Anxieties about the dangers inherent in nuclear weapons were the defining feature of the Cold War era. On the negative side, the entire period was characterized by acute fears that the superpower tension would escalate into a nuclear exchange, existential security concerns would drive scores of additional states to acquire nuclear weapons, and, perhaps worst of all, that terrorists might be able to get their hands on nuclear weapons. Thankfully, none of these frightening prospects materialized. Nuclear weapons were never used, nor did many additional states acquire nukes. And the extensively discussed apprehension about the terrorists’ quest for nuclear weapons was also largely unfounded. Yet, a series of terrifying nuclear crises did take place during the Cold War, as did an aggressive nuclear arms race that drove the United States and the Soviets to build unimaginably huge nuclear arsenals. On the positive side, however, possession of nuclear weapons did ultimately play an indispensable role in dissuading nuclear powers from fighting other nuclear-armed states directly, and the provision of nuclear-backed extended security guarantees proved indispensable in stemming nuclear proliferation by those non-nuclear states facing existential risks.
With the end of the Cold War, the role of nuclear weapons in safeguarding security began to subside, alongside a dramatic scaling back of most nuclear arsenals as well as their level of readiness. Yet this process failed to produce the hoped-for peace dividend, let alone the much-hyped quest for universal nuclear disarmament, or global zero. Moreover, rivalries and conflicts merely shifted into other domains, most prominently conventional, cyber, and space. Cyber, in particular, has gradually ascended to a role somewhat reminiscent of nuclear weapons during the Cold War, becoming a significant currency of international relations, an instrument of statecraft, and a source of friction. However, there are three striking differences. First, unlike nuclear weapons, which have not been used in combat since World War II, at least some forms of cyberattacks have become a normal part of life, even in peacetime. Second, cyber weapons have proliferated wide and far—not merely to nation-states and their proxies but also to numerous criminal entities. And third, cyber weapons have been established as a potent coercive tool that can produce much more diverse effects, ranging from the physical space through the digital world all the way to the cognitive realm.
Yet, as the recent Ukraine crisis and the ongoing nuclear sagas with both North Korea and Iran have made abundantly clear, nuclear weapons have not withered away. If anything, they are now resurging in relevance and prominence, manifested in the ambitious modernization programs underway across all the major nuclear arsenals, which is where the ascendancy of cyber weapons intersects with the nuclear security agenda. One especially ominous prospect associated with developments in the cyber realm has been the emergence of cyber weapons as a threat to nuclear operations on all three levels: physical, digital, and cognitive. Cyber weapons could disrupt or degrade the performance of auxiliary physical systems associated with nuclear weapons’ infrastructure (such as power supply or early warning satellites) or undermine the functioning of core nuclear command and control functions at all levels of seniority, affecting the capacity to communicate across the chain of command, sustain positive controls over a nuclear arsenal, and conduct nuclear missions securely and reliably. And cyber weapons could seriously affect the situational awareness that undergirds nuclear decision-making, especially in a crisis. Perhaps most alarmingly, cyber weapons could produce such effects unintentionally, even against the wishes of the perpetrators of an attack. There are several reasons why this is far more than a theoretical prospect.
To begin with, we ought to acknowledge that a powerful incentive exists for those feeling threatened by an adversary’s nuclear weapons to acquire a clear understanding of their role, operations, deployment, plans, and readiness, which in turn creates a strong push to clandestinely pry open the secrets of this establishment by employing human as well as technical means. Naturally, the unique qualities of cyber capabilities make them especially appealing for this purpose. And like with other forms of spying, there are no norms that prohibit such actions. Yet, cyber intrusions are inherently dual-capable—they can exfiltrate information but also affect systems’ performance—and could thus produce unintended effects, especially if intrusions are discovered and interpreted by the defending side as more sinister in nature. One can never be confident that the other party entirely forswears a disarming or at least debilitating first strike against his adversary’s nuclear forces, especially their means of delivery. The temptation to employ cyber weapons for this purpose would be especially great if it could be assumed that such an attack could be carried out effectively, sparing the need to contemplate far riskier (conventional and especially nuclear) means to accomplish this task.
The highly secretive nature of all nuclear weapons establishments also implies that such a scenario could unfold not merely when the nuclear weapons establishment is the intended target of an intrusion, but also when offensive cyber intelligence operations directed at other assets unintentionally impact nuclear assets and functions. The fusion of some nuclear and conventional assets—such as early warning and command and control architectures—further increases the odds that such destabilizing developments could occur. Extremely tight compartmentation between nuclear weapon establishments and offensive cyber ones makes matters even worse, as cyber operators, and even their policy masters, will typically lack the intimate knowledge necessary to discern when cyber operations could prove especially risky or be reasonably interpreted as such by an adversary. Perhaps most ominously, the sheer complexity of some of the command and control architectures, as well as their typical composition of both new elements and legacy ones, makes it inherently difficult to track and understand consistently the perimeter, let alone the wiring of the architecture, and correspondingly much more challenging to sustain their hardening against cyber intrusions. This both creates opportunities for those who wish to intrude against the infrastructure and assures constant anxiety on the receiving end about its susceptibility to such a scenario.
Finally, it is necessary to consider a scenario in which a third party conducts a “false flag” cyber operation against a nuclear command and control architecture with the aim of pitting other parties against each other. We have already witnessed “false flag” cyberattacks against non-nuclear targets. Hence it seems it is entirely plausible that such a scenario could happen in the nuclear domain as well, much as its consequences could prove much direr.
Looking beyond the threat cyber weapons pose to nuclear weapons, we also need to consider the possible consequences of cyberattacks against civilian nuclear power facilities. The recent conflict in Ukraine has illustrated once again the serious risks inherent in interfering in the normal operations of nuclear installations during times of military hostilities. These risks do not pertain solely to operational, grid-connected nuclear power plants but also extend to spent nuclear fuel storage facilities. The safe operation of these facilities hinges on constant monitoring of their performance, both on-site and remote, as well as the capacity to rapidly intervene when serious operational irregularities are detected to prevent a nuclear accident from unfolding and mitigate the consequences if one does occur. Disruption by cyber or other means of the ability to monitor the situation in these facilities and quickly implement corrective measures runs serious risks not only of triggering prolonged loss of power and extensive environmental damage but also potentially producing life-threatening impacts on a massive scale.
A natural point of departure for addressing the risks inherent in the cyber-nuclear nexus is to acknowledge their existence and reflect on their likely consequences. However, this is much easier said than done, as such an acknowledgment would likely encounter serious resistance on the grounds that it would draw much negative attention to problems that are both better handled in secret and do not lend themselves to quick fixes. Furthermore, some of the options for tackling these risks would not only be costly and time-consuming but would also involve painful operational and political tradeoffs. These range from unilateral steps that pose risks to or undermine cyber operations—such as diminishing compartmentation between cyber and nuclear operators or expanding policy scrutiny of sensitive cyber operations, as well as declaratory policy formulations—to unpalatable bilateral or multilateral understandings. In short, while all these options are worthy of serious consideration, none readily presents itself as suitable for immediate, straightforward implementation. Realistically, then, the world might have to wait for a true close call to shake the relevant parties into action and motivate them to overcome institutional and political reticence to seriously contemplate steps to dealing with these perils in ways that would seem inconceivable beforehand.
Ariel (Eli) Levite is a Senior Fellow at the Carnegie Endowment’s Technology and International Affairs Program.