Cyber Threats and Nuclear Weapons: New Questions for Command and Control, Security and Strategy

The development and spread of cyber ‘weapons’, information-warfare capabilities and the new dynamics of the ‘cyber age’ are providing a considerable – albeit nuanced – challenge to the management, thinking and strategy that underpins nuclear weapons. While the nature and extent of these challenges varies between nuclear-armed states and across nuclear systems, they do, taken together, represent a noticeable shift in the context and environment in which we think about nuclear weapons and nuclear security, manage nuclear relationships and regulate global nuclear order. The result is a new collection of both direct and indirect challenges for nuclear forces, which have implications for current arms control agreements and regimes, the maintenance of stable nuclear balances, and the possibility of future nuclear reductions.

The safe, secure and reliable management of nuclear weapons has always been a complex business, plagued by uncertainties and risks, and the past is littered with accidents, miscalculation and near misses. But many of the challenges associated with the command and control (C2) of nuclear weapons are being magnified, aggravated and, in some cases, recast by the new tools, dynamics and capabilities that fall loosely under the rubric of cyber. Of particular significance is the growing threat posed by hackers seeking to gain access to, or interfere with, these highly sensitive systems, their infrastructure, and the weapons that they control.

While it has been over two decades since John Arquilla and David Ronfeldt warned, in a seminal article on the subject, that ‘cyberwar [was] coming’, and over 30 years since a teenage hacker broke into a top-secret Pentagon computer and nearly started a nuclear Third World War in the Hollywood blockbuster War Games, the nature, challenges and implications of this new cyber–nuclear nexus remain understudied and little understood and, as a contemporary dynamic, it remains largely unaddressed.

This paper seeks to address these challenges. It begins by clarifying what is meant by the term ‘cyber’ and presents a suitable framework through which to examine the nuclear weapons enterprise, before going on to explain how and in what ways nuclear weapons systems might be vulnerable to cyber threats. The paper then looks at the different challenges posed by hackers. These range from espionage and threats to systems and information security, through to sabotage and the risk of interference, destruction or even unauthorised nuclear use. The actors involved, and their intentions, also vary markedly, particularly with regard to the differences between the dangers posed by non-state actors and by nation states. The third part of the paper considers the implications of the cyber challenge for strategic stability and crisis management, nuclear strategy and the logic of seeking to deter cyber-attacks with nuclear weapons.

Finally, the paper's conclusion brings the central themes and arguments of the piece together, puts cyber in context alongside other emerging techno-military dynamics affecting the contemporary global nuclear environment, outlines the key challenges for the nuclear enterprise, and makes some recommendations for policy-makers and government officials for managing the cyber–nuclear nexus in the future.

ABOUT THE AUTHOR

Andrew Futter is a senior lecturer at the University of Leicester, UK, a member of the Cyber-Nuclear Security Threats Task Force, run by the Nuclear Threat Initiative, an Honorary Fellow at the Institute for Conflict, Cooperation and Security at the University of Birmingham, a member of the Euro-Atlantic Security Next Generation Working Group, and the co-founder of the BISA Global Nuclear Order Working Group.

He is the author of three books: Ballistic Missile Defence and US National Security (2013), The Politics of Nuclear Weapons (2015), and Reassessing the Revolution in Military Affairs (2015). His fourth book, The United Kingdom and Nuclear Weapons, will be published later this year. He has written widely on nuclear strategy, proliferation, missile defence and deterrence, and is currently working on an ESRC-funded Future Research Leader’s project looking into the impact of cyber on nuclear weapons (grant number ES/K008838/1). More information about his research can be found at: <http://www2.le.ac.uk/departments/politics/people/afutter>, and he can be contacted at Ajf57@le.ac.uk.