3 January 2017

WHAT IF NUCLEAR TERRORISM WAS JUST A MOUSECLICK AWAY? HACKING INTO FUTURE NUCLEAR WEAPONS: THE U.S. MILITARY’S NEXT WORRY


Patrick Tucker had a December 29, 2016 article on the defense and national security website, DefenseOne.com, with the title above. “Future nuclear missiles may be siloed; but, unlike their predecessors, they’ll exhibit some level of connectivity to the warfighting system,” according to Werner J.A. Dahm, the Chair of the U.S. Air Force Advisory Board. “That opens up new potential for nuclear missile mishaps [and vulnerabilities] that until now…..have never been part of Pentagon planning,” Mr. Tucker wrote. In that regard, the Air Force Advisory Board will undertake a study to see how to meet [address] those concerns.” “Obviously, the Air Force doesn’t conceptualize systems like that, without ideas for how to address those security concerns,” Dr. Dahm told DefenseOne.

This “is no simple, or straight-forward undertaking,” Mr. Tucker notes, as “the last time the United States designed an Intercontinental ballistic missile (ICBM),was 1975.” The Air Force Science Board announced this month, that in 2017, the service planned to “explore practical, and safety concerns for making a [nuclear] missile for the modern age, along with other nuclear weapons that fall under the command of the Air Force.”

“We have a number of nuclear systems that are in need of recapitalization,” Dr. Dahm said, referring to LRSO, ICBMs, and the B-21 stealth bomber. In the future, these systems are going to be quite different from the ones they may replace. In particular, they will be much more like ‘all’ systems today — network connected. They will be cyber enabled.” But, as Mr. Tucker notes, this move to the digital realm “will create new concerns — in terms of safety, and certification, that will almost certainly require changes, or additions, to current DoD Directives (DoDDs)”. DoDDs is the overarching guidance laying out the ‘rules of the road,’ so to speak, and stipulates the do’s and don’ts regarding the issue it is targeted against.

But, “before the U.S. can modernize its nuclear weapons, it first must make certain it understands everything that can possibly go wrong,” Mr. Tucker wrote. “We have formal Air Force documents that detail the formal certification process for nuclear weapons, Dr. Dahm said. But, “to what extent do the current models for certifying nuclear systems carry over into these modern, network enabled [and network dependent] systems that are likely to come out of these recapitalized programs?,” he asked. The Air Force Advisory Board will attempt to answer those questions next year, as part of their comprehensive examination of the U.S. Air Force’s oversight for their piece of DoD’s overall nuclear modernization effort.

“The fact that future U.S. nuclear weapons will be far more networked (though not necessarily open to the Internet), will create better safety and oversight; and, allow for more coordinated [and real-time] operations,” Mr. Tucker wrote. “But,” he added, “more connectivity also introduces and opens up new potential vulnerabilities and dangers.”

“You have to be able to certify that an adversary can’t take control of that weapon, that the weapon will be able to do what it’s supposed to do….when you call on it,” Dr. Dahm said. “It isn’t just cyber. That’s definitely the biggest piece; but….When was the last time we built a new nuclear weapon system? Designed and built one? It’s been several decades now. We, as an Air Force, haven’t done certification of new nuclear systems in a long time. These systems are different…..What are the surety vulnerabilities for such a system, so to speak,” Dr. Dahm postulated. “How would you address them? How would you certify that the system will work — when you need it to work; and, will do what it is supposed to do?” 

Nuclear Weapons Could Be Hacked In Cyber Space According To A London-Based National Security Think Tank

Other than a genetically modified super-virus or bug that could cause a global pandemic, and/or, a planet killing asteroid/comet on a collision course with Earth, there is probably not many other things that can keep our national security leadership up at night — than terrorists acquiring nuclear weapons material; and, the means to use it. Being able to commandeer a nuclear weapon, without having to physically possess it — is an elegant solution for the darker angels of our nature, who know that they risk exposure and being disrupted if they have to physically construct and/or possess nuclear weapons grade materials. 

In 2015, the European Leadership Network (ELN), published a paper/study claiming that “there is evidence hackers have attempted to compromise radio communications to send launch approval messages,” with respect to nuclear weapons. The ELN’s Advisory Board includes former U.K. Labor Defense Secretary, Des Browne, former Conservative Foreign and Defense Secretary Sir Malcolm Rifkind, as well as former prominent U.K Democratic national security and defense officials. The ELN study warned that “nuclear weapons could be rendered obsolete by hackers.,” and called for a risk assessment. 

Dr. Andrew Futter, Senior Lecturer in international politics at the University of Leicester, penned an article for ELN at the time, warning that” “By far, the biggest fear, and worst-case scenario, is that hackers somehow compromise, or sabotage,” a nuclear weapons capable submarine — or, the weapons it carries.” Dr. Futter wrote that “U.K. submarines receive regular radio transmissions from ashore that could theoretically could be attacked [hacked], — such as weather updates needed for targeting, and the regular FamilyGram. This will almost certainly involve malware introduced during the procurement phase, while the submarine/missiles/warheads are being built; or, when the submarine is in poet for maintenance, refurbishment, and software updates. Given that the U.K. is on the cusp of building the next generation of nuclear-armed submarines, this challenge, and guarding against threats to the supply-chain, and overall maintenance, is particularly relevant now.”

Dr. Futter concluded with this warning: “It will never be possible to say that the U.K. nuclear deterrent is entirely safe from cyber attack, or that it cannot be compromised, or undermined in some other way in the future.”

Perhaps, we may be better off with a nuclear weapons arsenal that is disconnected from any kind of network whatsoever. I just am not smart enough in this area to know if making that kind of decision would put us at a nuclear weapons disadvantage versus our adversaries. But, since al-Qaeda, the Islamic State and other malcontents know how difficult it is to acquire nuclear weapons material on the black/underground market — finding a weak link in the nuclear weapons network offers them the potential to wreak nuclear havoc, without having to actually acquire, construct, or possess nuclear weapons material and a delivery mechanism. One has to assume that finding such a cyber vulnerability in the nuclear weapons architecture — is a very high priority for these malcontents. Let’s hope that we and the British, Israelis, Pakistanis, North Korea, and so on — have this frightening and gnarly threat figured out; but, something tells me — that there are digital holes in the nuclear weapons firewall. I hope I am wrong. And, we need, and better find out, and plug them. V/R, RCP 

No comments: