war on the rocks

The Cyber Threat to Nuclear Deterrence

February 1, 2016

In late 2010, when the Stuxnet worm was reported to have targeted and disabled nuclear enrichment centrifuges in Iran, a proverbial line in the sand was crossed that linked the rising awareness of cyber threats with that of the existing nuclear world. Though it is believed that Stuxnet was intended to slow the proliferation of Iran’s alleged nuclear weapons program, the questions over nuclear stockpile vulnerability and the future role of nuclear deterrence were inevitable. Hollywood has already depicted the perils associated with hacking nuclear control systems in movies like Wargames and Blackhat. As a result, it was hardly surprising that both the U.S. and U.K. media interpreted the 2013 Defense Science Board’s recommendation to protect nuclear strike as a deterrent to indicate that cyber attacks posed a preeminent threat. For nuclear pessimists (people who don’t believe the United States needs a nuclear deterrent), the risk of cyber attacks against nuclear stockpiles underscores the inherent dangers that nuclear weapons present and ultimately undermine their role in international stability.

The Global Zero movement, an international non-partisan organization of world leaders focused on eliminating all nuclear weapons, chooses to interpret these findings and the associated hype as another example of how nuclear deterrence is no longer relevant in the 21st century. In this case, their fundamental belief that all roads should lead to nuclear disarmament confuses the uncertainty of the cyber domain with the proven track record of global stability that nuclear weapons continue to provide after almost 70 years.

The perception that cyber threats will ultimately undermine the relevance or effectiveness of nuclear deterrence is flawed in at least three keys areas. First among these is the perception that nuclear weapons or their command and control systems are similar to a heavily defended corporate network. The critical error in this analogy is that there is an expectation of IP-based availability that simply does not exist in the case of American nuclear weapons — they are not online. Even with physical access, the proprietary nature of their control system design and redundancy of the National Command and Control System (NCCS) makes the possibility of successfully implementing an exploit against either a weapon or communications system incredibly remote. Also, whereas the cyber domain is characterized by significant levels of risk due to a combination of bias toward automated safeguards and the liability of single human failures, nuclear weapon safety and surety are predicated on balanced elements of stringent human interaction and control. From two-person integrity in physical inspections and loading, to the rigorous mechanisms and authority required for weapons release, human beings serve as a multi-factor safeguard while retaining the ultimate role to protect the integrity of nuclear deterrence against cyber threats.

To a large degree, the potential vulnerabilities caused by wireless communications and physical intrusions into areas holding nuclear material are already mitigated via secure communications that are not linked to the outside and multiple layers of physical security systems. While there has been a great deal of publicity surrounding the Y-12 break-in of 2012, the truth is that the three people involved never got near any nuclear material or technology.

Without state-level resourcing in the billions of dollars, the technical sophistication required to pursue a Stuxnet-like attack against nuclear weapons is most likely beyond the capability of even the most gifted group of hackers. For all intents, this excludes terrorist organizations and cyber criminals from the field of threats and restricts it to those nations that already possess nuclear weapons. Nuclear-weapon states, however, have the full-spectrum cyber threat capability referenced in the Defense Science Board report and would most likely be influenced by an understanding of the elements of classic nuclear deterrence strategy. In the case of first strike, no cyber weapon could be expected to perform at a rate higher than any conventional anti-nuclear capability (i.e., not 100 percent effective). Therefore, an adversary’s nuclear threat would be perceived to endure, thereby negating and dissuading the effort to use and employ a cyber weapon against an adversary’s nuclear force. Additionally, just as missile defense systems have been historically controversial due to perceived destabilizing effects, it is reasonable to conclude that these nuclear-weapon states would view the attempt to deploy a cyber capability against their nuclear stockpiles from a similar perspective.

Finally, the very existence of nuclear weapons is often enough to alter the risk analysis of an adversary. With virtually no chance of remote or unauthorized detonation (which would be the desired results of a sabotage event), the most probable cyber threat to any nuclear stockpile is that of espionage. Attempted cyber intrusions at the U.S. National Nuclear Security Agency (NNSA) and its efforts to bolster cybersecurity initiatives provide clear evidence that this is already underway. However, theft of design information or even more robust intelligence on the location of stored nuclear weapons cannot eliminate the potential destruction that even a handful of nuclear weapons can bring to an adversary. Knowledge alone, particularly the imperfect knowledge that cyber espionage is likely to offer, is incapable of drastically altering an adversary’s risk calculus. In fact, quite the opposite is true. An adversary with greater understanding of the nuclear capabilities of a rival is forced to consider courses of action to prevent escalation, potentially increasing the credibility of a state’s nuclear deterrence.

Despite the growing sophistication in cyber capabilities and the willingness to use them for espionage or in concert with kinetic attack, the strategic value of nuclear weapons has not been diminished. The insulated architecture combined with a robust and redundant command-and-control system makes the existence of any viable cyber threat of exploitation extremely low. With the list of capable adversaries limited by both funding and motivation, it is highly unlikely that any nation will possess, or even attempt to develop, a cyber weapon sufficient to undermine the credibility of nuclear weapons. In both psychological and physical terms, the threat of the megabyte will never possess the ability to overshadow the destructive force of the megaton. Although the employment of cyberspace for military effect has brought new challenges to the international community, the role of nuclear weapons and their associated deterrence against open and unconstrained global aggression are as relevant now as they were in the Cold War.


LCDR Matt Caylor is a student at Air Command and Staff College, undertaking a nuclear elective with the U.S. Air Force Center for Unconventional Weapons Studies. The views expressed in this article are those of the author and do not necessarily reflect the official policy or position of the Air Force, the Department of Defense, or the U.S. Government.


Photo credit: Airman 1st Class Krystal Ardrey, U.S. Air Force