Slashdot Mirror

← Back to Stories (view on slashdot.org)

Could Cyber-Terrorists Provoke Nuclear Attacks?

Posted by ScuttleMonkey on from the telling-woprs dept.

Hugh Pickens writes "The Guardian reports that according to a study commissioned by the International Commission on Nuclear Non-proliferation and Disarmament (ICNND), a joint initiative of the Australian and Japanese Governments, terrorists could use information warfare techniques to make a nuclear attack more likely — triggering a catastrophic chain of events that may be an easier alternative 'than building or acquiring a nuclear weapon or dirty bomb themselves.' While the possibility of a radical group gaining access to actual launch systems is remote, the study suggests that terrorists could focus on feeding in false information further down the chain — or spreading fake information to officials in a carefully orchestrated strike. According to the study 'Hacking Nuclear Command and Control' [PDF], cyber-terrorists could 'provoke a nuclear launch by spoofing early warning and identification systems or by degrading communications networks.' Since command and control systems are placed at a higher degree of exploitation due to the need for rapid decisions under high pressure with limited intelligence, cyber-terrorists 'would not need deception that could stand up over time; they would only need to be believable in the first 15 minutes or so.'"

10 of 183 comments (clear)

  1. Discussed This Report Four Days Ago by eldavojohn · · Score: 4, Informative
    We discussed this the day the report was released and the conversation was pretty much limited to BSOD jokes and War Games references. Hopefully it turns out a little more interesting this time around.

    Really, I'm less worried about the cyber part of one of these attacks and am more so worried about the weakest link in the chain: the human factor. Social, over-the-shoulder or 'soft' hacks would be the few ways left to gain access. Mental manipulation like keeping someone in the dark would be the best way to scare them into action. It's not like someone's magically overcoming the physical barrier that exists between the internet and these secure networks on which sensitive information and control are relegated--you need a human to exploit.

    At least this time around the title's gone from

    Hacking Nuclear Command and Control

    to

    Could Cyber-Terrorists Provoke Nuclear Attacks?

    Which is a lot more accurate but a lot less newsworthy.

    --
    My work here is dung.
    1. Re:Discussed This Report Four Days Ago by SEWilco · · Score: 4, Insightful

      and am more so worried about the weakest link in the chain: the human factor

      that's why I'll never trust nuclear weapons.

      It's no the weapons which you don't trust. It's the humans with them.

    2. Re:Discussed This Report Four Days Ago by johnsonav · · Score: 4, Insightful

      With nuclear weapons, no stepping back of any way (that I know), and after the first strike, the war is over, or forever.

      Well, that's kind of the point, isn't it? So long as everyone knows that the missiles can't be recalled, that fact becomes part of the deterrence.

      Makes everyone very, very careful.

      --
      ... and that's when the C.H.U.D.'s came at me.
    3. Re:Discussed This Report Four Days Ago by cdrguru · · Score: 5, Insightful

      Where MAD falls apart is when the leaders don't give a rat's ass about the civilian population.

      I would say that recent events in Iran make it pretty clear that the civilian population doesn't matter all that much to the leaders. North Korea is at that level or perhaps worse. If the military leadership in either country could be confident of survival I don't see MAD being a deterrent at all.

      So what if 80% of the civilian population is wiped out?

    4. Re:Discussed This Report Four Days Ago by TheMeuge · · Score: 5, Insightful

      If you must have nuclear armed subs, arm each one with one low-yield nuke. Any more and you are just begging for an accident.

      I think you're missing the concept of "assured destruction" in Mutually Assured Destruction.

      An american missile sub can have 20 missiles, with 8x50kt warheads per missile. That's 160 nuclear warheads that can be targeted independently and can each cause substantial casualties if aimed at civilian targets. But that's what it's meant to be - a guaranteed "revenge" weapon, that is fully capable of demolishing or severely crippling a whole nation, even if ALL of the ground nukes are disabled by a first strike. The terror such a weapon commands, is precisely the reason why safety is assured.

      This is why small nuclear powers are so much less stable. India and Pakistan are at a much higher risk of using nuclear weapons in the field against each other than US and Russia, simply because neither of them have the capability of destroying the other.

      That being said, as has been mentioned previously, MAD relies on rational players to work.

    5. Re:Discussed This Report Four Days Ago by johnsonav · · Score: 4, Insightful

      Where MAD falls apart is when the leaders don't give a rat's ass about the civilian population.

      I would say that recent events in Iran make it pretty clear that the civilian population doesn't matter all that much to the leaders. North Korea is at that level or perhaps worse. If the military leadership in either country could be confident of survival I don't see MAD being a deterrent at all.

      So what if 80% of the civilian population is wiped out?

      You realize that both of those countries are (or will be) able to field no more than a handful (at most) of nuclear weapons, right? And, that neither has the capability to disrupt our own volley of nukes.

      Neither of them is able to "win" a nuclear war. Even if the leadership survives, and 80% of the population is killed, they won't really have a country left to lead, let alone maintain a military to defend against anything. It still doesn't make any sense for them to use nukes.

      --
      ... and that's when the C.H.U.D.'s came at me.
    6. Re:Discussed This Report Four Days Ago by Artifakt · · Score: 4, Insightful

      Let's look at Pakistan vs India. If we assume a radical Islamic faction gets control in Pakistan, and elects to use part or all their arsenal against particularly Hindu dominated portions of India, the direct casualties on the Indian side would be in the 1's to 10's of millions range. That's because the Pakistanis would be using relatively low yield Plutonium based devices, but their missiles are inaccurate enough and take long enough to prep that cities are about their only effective targets. An Indian retaliatory strike would involve some actual H-Bombs (which they don't admit having still in their arsenal, but they built and tested several designs), and probably more focus on pure military targets, but India has multiple Islamic neighbors, and they have made it clear in the past that they are not real concerned about fallout on those nations in a Pakistan/India exchange. A safe lowball estimate on total casualties is upwards of 200 Million. That's assuming India doesn't decide to kill the Indonesian navy and some other resources under Islamic regime control as a just in case. Could that happen? If it did, would that push total casualties over a billion? The best answer I ever heard on both those was 'not highly probable, but just maybe'. No one really wants to commit to a lower number, even if a billion seems a little high.
            Then there's the claim that Israel has a secret doctrine that in the event of a nuclear attack from an Islamic power on their major cities, they will coldly and deliberately kill Mecca and as many great centers of the Muslim faith as they can hit. The idea there is that the Koran supposedly says that all believers who fail to prevent the loss of the ability to make the journey to Mecca will burn in hell forever regardless of what else they do in their faith (or some Muslim factions have interpreted various verses in a way that justifies Jehad as physical violence, but also implies this, so if they insist it's true, the idea is give them the negative side of the claim.).
            It's hard to see people clinging to their religion if they are doctrinally a whole generation all condemned to hell down to the youngest born child and beyond no matter what they do. But it's also quite possible this would lead to a tremendous number of fanatics willing to die for the cause if their Mullahs assure them there's an escape clause in their somewhere, and a war that would have to be fought to the last fanatic on either side. I'd say that exchange could easily build into a Gigadeath or more.
            The biggest doubt I have about this scenario is the claim for secret Israeli plans seems to come from some of the very Muslim fanatics that you'd think it would be a big de-motivator for them to seek nukes of their own if they really believed it. That seems exceptionally illogical unless they are very confident it's just a claim they made up.

      --
      Who is John Cabal?
  2. And *specifically*, you need to read by jra · · Score: 4, Interesting

    the part of Sum of All Fears where we almost *do it to ourselves*: a major plot point hinges on one Good Guy mis-hearing "fifteen kt" as "one fifty kt" from another Good Guy -- the first being a potential terrorist nuke, while the second "would have to be" the Russians.

    There's followup as to how hard it is to push the *clean* data down the pipe afterwards as well.

    If that's not a sufficiently cautionary tale as to just how loose and messy things would actually be in a first-strike-response situation for you... then you're not imaginative enough, and probably much happier.

    It's amazing how hard it is to think when you think someone's about to nuke your country.

    It's somewhat analogous to the traditional election supervisor's prayer: "Please, dear Ghod, let it be a landslide".

    Only, um, in reverse.

  3. This is bullshit... by ammorais · · Score: 4, Insightful
    From the article:

    "Cyberspace is real, and so is the risk that comes with it,"

    Did someone stopped to think this is the kind of alarming news that can elevate simple computer hackers to dangerous international terrorists.

  4. Insufficient Knowledge = Inaccurate Results by DoctorMabuse · · Score: 5, Informative

    This paper shows a significant misunderstanding of the command and control structure and procedures at STRATCOM (formerly SAC), National Command Authority (NCA) and other key elements of the process. I am waiting for the author to explain how the attacker will obtain the encryption codes to MILSTAR, SLFCS or any of the other communication channels into a Minuteman Launch Control Facility or the equivalent communication channels going to bomber squadrons, submarines and other force components with nuclear capability. Then there are enable codes, launch codes and various other keys that would be needed. The article also fails to address safeguards in place. One needs to only examine the "incidents" that have occurred in real life, such as a exercise tape accidentally being loaded at SAC, prompting incoming ICBM warnings, to see that these procedures worked even 20 or 30 years ago, and they hve only been improved since then.

    Having worked on the unauthorized launch studies for Peacekeeper (the decommissioned ICBM system often referred as MX), I can tell you the author did not have the data needed to be able to conduct this study, much less draw any valid conclusions