12.07.2015 Views

global_zero_commission_on_nuclear_risk_reduction_report

global_zero_commission_on_nuclear_risk_reduction_report

global_zero_commission_on_nuclear_risk_reduction_report

SHOW MORE
SHOW LESS

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

GLOBAL ZERO COMMISSION ON NUCLEAR RISK REDUCTION REPORTDE-ALERTING AND STABILIZING THE WORLD’S NUCLEAR FORCE POSTURESinto <strong>report</strong>ing attack indicati<strong>on</strong>s that precipitate overreacti<strong>on</strong>s?Could such hackers breach the firewalls, the air gaps,and transmit launch orders to launch crews or even to theweap<strong>on</strong>s themselves? What if an insider colluded with themto provide access and passwords to the launch circuitry?Might they acquire critical codes by hacking?Nuclear command systems today operate in an intense informati<strong>on</strong>battleground. As far back as a decade ago, morethan 20 nati<strong>on</strong>s – including China, North Korea, Russia andthe United States – had developed dedicated computer attackprograms for planting viruses to disable, c<strong>on</strong>fuse, anddelay <strong>nuclear</strong> command and warning processes in othernati<strong>on</strong>s. 43 Hacking operati<strong>on</strong>s of these sorts have since increasedexp<strong>on</strong>entially as the militaries of the world increasinglydepend <strong>on</strong> computer and communicati<strong>on</strong>s networks.The number of attempts by outside hostile actors to breakinto U.S. Defense Department networks has surged into thethousands daily in peacetime. In 2012, NATO experiencedover 2,500 “significant cyber attacks” against its systems,n<strong>on</strong>e of which evidently broke through. 44At the brink of c<strong>on</strong>flict, <strong>nuclear</strong> command and warningnetworks around the world may be besieged by electr<strong>on</strong>icintruders whose <strong>on</strong>slaught degrades the coherence and rati<strong>on</strong>alityof <strong>nuclear</strong> decisi<strong>on</strong>-making. The potential for catastrophicc<strong>on</strong>sequences with computer-launched weap<strong>on</strong>s<strong>on</strong> hair-trigger is clear. Worse, some of this expanding illicitpenetrati<strong>on</strong> involves insiders, creating a whole new dimensi<strong>on</strong>to the “insider threat” to <strong>nuclear</strong> systems. If insiderswith knowledge of special passwords or other sensitive informati<strong>on</strong>related to <strong>nuclear</strong> weap<strong>on</strong>s activities collude withoutsiders, the integrity of <strong>nuclear</strong> command and c<strong>on</strong>trolsystems and safeguards against the unauthorized launch of<strong>nuclear</strong> weap<strong>on</strong>s may well be compromised.Although by design the <strong>nuclear</strong> circuits are hermeticallysealed off with air gaps and firewalls, evidence is mountingthat they are permeable. They are the Maginot Line of the21st century. Wily and sophisticated cyber warriors can anddo find ways to breach these electr<strong>on</strong>ic ramparts. Cracksin the firewalls appear up<strong>on</strong> close examinati<strong>on</strong>. For example,in the 1990s, a c<strong>on</strong>gressi<strong>on</strong>ally mandated investigati<strong>on</strong>discovered an electr<strong>on</strong>ic back door to the naval broadcastnetwork used to transmit launch orders to Trident strategicsubmarines <strong>on</strong> patrol in the Atlantic Ocean. An exploitableopportunity presented itself to outsiders or insiders: hackin and electr<strong>on</strong>ically seize and operate remotely the mainradio transmissi<strong>on</strong> site (at Cutler, Maine) used for this purpose.The Navy took this discovery so seriously that it thoroughlyrevamped launch authenticati<strong>on</strong> procedures so thatsubmarine crews would not immediately carry out launchorders received out of the blue.This principle was not extended to the Minuteman crewsbecause delay in launching the force during a bolt-from-theblue surprise Russian attack would imperil their survival.Such a pre-c<strong>on</strong>diti<strong>on</strong> ought to apply to all <strong>nuclear</strong> forces;procedures for validating launch orders should require forewarningand pre-alerting of the forces. The imperative ofquick launch of vulnerable silo-based missiles has overriddenthis safeguard, however. This is another example of whythese missiles carry relatively high <strong>nuclear</strong> <strong>risk</strong> compared tostrategic submarines.In 2010, U.S. Minuteman crews lost c<strong>on</strong>tact for an hour witha field of 50 silo-based missiles in Wyoming. So<strong>on</strong> after c<strong>on</strong>tactwas lost, the normally firewalled command and c<strong>on</strong>trolsystem for these missiles was likely breached. In such situati<strong>on</strong>s(“LF Down”) 45 , the missiles “assume” they have been cutoff from their primary and sec<strong>on</strong>dary underground launchcenters due to an attack that severed the links and destroyedthe centers. After a timer expires a few minutes later, themissiles activate a radio antenna at each of the missile silosto receive launch signals from airborne launch centers sent43 Estimates based up<strong>on</strong> Adam J. Hebert, “Informati<strong>on</strong> Battleground,”Air Force Magazine, Vol. 88, No. 12, December 2005, http://www.afa.org/magazine/Dec2005/ 1205info.html.44 “The history of cyber attacks – a timeline,” NATO Review Magazine,http://www.nato.int/docu/review/2013/Cyber/timeline/EN/index.htm.45 In the lexic<strong>on</strong>, silos are formally called “launch facilities,” and LFDown is shorthand for the loss of c<strong>on</strong>tact between the unmanned silosand their underground launch c<strong>on</strong>trol centers. This c<strong>on</strong>trol is normallymaintained by underground cables c<strong>on</strong>necting them. Silos and theirlaunch centers are three to tens of miles apart.30

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!