Could a cyberattack spark an accidental nuclear war? Apparently so

11 May 2017

Nuclear missiles being fired. Image: Ilkin Zeferli/Shutterstock

Is the world able to fend off cyberattacks and prevent accidental nuclear war? One expert doesn’t think so.

Allegations made by cybersecurity experts that the 2016 US presidential election was influenced by the activities of foreign hackers has shone a spotlight on the vulnerability of nation states to cyberattacks.

While government institutions and key infrastructure are often cited as some of the biggest and juiciest targets for hacker groups, little has been said of the ability of the world’s nuclear powers to prevent the greatest of catastrophes.

Danger of the ‘dead hand’

In a new paper published by the director of NATO’s SPS cyber defence project, Dr Sandro Gaycken, many potential vulnerabilities exist that could lead to a disastrous nuclear war.

Plans are already underway in South Korea to develop sophisticated cyber weapons capable of taking out the nuclear programme of its neighbour, North Korea – but other scenarios are possible.

In theorising how an accidental nuclear war might happen, Gaycken proposed two potential outcomes.

The first suggests that one of the major powers – in this case, Russia – has built an updated version of a ‘dead hand’ trigger in its computer systems.

If a virus is able to crash a launching mechanism’s systems, the dead hand trigger will presume that the government has been lost to a nuclear attack and will fire in false retaliation.

Secondly, if a virus of unprecedented power got into a nuclear launch system, that malware could be enough to trigger the switch to launch the missiles.

A world post-Stuxnet

As to how the virus would get into these systems, Gaycken dismissed the idea that it could come remotely from terrorist groups. He suggested that the more likely cause would be a rogue state-sponsored virus being brought into a facility secretly.

Citing the famous example of Stuxnet – the virus allegedly produced by the US that took down Iran’s nuclear production facility – Gaycken said a state-on-state attack could evolve, far outside of the instigator’s control.

“Initially created for just one uranium production facility in Iran, the computer worm was found thereafter on thousands of similar systems worldwide, generating malfunctions and damages on completely different installations,” he said.

The consequences [within a nuclear missile facility] would be terrible.”

‘Governments barely able to cope’

Worryingly, Gaycken believes that states have paid far too little attention to the possibility of a catastrophic outcome, saying they are incapable of understanding the complexities of the issues.

“Governments are barely able to cope when it comes to key issues such as digital pickpocketing – they simply do not understand the problem, its causes or possible solutions,” Gaycken said.

“And they struggle to get sufficient numbers of specialised cyber experts to help, instead relying on hordes or lobbyists, pseudo-experts and opportunists. They cannot separate the wheat from the chaff.”

Despite the scepticism of Gaycken and other cybersecurity experts, the US Strategic Air Command in charge of the superpower’s nuclear arsenal recently said that it is “cybersecure”.

“The ability to command and control our nuclear assets is fundamental to the national security of the US, and US Strategic Command is taking all available measures to protect those systems from intrusion and attack,” it said to News 4.

Colm Gorey was a senior journalist with Silicon Republic

editorial@siliconrepublic.com