19 March 2017

HACKING OUR NUCLEAR WEAPONS: WHAT IF NUCLEAR TERRORISM WAS JUST A MOUSECLICK AWAY? HACKING INTO FUTURE NUCLEAR WEAPONS A BIG CONCERN


Bruce Blair, a research scholar in the Program on Science and Global Security at Princeton, and a founder of Global Zero, a group opposed to nuclear weapons, had an Op-Ed in today’s (March 14, 2017) New York Times, regarding the cyber threat to nuclear weapons. I will say right up front that I do not share Mr. Blair’s view in opposing nuclear weapons. That kind of view sort of reminds me of the handgun argument. If you banned all handguns, the only people left with a handgun [down the road] would be criminals and the government. More on nuclear weapons later.

Mr. Blair raises an issue that I have written about on this blog before: the cyber threat, and network/critical infrastructure vulnerabilities surrounding the protection of our current, and future nuclear weapons arsenal. “Imagine the panic,” he writes, “if we had suddenly learned during the Cold War, that a bulwark of America’s nuclear deterrence could not even get off the ground — because of an exploitable deficiency in its [command &]control network? We had such an achilles’ heel not so long ago,” Mr. Blair contends. “Minuteman nuclear missiles were vulnerable to a disabling cyber attack; and, no one realized it for many years.” I suspect Mr. Blair is incorrect on that observation. When you peel the onion layer back on these kind of observations, you almost inevitably find someone who not only knew about the vulnerability; but, also warned and alerted senior management — but, the warnings were not heeded for whatever reason. Mr. Blair writes that “if it were not for a curious and persistent POTUS Obama, it [this vulnerability] may never have been discovered and rectified.” Sorry Mr, Blair, I do not believe that POTUS Obama was the first to highlight this potential catastrophic deficiency. He may however, been the first POTUS to do so.

Mr. Blair notes that “in 2010, 50 nuclear-armed Minuteman missiles — sitting in underground silos in Wyoming,– mysteriously disappeared from their launching crews’ monitors for nearly an hour. The crews could not have fired the missiles on presidential orders, or discern whether an enemy was trying to [commandeer and] launch them. Was this a technical malfunction?; or, something more sinister,” he asks. “Had a hacker discovered an electronic back door to cut the links? For all the crews knew,” he asserts, “someone had put all 50 missiles into a countdown to launch. The [nuclear] missiles were [are] designed to fire [launch] instantly, as soon as they receive a short stream of computer code; and, the are indifferent [agnostic] about the code’s source.” 

This incident was a wake-up call to the POTUS, U.S. national security establishment, and those overseeing our critical national infrastructure. Mr, Blair wrote that “the Air Force quickly determined that an improperly installed circuit card, in an underground computer, was responsible for the lockout and the problem was quickly fixed. But,” he adds, “POTUS Obama was not satisfied; and, ordered investigators to look for similar [more potential] vulnerabilities. Sure enough,” he writes, more deficiencies [vulnerabilities] were found,” according to officials involved in the investigation.” 

“One of those deficiencies involved the Minuteman silos, whose [unprotected] Internet connections, could have allowed hackers to cause the missiles’ flight guidance system to shut down, putting them out of commission, and requiring days, or weeks to fix.” 

These were not the first cases of cyber vulnerabilities in our nuclear weapons infrastructure Mr, Blair noted. “In the mid-90s, the Pentagon uncovered an astonishing [alarming] firewall breach, that could have allowed outside hackers to gain control of the key naval transmitter in Maine — that is used to send launching orders to U.S. ballistic missile submarines patrolling the Atlantic.” Senior officials “were so alarmed by this discovery, the U.S. Navy radically redesigned procedures, so that submarine crews would never accept a [nuclear weapons] launch order out of the blue, unless it could be verified by a second [unimpeachable] source,” he wrote. 

“Cyber warfare raises a host of other fears,” [nightmare scenarios] he warns. “Could a [well-placed] foreign agent launch another country’s [nuclear] missiles against a third country?;” in the ultimate false flag operation. “We don’t know,” Mr. Blair contends. “Could a [nuclear] missile launch be set off by false early warning data that had been corrupted by hackers? This is an especially grave concern, because a POTUS only has three to six minutes to decide how to respond to an apparent nuclear attack,” or first strike on the United States Mr. Blair wrote. 

“This is the stuff of nightmares, and there will always be some doubt about our [nuclear weapons infrastructure] vulnerability,” Mr. Blair warns. “We lack adequate control over our supply chain for our nuclear weapons components — from design, to manufacturing, to maintenance. We get much of our hardware and software off-the-shelf from commercial vendors, that could be infected with malware,” that the company may, or may not be witting of. “We nonetheless, use the [potentially corrupted] parts in our critical networks,” Mr. Blair notes. “This loose security [oversight] invites an attempt,”to commandeer or disable at some pieces of our offensive/defensive nuclear weapons triad — with obvious “catastrophic consequences.” And, as Mr. Blair notes, “the risk would grow exponentially, if a trusted insider [alla Edward Snowden], wittingly or not, shares passwords, inserts infected thumb drives; or, otherwise facilitates illicit access to critical computers.” 

In order to reduce the risk of an inadvertent, or malicious nuclear weapons launch, or failure to launch, Mr. Blair recommends that “the U.S. and Russia take their strategic nuclear weapons off ‘hair-trigger.’ Better yet,” he adds, “we should eliminate our silo-based nuclear weapons; and, quick-launch procedures on all sides. But, this is just a start,” he writes, and recommends that we [the new administration] conduct a comprehensive investigation/study of the threat, and implement measures to address any and all weaknesses — particularly the digital ones. He ends with urging that we need to improve our control [oversight] of our nuclear weapons components supply chain, establish clear Red Lines with our adversaries — with an emphasis and agreement that nuclear weapons networks never be the target of cyber intrusion.” 

And finally, Mr. Blair has this warning: “Despite its allure, cyber warfare risks causing pandemonium,” or worse.

As the horror writer Stephen King once wrote, “God punishes us for what we cannot imagine.” I do not take issue with the deficiencies and vulnerabilities he outlined in his Op-Ed; but, I’d be shocked and surprised if we are really as vulnerable as he portrays. If we are, shame on us; and, God help us. And, what about our nuclear weapons modernization plan? Are those who are in charge of implementing a nuclear weapons modernization schema, aware of the vulnerabilities that Mr. Blair highlighted; and, will ensure that these gaps are eliminated under a new/modernized nuclear weapons arsenal? Before we modernize, we have to fully understand all of these vulnerabilities and gaps; and, war-game/Red Team what could go wrong.

Perhaps, we may be better off with a nuclear weapons arsenal that is disconnected from any kind of network whatsoever. I just am not smart enough in this area to know if making that kind of decision would put us at a nuclear weapons disadvantage versus our adversaries. But, since al-Qaeda, the Islamic State and other malcontents know how difficult it is to acquire nuclear weapons material on the black/underground market — finding a weak link in the nuclear weapons network offers them the potential to wreak nuclear havoc, without having to actually acquire, construct, or possess nuclear weapons material and a delivery mechanism. One has to assume that finding such a cyber vulnerability in the nuclear weapons architecture — is a very high priority for these malcontents. 

In the film noir classic, “The Maltese Falcon,” Humphrey Bogart plays the role of Sam Spade, a private investigator that gets involved in an intricate conspiracy to obtain the bust of a Maltese falcon that is reportedly loaded with precious stones, making the ‘bird’ extremely valuable. At the end of the movie when Bogart./Sam Spade is asked by a detective what Bogart had in his hands Mr, Bogart replied, “this is the stuff that dreams are made of.” 

Well, the scenario outlined by Mr. Blair is ‘the stuff that nightmares are made of.” We HAVE TO GET THIS RIGHT! V/R, RCP, www.fortunascorner.com

No comments: