as highly speculative. Despite this, it may get a lot of sensational attention, which would be bad.
The folks at STRATCOM have all seen WarGames (just a few years ago, I shared an office with a STRATCOM O-5 who loved to talk about things nuclear), and despite the USAF’s well-publicized rccent gaffes, the US military does not take nuclear C2 lightly. Having met quite a few workers in the Russian nuclear establishment visiting a US nonproliferation institute, I feel justified in saying that Russia does not take nuclear C2 lightly either. More generally, anyone that is willing to “eat grass” to develop nuclear weapons is going to safeguard those weapons as carefully as they can, and initiatives like Nunn-Lugar go further by providing US help in securing nuclear materials.
What’s more, the dependence of most states’ nuclear C2 systems on networks is far from clear, and the corresponding vulnerability to information warfare even less so. Mr Fritz can’t be blamed for relying on OSINT, but the result is a work that does not begin to answer any of the by-now familiar questions it raises.
[...] people who do or might–such as myself) agree. I’ve talked about similar themes here and here and here, among other entries on this [...]