A growing reliance on computers, code and software for all aspects of nuclear weapons management – from early warning, through the protection, collation and analysis of data, up to authorizing and firing the weapons – is also creating new ways in which nuclear systems might be exploited by hackers. One of the biggest challenges here is the natural and inherent problems that are contained in ever more sophisticated and complex software and coding – such as that used for nuclear C2. Complex systems are likely to contain more bugs, problems and unforeseen errors than basic ones, especially those that rely on complex code, link multiple functions and hardware, and must make accurate computations quickly. These vulnerabilities are also the primary means that allow hackers to break into systems and circumvent their security mechanisms. While this is clearly a threat to nuclear C2, it also has significant implications for the wider nuclear weapons enterprise, particularly the security of sensitive nuclear-related information.
While nuclear systems will of course be well protected against cyber threats and almost certainly air-gapped, they are by no means invulnerable. The possibility that hackers could initiate nuclear use or disable weapons systems; indirectly spoof warning sensors; jam communications to prevent orders reaching the weapons; or access and utilise highly sensitive information about weapons systems and operational procedures, is real and growing. This is the result of an increase in the number of vulnerabilities in this software that could be exploited by a would-be attacker; both within nuclear C2, and inside the various infrastructure that supports nuclear weapons management. The concern is that hackers might compromise nuclear systems through disabling attacks, or by seeking to facilitate a launch or explosion through enabling attacks. Software vulnerabilities also make it easier to hack into related systems, and provide new ways to steal data, spoof various systems with erroneous information, or interfere, disrupt or damage critical nuclear facilities and processes.
nuclear-armed states. But the spread of computers, networks and digitally stored data has created new problems for nuclear secrecy and has changed, expanded and diversified the methods available for nuclear espionage. The challenge is not simply hacking into secret systems and downloading information over the Internet, but also the importance of computer and information security in those systems that may already be air gapped. Both are acute issues because of the large amount of information stored on computers and that can therefore also be stolen quickly and with (relatively) minimal effort. When such attacks can be carried out remotely, the risks are reduced even further so that no human agent needs to be placed in immediate danger. Likewise, new economies of scale allow widespread espionage attacks that attempt to steal as much information as possible about all types of things, as well as the more targeted attacks on specific and specialised information.
The cyber-nuclear espionage age began in the mid-1980s as computers and networks gradually expanded throughout (particularly US) defence and military establishments, and specifically to the 1986 Cuckoo’s Egg episode.4 In 1991 Dutch hackers broke into US military networks searching for nuclear secrets and missile data to sell to Saddam Hussein5; in 1998, the Cox Report revealed that China had stolen a considerable cache of highly sensitive secrets relating to the W88 thermonuclear warhead design6; later that year, a hacker broke in to India’s Bhabha Atomic Research Centre and downloaded passwords and emails7; and in 1999 the extent of the infiltration of the Moonlight Maze attack on the Pentagon and sensitive information held by other US government departments was revealed.8
This trend has continued and deepened during the last decade: in 2005 hackers linked with the Chinese PLA infiltrated numerous US military systems searching for nuclear secrets – amongst other defence information – in an operation dubbed Titan Rain9; in 2006 the Israeli Mossad planted malware in the computer of a Syrian official which revealed the extent of the suspected Syrian nuclear weapons programme and
The possibility that an adversary might steal nuclear secrets (weapon designs and capabilities or operational plans and procedures) has always been a major challenge for
led directly to Operation Orchard in 2007 (see below)10; in 2008 an infected USB stick left in a car park led to Operation Buckshot Yankee where US classified networks were breached and the air-gap was jumped.11 In 2011 the Zeus Trojan aimed at contractors building the UK Trident nuclear-armed submarine force was discovered12, Iran was accused of hacking the International Atomic Energy Agency (IAEA)13, and the Shady RAT malware targeting US government agencies, defence contractors and high-technology companies was discovered14, and in 2012 Anonymous threatened to release highly sensitive data on the Israeli nuclear programme stolen from the IAEA.15
US laboratories and defence contractors have remained a primary target for at least the last decade,16 and hackers have also targeted the US and Israeli ballistic missile defence programmes.17 While many of the nuclear espionage attacks (that we know about) involve attacks on the US; Operation Olympic Games – which would produce Stuxnet – began primarily as an intelligence gathering and espionage operation against Iranian nuclear activities. Likewise, both Flame and Duqu were designed to gain intelligence on systems and infrastructure – likely as precursor to a possible future sabotage on the Iranian nuclear programme.18
The implications of this are mixed. At the lower end of the scale cyber-nuclear espionage is about acquiring intelligence on what a certain state or actor is doing and the capabilities of weapons programmes. On the next level nuclear secrets may be targeted to help combat or defend against certain systems or to provide a better idea of operational procedures. Of greater concern is that nuclear secrets are stolen to aid proliferation and that
designs could be traded on the nuclear black-market. Finally, attacks could be precursors to sabotage, designed to map nuclear systems and their vulnerabilities, implant logic bombs and ensure access to in the future.
Read Full Study