The paper from Chatham House, the Royal Institute of International Affairs, says while “the potential impacts of cyberattacks on nuclear weapons systems are enormous,” the issue has received “scant attention.”
It warns that the public could “pay the ultimate price.”
Nuclear weapons systems – including the UK’s Trident warheads – were first developed when computers were in their infancy and little consideration was given to cyber vulnerabilities, the authors warn. There are now “a number of vulnerabilities and pathways through which a malicious actor may infiltrate a nuclear weapons system without a state’s knowledge.”
Widespread reliance on digital systems in the military means communications between commanders, positioning data, and the supply and logistics chain could all be vulnerable.
Nuclear weapons are at threat from hostile states, criminal groups and terrorist organizations, the report says. “Cyber vulnerabilities within nuclear weapons systems and structures present a whole set of dangers and risks.
“At best, cyber insecurity in nuclear weapons systems is likely to undermine trust and confidence in military capabilities and in the nuclear weapons infrastructure. At worst, cyberattacks could lead to deliberate misinformation and the inadvertent launch of nuclear weapons.”
“After all, it is the public that will pay the ultimate price for complacency regarding cybersecurity of nuclear weapons systems.”
The researchers outlined a number of doomsday scenarios that could hit any nuclear arsenal in the world. It included neutralising communications – sowing doubt in the minds of world leaders and commanders ahead of a strike, attacking telemetry data to affect where missiles strike, and sabotaging “pre-launch targeting information.” They also warned cyberattacks could manipulate data, scramble communications and dupe commanders in by hacking systems or planting malware.
It cited examples such as a report that the US could have infiltrated the supply chain of North Korea’s missile system, contributing to a test failure in April last year. Elsewhere, the silos of US nuclear-tipped Minuteman intercontinental ballistic missiles “are believed to be particularly vulnerable to cyberattacks.”
The study also recorded illicit trafficking in Moldova and Georgia of radioactive and nuclear materials, a group in Belgium affiliated to Islamic State (IS, formerly ISIS) monitoring the movements of a nuclear scientist, and German-owned Patriot missiles reported to have been hacked in 2015.
The report, entitled ‘Cybersecurity of Nuclear Weapons Systems: Threats, Vulnerabilities and Consequences’, was written by Beyza Unal, a research fellow at London-based Chatham House who previously worked on strategic analysis for NATO, and Patricia Lewis, research director of the international security department at Chatham House.
It comes just days after Russian President Vladimir Putin raised concerns about a nuclear power plant drone attack. It was reported that the president is poised to create a special force to protect against terrorist drone strikes on key nuclear power stations, following attacks on Russian bases in Syria.