12.07.2015 Views

global_zero_commission_on_nuclear_risk_reduction_report

global_zero_commission_on_nuclear_risk_reduction_report

global_zero_commission_on_nuclear_risk_reduction_report

SHOW MORE
SHOW LESS

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

GLOBAL ZERO COMMISSION ON NUCLEAR RISK REDUCTION REPORTDE-ALERTING AND STABILIZING THE WORLD’S NUCLEAR FORCE POSTURESto their airspace during an attack. During such a blackoutof underground launch c<strong>on</strong>trol and switch to airborne c<strong>on</strong>trol,the opportunity exists for hackers to transmit signalsdirectly to the missile receivers. If they are able to replicatethe necessary codes (a tall feat that presumes insider collusi<strong>on</strong>and/or other prior deep penetrati<strong>on</strong> of the computersused in <strong>nuclear</strong> command, c<strong>on</strong>trol, and communicati<strong>on</strong>s),then outsiders could hack into the circuits to inject the threeshort radio signal bursts needed to fire them – the target,arm, and launch commands. Another potential entry pointto leap the air gap is the underground cabling network thatinterc<strong>on</strong>nects the unmanned missile silos with the mannedlaunch c<strong>on</strong>trol centers. It may be possible to surreptitiouslytap into these cables laid in trenches with a length of thousandsof miles and thereby gain access to the actual c<strong>on</strong>duitsused for c<strong>on</strong>trolling and firing the missiles.Very little is understood about the cyber threat to <strong>nuclear</strong>c<strong>on</strong>trol. A group of top U.S. technical experts recentlymet to review <strong>nuclear</strong> safety and c<strong>on</strong>cluded “cyber securityof <strong>nuclear</strong> command and c<strong>on</strong>trol networks in the UnitedStates, Russia, and other states is of critical importanceand warrants attenti<strong>on</strong>.” 46 A <strong>report</strong> by the Defense ScienceBoard warned recently that the vulnerability of the U.S.<strong>nuclear</strong> command system to cyber attack has never beenfully assessed. 47 Two years ago, the head of all U.S. <strong>nuclear</strong>forces acknowledged that a comprehensive review of thevulnerability of the U.S. <strong>nuclear</strong> command system to cyberattack still needed to be d<strong>on</strong>e, noting, “we d<strong>on</strong>’t know whatwe d<strong>on</strong>’t know.” 48 A recent <strong>report</strong> by the director of oper-46 Pierce Corden, et al., Summary Report: Workshop <strong>on</strong> U.S. NuclearWeap<strong>on</strong>s Safety and Security, December 12, 2012, Post c<strong>on</strong>ference<strong>report</strong> of the American Associati<strong>on</strong> for the Advancement of Science’sCenter for Science, Technology, and Security Policy and Uni<strong>on</strong> of C<strong>on</strong>cernedScientists, September 2013, http://www.ucsusa.org/sites/default/files/legacy/assets/documents/nwgs/<strong>nuclear</strong>-safety-security-workshop.pdf.47 U.S. Department of State, Task Force Report: Resilient Military Systemsand the Advanced Cyber Threat, <strong>report</strong> of the Defense Science Board,Washingt<strong>on</strong>, D.C., July 2013, http://www.acq.osd.mil/dsb/<strong>report</strong>s/ResilientMilitarySystems.CyberThreat.pdf,p. 42.48 Senate Armed Services Committee, U.S. Strategic Command andU.S. Cyber Command in Review of the Defense Authorizati<strong>on</strong> Request forFiscal Year 2014 and the Future Years Defense Program: Hearing beforeati<strong>on</strong>al tests and evaluati<strong>on</strong> found in fiscal year 2014 thatalmost every U.S. weap<strong>on</strong>s program tested showed “significantvulnerabilities” to cyber attacks. 49China and Russia undoubtedly have similar cyber vulnerabilities,but we know even less about them. Could thesecountries prevent a cyber attack from launching their missiles?The U.S. general in charge of Strategic Command testifiedthat he didn’t know. 50In all likelihood, cyber warfare in this domain mainly threatensto cause massive disrupti<strong>on</strong>. It seems more plausiblethat cyber attack could shut down computers and turn theweap<strong>on</strong>s into “bricks,” preventing authorized launch ratherthan triggering unauthorized launch. But given so manyunanswered questi<strong>on</strong>s and our weak comprehensi<strong>on</strong> of thiscyber threat, we have yet another reas<strong>on</strong> for c<strong>on</strong>cern aboutstrategic missiles <strong>on</strong> high alert and about trends am<strong>on</strong>g theother <strong>nuclear</strong> weap<strong>on</strong>s countries toward increased attackreadiness of their <strong>nuclear</strong> forces. If we cannot fully assessthe <strong>risk</strong>s, it would seem prudent to keep <strong>nuclear</strong> missiles offof high alert status at all times. This would be a sure-fire wayto mitigate foreseeable <strong>risk</strong>s as well as those that have not yetbeen imagined.the Committee <strong>on</strong> Armed Services, 113 th C<strong>on</strong>g., 1 st sess., March 12, 2013,p. 202.49 Andrea Shalal, “Nearly every U.S. arms program found vulnerableto cyber attacks,” Reuters, January 20, 2015, http://www.nytimes.com/reuters/2015/01/20/technology/20reuters-cybersecurity-pentag<strong>on</strong>.html?_r=0.50 Col. (Ret.) Valery Yarynich, the lead systems integrator for theRussian “Perimetr” (Dead Hand) system that partially automatedRussian strategic retaliati<strong>on</strong> to an attack that decapitates the Russian topleadership, reviewed the main Russian strategic <strong>nuclear</strong> command andc<strong>on</strong>trol networks and raised dozen of questi<strong>on</strong>s c<strong>on</strong>cerning avenues forunauthorized launches by insiders or outsiders. He recommended thatU.S. and Russian experts dig into these issues in a track II n<strong>on</strong>-governmentalcollaborati<strong>on</strong> that would hopefully evolve into a track I governmentalprocess. Cohesive and invulnerable <strong>nuclear</strong> command systemsimmune to cyber attack are critical to preventing the accidental, mistaken,or unauthorized use of <strong>nuclear</strong> weap<strong>on</strong>s. Therefore, a full-scalethorough review of the cyber security of all <strong>nuclear</strong> networks to identifyand remove cyber threats that could compromise the integrity of thesenetworks is absolutely essential.31

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!