- The former head of U.S. Strategic Command believes a nation-state-sponsored hacker could ‘fool’ the U.S. nuclear command and control system into launching weapons, so U.S. nuclear weapons should be taken off high alert
Talk to any intelligence analyst, top military commander or combat strategist and he or she will tell you that the number one threat to global stability isn’t the same today as it was during the Cold War.
Back in those “good ol’ days,” America pretty much knew who its main enemy was: The Soviet Union. China had not yet risen to any position of prominence as a Great Power and India was still mired largely in poverty, struggling to employ and feed its hundreds of millions of people. The biggest threat the world faced then was that of nuclear holocaust; between the two superpowers, there were tens of thousands of nuclear warheads on ready alert.
In reality, nuclear weapons have likely helped prevent a third world war between the great powers. The concept of matually assured destruction (MAD) was a deterrent factor that kept the cold war from turning hot (though it did not prevent proxy wars in Korea, Vietnam and Afghanistan).
But a new high-tech threat has emerged in recent years that has some military planners much more concerned – enough so that they are recommending reducing thehigh alert status of the U.S. nuclear arsenal.
That threat is . cyber warfare
Retired Marine Gen. James Cartwright said in an interview that “de-alerting” nuclear arsenals could foil hackers by reducing the chance of firing a weapon in response to a false warning of an attack.
He said putting a longer fuse, so to speak, on the nuclear arsenal – which is formed by a traid consisting of land, sea and air-launched weapons – can be accomplished without taking away from its deterrent value. Cartwright was head of the U.S. Strategic Command from 2004-2007 and became vice chairman of the Joint Chiefs of Staff before retiring from the Corps in 2011.
Strategic Command today is still considering its options. In a forum moderated by The New York Times’ Thom Shanker in January, current STRATCOM commander Navy Adm. Cecil Haney noted that strategic deterrent still includes a triad of nuclear delivery platforms, but other critical elements range from intelligence and missile defense to space and cyber capabilities and a capable workforce.
Haney said that the nuclear triad alone could not guarantee U.S. national security. Other parts of deterrence are a credible missile defense system that defends against limited attacks from rogue nations, cyberspace and space capabilities.
NATO is also beefing up its cyber defenses. “The growing sophistication of cyber attacks makes the protection of the Alliance’s communications and information systems (CIS) an urgent task,” NATO said on its cyber security web site.
But what would Russia do? And could Washington trust Moscow to abide by any agreement to “de-alert” both countries’ nuclear arsenals?
The Obama administration, thankfully, is cool to the idea of unilaterally de-alerting the U.S. arsenal. And given his administration’s woeful “reset” with Russia, there is little chance that President Vladimir Putin is in any mood to stand down his nuclear arsenal in any fashion.
For one, the two countries are at odds over a U.S. accusation that Moscow is violating a treaty banning medium-range missiles. For another, as noted by Haney earlier this year, Russia has had more than a decade of investments and modernization across its strategic nuclear forces. In addition, earlier reports claim that Putin threatened a nuclear response to any attempt by the U.S. and NATO to force him to quit Crimea. Also, in August, putin reminded the world Russia was a premier nuclear power.
It should be noted that the United States has not remained idle as the threat of cyber warfare has increased. U.S. Cyber Command (USCYBERCOM) was stood up early in Obama’s first term (June 23, 2009). It’s mission: Cyber Com “plans, coordinates, integrates, synchronizes and conducts activities to: direct the operations and defense of specified Department of Defense information networks and; prepare to, and when directed, conduct full spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries.”
The president’s 2015 National security strategy recognizes that there are “escalating challenges to cybersecurity,” and that the U.S. is “shaping global standards for cybersecurity and building international capacity to disrupt and investigate cyber threats.”
Also, U.S. firms are leaders in the field of cyber security.
But the challenges are many; as any who has an upgradeable electronic device knows, technology changes rapidly. So, too, does the cyber threat. Therefore, defenses must constantly evolve.
Cartwright is wise to consider that a cyber attack could mimic some sort of Russian nuclear action, but it’s more likely that a cyber attack would target U.S. systems to either prevent them from detecting a missile launch or fool them into thinking no launch has occurred when one actually has.
Cartwright led a study that recommends adjusting the missile command and control system so that it would take 24 hours to 72 hours to get the missiles ready for launch, to ensure that a cyber attack could not launch U.S. prematurely. That’s just not sound security policy.
Cartwright is wise to consider the dangers of cyber warfare. “The sophistication of the cyberthreat has increased exponentially” over the past decade, Cartwright said Tuesday. “It is reasonable to believe that that threat has extended itself” into nuclear command and control systems. “Have they been penetrated? I don’t know. Is it reasonable technically to assume they could be? Yes.”
Frankly, a cyber attack would most likely target U.S. electronic surveillance and missile systems to either prevent them from detecting a Russian launch, or fool our systems into thinking no launch has occurred when one actually has – not launch one of ourweapons by mistake. In fact, there’s no evidence to suggest that any country – or any hacker – has the capability to breach what are probably some of the most well-defended cyber environments in the world: U.S. nuclear missile command-and-control.
“Could be penetrated” is not worth having our nuclear response taken offline, essentially. Better to keep our first-line nuclear deterrent in its current high-alert status than to risk having to wait 1 to 3 days to respond to a nuclear attack – if a response would even be possible then.
No comments:
Post a Comment