Threats Emanating from Cyberspace to Nuclear Command, Control and Communication Systems
The Nuclear Command, Control and Communication systems (C3) refers to a wide range of functions which includes collecting information regarding the threats and relying on them on the concerned authority through the chain of command, advise for the authority about the available options and relying on the decision back to the forces and finally to control and target by the application of the forces. From gathering information regarding threats to hit the target precisely the involvement of cyberspace becomes inevitable.
The experts are divided when it comes regarding the vulnerability of these systems. The system in itself is complex, and therefore it requires a higher level of expertise, technical knowledge and financial resources to launch a cyber-attack on these systems. Hence, some scholars think that the chances of them being hacked are extremely low and others consider it to be considerably high. When it comes to NATO and its C3 systems, though the probability of systems responsible for deploying missiles is low, the vulnerability of the host country’s server and other facilities is high. They can be subjected to a cyber-attack.
These C3 systems can be attacked in more than one way. In 2011, a malware infected the cockpits of United States Predator and Reaper drones, though this incident did not have a major impact this can be a major problem during times of conflict. The data obtained from the cockpit can be used for multiple purposes like, to begin with by analysing the pattern of drones the adversary could use them for their operation either by countering or avoiding the drones. Further, they could disrupt the pilot software which might lead to mission failure. On 23rd October 2010 US lost its communication with 50 of its Minuteman III Inter Continental Ballistic Missiles due to some hardware issues. When the political tensions are already high incidents like these might result in miscalculation and misperception and thus affecting the deterrence quotient.
Data also has a significant role to play, image analysis can be used on the data obtained and it can be used to hit the targets more efficiently. Hence data espionage provides an opportunity for the adversary to learn about the technical specifications of the system. This will enable them to develop capabilities to intercept these systems. The APT10, a Chinese hacking group, was responsible for stealing US Navy personnel data and infiltrating major technology companies, the US Department of Energy and NASA. This might have wider implications as these data can intercept or reverse engineer these technologies and develop a much more sophisticated system.
The hardware’s are also not immune from attack. In the 1970s the cables of communication between Soviet military bases which lie 400 metres beneath the waters of the Sea of Okhotsk was tapped by the US. This has a code name Operation Ivy Bells and went undiscovered till the 1980s. The US were able to obtain a lot of sensitive information in this mission including Soviet nuclear weapons. There are wide ranges of sensors used for various purposes, the telemetry data can be disrupted by using electronic means or cyber-attack. Using them even the trajectory of a missile can be changed and made to hit the civilian population in the worst case.
Hence, the role of cybersecurity is essential in the entire life cycle of nuclear weapon systems. The possibility of cyber threats on C3 systems cannot be negated, and countries need to be resilient to avoid miscalculation and misperception. The countries need to develop a secure and sophisticated system to prevent any catastrophic event.