Slashdot Mirror

← Back to Stories (view on slashdot.org)

Could Cyber-Terrorists Provoke Nuclear Attacks?

Posted by ScuttleMonkey on from the telling-woprs dept.

Hugh Pickens writes "The Guardian reports that according to a study commissioned by the International Commission on Nuclear Non-proliferation and Disarmament (ICNND), a joint initiative of the Australian and Japanese Governments, terrorists could use information warfare techniques to make a nuclear attack more likely — triggering a catastrophic chain of events that may be an easier alternative 'than building or acquiring a nuclear weapon or dirty bomb themselves.' While the possibility of a radical group gaining access to actual launch systems is remote, the study suggests that terrorists could focus on feeding in false information further down the chain — or spreading fake information to officials in a carefully orchestrated strike. According to the study 'Hacking Nuclear Command and Control' [PDF], cyber-terrorists could 'provoke a nuclear launch by spoofing early warning and identification systems or by degrading communications networks.' Since command and control systems are placed at a higher degree of exploitation due to the need for rapid decisions under high pressure with limited intelligence, cyber-terrorists 'would not need deception that could stand up over time; they would only need to be believable in the first 15 minutes or so.'"

29 of 183 comments (clear)

  1. Discussed This Report Four Days Ago by eldavojohn · · Score: 4, Informative
    We discussed this the day the report was released and the conversation was pretty much limited to BSOD jokes and War Games references. Hopefully it turns out a little more interesting this time around.

    Really, I'm less worried about the cyber part of one of these attacks and am more so worried about the weakest link in the chain: the human factor. Social, over-the-shoulder or 'soft' hacks would be the few ways left to gain access. Mental manipulation like keeping someone in the dark would be the best way to scare them into action. It's not like someone's magically overcoming the physical barrier that exists between the internet and these secure networks on which sensitive information and control are relegated--you need a human to exploit.

    At least this time around the title's gone from

    Hacking Nuclear Command and Control

    to

    Could Cyber-Terrorists Provoke Nuclear Attacks?

    Which is a lot more accurate but a lot less newsworthy.

    --
    My work here is dung.
    1. Re:Discussed This Report Four Days Ago by koolfy · · Score: 3, Interesting

      and am more so worried about the weakest link in the chain: the human factor

      that's why I'll never trust nuclear weapons.

      With conventional weapons, we can always step back at time (or little after time), attackers are not isolated from main command when sent, and a spoofed war declaration can be reverted, even after one accidental bombing (this creating some serious diplomatic issues though...)
      With nuclear weapons, no stepping back of any way (that I know), and after the first strike, the war is over, or forever.

      Since I don't know much more than what movies told me I may be wrong and will be looking for expert's contribution, but I'm afraid I'm not that wrong...

      --
      Segmentation Fault in "Life, Universe and Everything" at line 42. Don't Panic.
    2. Re:Discussed This Report Four Days Ago by SEWilco · · Score: 4, Insightful

      and am more so worried about the weakest link in the chain: the human factor

      that's why I'll never trust nuclear weapons.

      It's no the weapons which you don't trust. It's the humans with them.

    3. Re:Discussed This Report Four Days Ago by johnsonav · · Score: 4, Insightful

      With nuclear weapons, no stepping back of any way (that I know), and after the first strike, the war is over, or forever.

      Well, that's kind of the point, isn't it? So long as everyone knows that the missiles can't be recalled, that fact becomes part of the deterrence.

      Makes everyone very, very careful.

      --
      ... and that's when the C.H.U.D.'s came at me.
    4. Re:Discussed This Report Four Days Ago by koolfy · · Score: 2, Interesting

      I would'n thust weapons with no human control eighter...

      Just look at how easily antiviruses erase innocent files.

      --
      Segmentation Fault in "Life, Universe and Everything" at line 42. Don't Panic.
    5. Re:Discussed This Report Four Days Ago by koolfy · · Score: 3, Insightful

      No matter how careful you are, Murphy's Law is always around...

      --
      Segmentation Fault in "Life, Universe and Everything" at line 42. Don't Panic.
    6. Re:Discussed This Report Four Days Ago by jra · · Score: 2, Insightful

      MAD assumes rationality.

      Wars are not started by rational people.

    7. Re:Discussed This Report Four Days Ago by cdrguru · · Score: 5, Insightful

      Where MAD falls apart is when the leaders don't give a rat's ass about the civilian population.

      I would say that recent events in Iran make it pretty clear that the civilian population doesn't matter all that much to the leaders. North Korea is at that level or perhaps worse. If the military leadership in either country could be confident of survival I don't see MAD being a deterrent at all.

      So what if 80% of the civilian population is wiped out?

    8. Re:Discussed This Report Four Days Ago by TheMeuge · · Score: 5, Insightful

      If you must have nuclear armed subs, arm each one with one low-yield nuke. Any more and you are just begging for an accident.

      I think you're missing the concept of "assured destruction" in Mutually Assured Destruction.

      An american missile sub can have 20 missiles, with 8x50kt warheads per missile. That's 160 nuclear warheads that can be targeted independently and can each cause substantial casualties if aimed at civilian targets. But that's what it's meant to be - a guaranteed "revenge" weapon, that is fully capable of demolishing or severely crippling a whole nation, even if ALL of the ground nukes are disabled by a first strike. The terror such a weapon commands, is precisely the reason why safety is assured.

      This is why small nuclear powers are so much less stable. India and Pakistan are at a much higher risk of using nuclear weapons in the field against each other than US and Russia, simply because neither of them have the capability of destroying the other.

      That being said, as has been mentioned previously, MAD relies on rational players to work.

    9. Re:Discussed This Report Four Days Ago by johnsonav · · Score: 2, Insightful

      That doesn't stop the US and a lot of other nuclear armed countries fitting nuclear weapons on just about everything that flies or sails.

      Nor should it.

      Really, having a few nuclear ICBMs is simply sane with other hostile countries. However, loading submarines with multiple warheads is not. If you must have nuclear armed subs, arm each one with one low-yield nuke. Any more and you are just begging for an accident.

      What you describe is not a credible nuclear deterrent. To be effective, a deterrent needs to make launching a first-strike so unthinkably catastrophic for the aggressor, that there would be no way to "win". If we implemented the kind of deterrent you advocate, a nuclear war would be "winnable", and much more likely.

      Remember, an accidental launch of a nuclear weapon is not the worst-case scenario.

      --
      ... and that's when the C.H.U.D.'s came at me.
    10. Re:Discussed This Report Four Days Ago by palindrome · · Score: 3, Funny

      It wasn't a spelling flame, I simply doubted the validity of the word accurate. But kudos and my sincere apologeese.

    11. Re:Discussed This Report Four Days Ago by johnsonav · · Score: 4, Insightful

      Where MAD falls apart is when the leaders don't give a rat's ass about the civilian population.

      I would say that recent events in Iran make it pretty clear that the civilian population doesn't matter all that much to the leaders. North Korea is at that level or perhaps worse. If the military leadership in either country could be confident of survival I don't see MAD being a deterrent at all.

      So what if 80% of the civilian population is wiped out?

      You realize that both of those countries are (or will be) able to field no more than a handful (at most) of nuclear weapons, right? And, that neither has the capability to disrupt our own volley of nukes.

      Neither of them is able to "win" a nuclear war. Even if the leadership survives, and 80% of the population is killed, they won't really have a country left to lead, let alone maintain a military to defend against anything. It still doesn't make any sense for them to use nukes.

      --
      ... and that's when the C.H.U.D.'s came at me.
    12. Re:Discussed This Report Four Days Ago by RxScram · · Score: 2, Informative

      All American SSBN's (Ohio Class) can actually carry 24 missiles, with a theoretical limit of 8 (or 12, depending on the source of information) W88 warheads, each warhead with a yield of 475 Kt. Of course, the START and SALT treaties limit the number of warheads per missile to something like 4, but it's still a mighty destructive force.

    13. Re:Discussed This Report Four Days Ago by superwiz · · Score: 2, Insightful

      Oh? Rational thought was essentially invented by Aristotle -- the tutor of Alexander.

      --
      Any guest worker system is indistinguishable from indentured servitude.
    14. Re:Discussed This Report Four Days Ago by CrimsonAvenger · · Score: 3, Informative

      Sure, but submarines are not totally safe. Lets say a group of people manage to board the ship and with some aid from some crew, hey, they have 160 nukes that can reach pretty much an entire continent or more.

      Of course, unless one of the "some of the crew" include the Captain, they can't actually arm the weapons. And if they have the captain, well, there are other people they have to have, any one of which can make the weapons unusable.

      Plus, of course, the boats with the missiles are either underwater (and therefore the "group of people" can't reach it to take it over), or tied up alongside a subtender full of sailors and marines, in a port full of sailors and marines, all of whom have a very bad attitude about the notion of stealing a boomer.

      Or lets say two subs manage to crash into each other as had previously happened ( http://i.gizmodo.com/5154315/two-nuclear-submarines-collide-in-the-atlantic [gizmodo.com] ) and lets say for some reason some safety measures failed and if this happens in a populated area it becomes another Chernobyl even with an incomplete detonation.

      Aside from this being impossible (there is no scenario where an "incomplete detonation" can occur - nukes have been present on aircraft that crashed without doing anything other than laying there), there aren't actually too many "populated areas" in the middle of the ocean where these boats spend their time.

      The USSR is no longer in power, and a nuke or two is all it takes to neutralize any potential other nuclear threat from a non-stable nation, so why risk it?

      Because the USSR isn't the only threat conceivable. It never was, and never will be.

      This ignoring the fact that there has never been an accidental detonation of a nuclear device, in ANY of the nuclear powers. So why assume that the risk is meaningful?

      --

      "I do not agree with what you say, but I will defend to the death your right to say it"
    15. Re:Discussed This Report Four Days Ago by shutdown+-p+now · · Score: 2, Insightful

      I would say that recent events in Iran make it pretty clear that the civilian population doesn't matter all that much to the leaders.

      You are mistaken there. Lives of individual people definitely don't matter at all to those leaders, but overall population count definitely does - it's the productivity of that population, whether in factories or on the fields of battle, that keeps them afloat.

      Simply put, when you play Starcraft, you probably don't care about the life on one particular unit, but you do care to have them in sufficient numbers to defend against the enemy. Entering into a mutual nuclear strike exchange where all your units die, but the enemy still has some left, is most assuredly not in your interests - since, as soon as the exchange is over, you will surely see those enemy units digging you - the Glorious Dear Eternal Leader of ... oh, no-one now, actually - out of your underground bunker to put you up against the wall. Right away, if you're very, very lucky.

    16. Re:Discussed This Report Four Days Ago by Corbets · · Score: 2, Insightful

      While I 100% agree with your post - nicely written, by the way - I can answer your last question. People get in hysterics about nuclear weapons not because the risk is high, but because the impact is.

      In security, we use a calculation that goes something like this: Annualized loss expectancy is equal to likelihood times impact. Now, if you take that calculation for something like "getting hit by a bus", the impact is generally one person's life, so the likelihood has to be insanely high (call it 25000 percent?) if it's going to match the ALE of a nuclear weapon going off with a likelihood of 1%.

      Those numbers are obviously completely made up, but the point is: people worry more about larger-impact events. Add into this the fact that relatively few people are rational animals, and a big number on the impact side simply makes them ignore the likelihood altogether.

    17. Re:Discussed This Report Four Days Ago by Artifakt · · Score: 4, Insightful

      Let's look at Pakistan vs India. If we assume a radical Islamic faction gets control in Pakistan, and elects to use part or all their arsenal against particularly Hindu dominated portions of India, the direct casualties on the Indian side would be in the 1's to 10's of millions range. That's because the Pakistanis would be using relatively low yield Plutonium based devices, but their missiles are inaccurate enough and take long enough to prep that cities are about their only effective targets. An Indian retaliatory strike would involve some actual H-Bombs (which they don't admit having still in their arsenal, but they built and tested several designs), and probably more focus on pure military targets, but India has multiple Islamic neighbors, and they have made it clear in the past that they are not real concerned about fallout on those nations in a Pakistan/India exchange. A safe lowball estimate on total casualties is upwards of 200 Million. That's assuming India doesn't decide to kill the Indonesian navy and some other resources under Islamic regime control as a just in case. Could that happen? If it did, would that push total casualties over a billion? The best answer I ever heard on both those was 'not highly probable, but just maybe'. No one really wants to commit to a lower number, even if a billion seems a little high.
            Then there's the claim that Israel has a secret doctrine that in the event of a nuclear attack from an Islamic power on their major cities, they will coldly and deliberately kill Mecca and as many great centers of the Muslim faith as they can hit. The idea there is that the Koran supposedly says that all believers who fail to prevent the loss of the ability to make the journey to Mecca will burn in hell forever regardless of what else they do in their faith (or some Muslim factions have interpreted various verses in a way that justifies Jehad as physical violence, but also implies this, so if they insist it's true, the idea is give them the negative side of the claim.).
            It's hard to see people clinging to their religion if they are doctrinally a whole generation all condemned to hell down to the youngest born child and beyond no matter what they do. But it's also quite possible this would lead to a tremendous number of fanatics willing to die for the cause if their Mullahs assure them there's an escape clause in their somewhere, and a war that would have to be fought to the last fanatic on either side. I'd say that exchange could easily build into a Gigadeath or more.
            The biggest doubt I have about this scenario is the claim for secret Israeli plans seems to come from some of the very Muslim fanatics that you'd think it would be a big de-motivator for them to seek nukes of their own if they really believed it. That seems exceptionally illogical unless they are very confident it's just a claim they made up.

      --
      Who is John Cabal?
  2. Hard To Say by MightyMartian · · Score: 2, Interesting

    Without knowing how precisely nuclear arsenals, launch codes and the like are stored, I think it's really hard to say how likely or unlikely it is. I'd like to think that the systems and people involved are heavily secured, but if we look at some of the stuff that's gone walking out of a secured US facilities, sometimes you gotta wonder.

    --
    The world's burning. Moped Jesus spotted on I50. Details at 11.
  3. Those terrorists... by koolfy · · Score: 2, Funny

    ... are trying to impurify all of our precious bodily fluids !

    Bastards !

    yeah, that's my way of showing why I disagree with nuclear strikes, without repeating the same message that Kubrick's movie told us long time ago
    I assume my point here is pretty obvious (if you have seen the movie, of course.)

    --
    Segmentation Fault in "Life, Universe and Everything" at line 42. Don't Panic.
  4. Re:Can we go ahead with the Nuclear Disarmament al by bky1701 · · Score: 2, Insightful

    By not using nukes, we are using nukes. Ever wondered why there was never another major war between superpowers since WWII? They are a deterrent.

    Plus, they are not the only thing subject to social engineering. How about air strikes? Regular missiles? Those can do some serious damage, and could lead to WWIII. Especially if nobody has Mutually Assured Destruction to worry about.

    --
    Great Intellect...
  5. Interesting Defense by Metasquares · · Score: 3, Insightful

    Essentially the defense against this sort of exploit is "be less trigger-happy".

  6. See Sum of All Fears by JackStraight · · Score: 2, Insightful

    This novel involved an acutal nuclear device, but the aim was not simple destruction, but to get the USA to think the Russians did it, and therefore to retaliate against them. I think it did a good job of illustrating how people can come up with the wrong conclusions when they have limited info and time. In this scenario, people also tended to think of just one possibility, instead of thinking about what else could be the cause. Especially hard under time pressure.

  7. biologicals by zogger · · Score: 3, Interesting

    I am more concerned over biological attacks. There's a possibility now, what with the fast advances in this tech, that some group/state even a deranged individual could unleash something quite bad. And if they can construct such a virus or bacteria in advance, perhaps they could also construct any vaccine or treatment needed so they wouldn't worry about getting infected themselves. Or even worse, some nutjob who just hated everyone just might not care, a suicide attack.

        An attack could pass as "natural" for maybe a long time, giving the attacker immunity from detection and a modicum of plausible deniability even if suspected. We can tell where a missile is launched from, and I am guessing but I would think normal telemetry that would be garnered would give an indication of what make/model missile, giving a clue as to origin, even with a suddeen underwater sea launch. But how to tell where a biological really came from if all of a sudden it just "appears" someplace and starts to spread, or who was responsible for any retaliation strikes, or even if it is a "natural mutation" or man made?

    Anyone working with recombination techniques care to respond? Is this a possible scenario, or still mostly just scary science fiction?

  8. And *specifically*, you need to read by jra · · Score: 4, Interesting

    the part of Sum of All Fears where we almost *do it to ourselves*: a major plot point hinges on one Good Guy mis-hearing "fifteen kt" as "one fifty kt" from another Good Guy -- the first being a potential terrorist nuke, while the second "would have to be" the Russians.

    There's followup as to how hard it is to push the *clean* data down the pipe afterwards as well.

    If that's not a sufficiently cautionary tale as to just how loose and messy things would actually be in a first-strike-response situation for you... then you're not imaginative enough, and probably much happier.

    It's amazing how hard it is to think when you think someone's about to nuke your country.

    It's somewhat analogous to the traditional election supervisor's prayer: "Please, dear Ghod, let it be a landslide".

    Only, um, in reverse.

  9. Re:Can we go ahead with the Nuclear Disarmament al by Darkness404 · · Score: 3, Insightful

    The reasons why there aren't any wars after WWII isn't necessarily nukes, but the general enlightenment that comes with technology. Other than the Soviet Union, during the Cold War no one really wanted to fight on a global scale, and the only reason that Soviet Russia did was that the people were brainwashed. Before WWI and WWII young men -wanted- war, they wanted the "glory" of victory, they wanted if they died to be remembered as a patriot with every girl they ever knew wishing that they were still alive and crying at the funeral. Than WWI hit and so did the media, and suddenly war didn't seem to be all that great to the masses except for in the propaganda and brainwashed cultures of Nazi Germany and Imperial Japan. The rest of them fought for pure necessity and to save their own skin. After that, very few people really -wanted- another war, sure, they did have a few small wars, but they couldn't convince the people that war was really necessary anymore. No longer in most cultures did you have the father or grandfather speak proudly about his accomplishments in war, making it sound no more dangerous than hunting with some friends. But after the world wars you had most of them quiet, traumatized, mix that in with the fact that most people no longer saw a need for war (hippie movement) and improvements in journalism made it possible for everyone to see the horrors of war lead to many cultures who refused to go to war. The reason why we haven't had WWIII isn't totally because we have nukes but because there would be very few willing fighters.

    --
    Taxation is legalized theft, no more, no less.
  10. This is bullshit... by ammorais · · Score: 4, Insightful
    From the article:

    "Cyberspace is real, and so is the risk that comes with it,"

    Did someone stopped to think this is the kind of alarming news that can elevate simple computer hackers to dangerous international terrorists.

  11. The problem with the Human Factor by dov_0 · · Score: 2, Funny

    You can fool some of the people some of the time, or all of the people all of the time. Unfortunately it seems that could be all that's needed...

    --
    sudo mount --milk --sugar /cup/tea /mouth /etc/init.d/relax start
  12. Insufficient Knowledge = Inaccurate Results by DoctorMabuse · · Score: 5, Informative

    This paper shows a significant misunderstanding of the command and control structure and procedures at STRATCOM (formerly SAC), National Command Authority (NCA) and other key elements of the process. I am waiting for the author to explain how the attacker will obtain the encryption codes to MILSTAR, SLFCS or any of the other communication channels into a Minuteman Launch Control Facility or the equivalent communication channels going to bomber squadrons, submarines and other force components with nuclear capability. Then there are enable codes, launch codes and various other keys that would be needed. The article also fails to address safeguards in place. One needs to only examine the "incidents" that have occurred in real life, such as a exercise tape accidentally being loaded at SAC, prompting incoming ICBM warnings, to see that these procedures worked even 20 or 30 years ago, and they hve only been improved since then.

    Having worked on the unauthorized launch studies for Peacekeeper (the decommissioned ICBM system often referred as MX), I can tell you the author did not have the data needed to be able to conduct this study, much less draw any valid conclusions