The first nuclear bomb “Little Boy” was dropped on Hiroshima on the 6th of August 1945. How far have we come in terms of nuclear warfare since then? and how are nuclear bombs actually designed?

We have actually recessed in the advancement of nuclear weapons. For a good reason, they’re incredibly destructive and devastating to our environment. In 1917, Ernest Rutherford split the atom. When an unstable atom is split into two or more nuclei it releases unstable energy as well as smaller nuclei that can then split other atoms. This process is known as nuclear fission.

how does nuclear fission work?

Within an atom, there are different forces acting on the particles, holding it together. The stability of a nucleus depends on the forces holding it together. Uranium comes in three different isotopes that have varying levels of stability u-235, u-236, and u-238.

The forces holding together a nucleus consist of protons which are positivley charged and neutrons that have no charge but a slightly greater mass. Like forces repel each other and opposite forces attract each other. Some heavy nuclei have a proton neutron imbalance and not enough binding energy to hold the nucleus together, these are called unstable atoms and will lose protons and neutrons as they attempt to become more stable.

U-235 has an odd number of neutrons (143) which makes it more susceptible to nuclear fission. When you inject a U-235 nucleus with a neutron it creates a really unstable nucleus that can easily split. It is also good at absorbing slow moving thermal neutrons which creates the unstable nucleus that can trigger a fission reaction. U-238 in comparison is too stable and requires too much thermal energy to be able to induce nuclear fission.

U-238 is the most abundant isotope of uranium, which makes up about 99.28% of naturally occurring uranium. Unfortunately U-238 cannot sustain a fission reaction in a thermal nuclear reactor. One thing to note as well, only heavy atoms can sustain a fission reaction in the first place, such as Uranium and Plutonium.

Fission begins with a U-235 atom being injected with a neutron. Essentially the neutron collides with the U-235 nucleus and is absorbed, increasing it’s mass and energy. For a brief moment, U-235 becomes U-236. This results in Nuclear excitation, where the nucleus starts distorting and vibrating. It splits into two fragments which releases a ton of kinetic energy which gets converted into heat (this is what’s used in nuclear power plants to heat water to generate electricity). It also releases other neutrons that hit other atoms and continue the chain reaction.

how does nuclear fusion work?

Why is Fusion critical for an explosive weapon? The primary mechanisms, chemical explosives and nuclear fission are easy to discuss in depth. If we want to use a more advanced form of nuclear explosions, using fusion as a secondary explosion is the way to go.

Fusion is critical for hydrogen bombs or thermonuclear warheads. It often goes hand in hand with nuclear fission which is used for the primary explosion while nuclear fusion is used for the secondary explosion.

Fusion is the same reaction that also powers stars and the sun. It works by having two light nuclei like Tritium and detrium fuse together. The total mass of the heavier nucleus which is the result of fusion is less than the combined mass of the two nuclei, meaning, there is energy produced from the fusion.

We need to remember, atomic nuclei are positively charged. One of the fundamental principles of physics is that opposite charges attract and that like charges repel. How do we overcome this to produce nuclear fusion? To overcome electrostatic repulsion, we need to meet several conditions, first that the nuclei have to be brought incredibly close together, meet very high temperatures to form a state of plasma. Plasma is a superheated matter where atoms have their electrons stripped away, which forms an ionized gas.

Once the atoms are close enough together, the nuclear force takes over and they fuse together. This releases mass amounts of energy, according the Einsteins equation E=mc^2 This energy is released as heat, light, and particles.

Deuterium and Tritium are two isotopes of hydrogen and the most efficient isotopes we can use to create a nuclear fusion reaction. All forms of hydrogen, only have one proton but the number of neutrons varies based on the isotope. This results in a lower coloumb barrier, which is also known as the electrostatic barrier. Deuterium occurs naturally in nature and is pretty common with 1 out of every 6500 hydrogen atoms. Tritium on the other hand is a radioactive, unstable atom that deteriorates quickly.

fissile material and the nuclear fuel cycle

Material than can sustain a fission reaction has to be heavy and unstable. We know that. Uranium is also abundant within the earth’s crust, U-238 at least. Because the percentage of fissile material is quite low within naturally occurring uranium, it needs to be enriched to a percentage of at least 4%-5% U-235 to sustain a fission reaction.

To enrich Uranium, the process begins with actually mining it first. Most uranium is mined via in-situ leaching. Water that has been injected with oxygen or and oxidising solution such as an alkaline or acid is put through uranium ore to dissolve uranium, which is then pumped to the surface. The uranium solution is turned into ‘yellow cake’ or uranium oxide via filtering and drying it out.

The uranium oxide is converted into a gaseous form, uranium hexafluoride (UF6) through conversion. There are two main methods for enriching uranium, the less common one is diffusion where the UF6 is fed through porous barriers, because of the mass differences between the molecules, U-235 moves through the barriers slightly faster than U-238. The form of uranium enrichment, centrifugation, involves spinning UF6 through centrifuges as the heavier atoms will spread to the outside of the cylinder while the lighter U-235 atoms accumulate in the centre of the centrifuge.

The image above describes centrifugal force where the walls of the cylinder keep the UF6 gas inside. The centrifugal force is generated by the cylinder rapidly spinning. As we can see, the meavier atoms such as U-238 are pushed to the outside, against the cylinder’s walls and the U-235 are concentrated towards the centre. Often UF6 is fed through multiple centrifuges in a cascade, to achieve a higher concentration of fissile material. An important thing to note is the higher speed of centrifugation, the higher the difference in concentration.

In the context of nuclear weapons. Uranium has to have an extremely high concentration of U-235 compared to fuel. Nuclear power plants only require a concentration of 10% U-235 while a nuclear weapon requires a concentration of 90% U-235.

anatomy of an atomic bomb

Once uranium has been through the enrichment process, it can be condensed to a core. This pit/core can be lined with chemical explosives. During the manhattan project, the first potential design for the atomic bomb was called the “gun-type”, Little boy, the first bomb that was dropped on Hiroshima also used the gun type design.

The gun type is essentially two small pieces of a critical mass which cannot sustain a fission reaction on its own. To detonate the bomb, a gun fires a small bullet of fissile material into the target, which assembles the two pieces of critical mass and triggers nuclear fission. Around the fissile mass is a tamper, the job of a tamper is to reflect back neutrons into the fissile material.

This style of atomic bomb only really works for uranium, all attempts that used plutonium resulted in the fission of the material before the bomb was actually assembled. Thats why “fat man” used implosion instead of a gun-type bomb.

The other commonly used bomb was the implosion-type bomb. Implosion-type bombs are a lot more common and rely on chemical explosives being organized around the subcritical mass. Implosion is vital if the subcritical mass is made from plutonium instead of uranium. “Fat Man” which was dropped on Nagasaki on August 9th 1945, used the implosion-type bomb. One of the main differences between gun type and implosion-type is the shape of the core. Gun-type subcritical mass is often hollow so it can be injected with a critical mass bullet while implosion-type is a compressed solid sphere.

The process of detonating a bomb, obviously begins with chemical explosives being detonated around the critical mass. The purpose of the chemical explosives is to condense the core even further, before an atom is injected with a neutron, to create an explosion.

When the chemical explosives are detonated to trigger nuclear fission, there needs to be some kind of material to contain the chemical explosives to push the critical mass towards itself. This is where a tamper comes into play. It delays the thermal expansion of critical mass, while reflecting neutrons, which allows the mass to stay super-critical for longer. For example the tamper used for “little boy” was a Tungsten Carbide tamper, which has a high density and a low neutron absorbtion. Fat man used a uranium tamper almost as subcritical mass to maximise explosive yield.

anatomy of a thermonuclear warehead (hydrogen bomb)

Two different isotopes of hydrogen can be used for a thermonuclear warhead Deuterium or Tritium. It also utilises nuclear fusion instead of nuclear fission to create a chain reaction.

Thermonuclear warheads are comprised of similar components to an atomic bomb. The primary stage is almost identical to its first cousin, the implosion type atomic bomb. We have a fissile material, either U-235 or plutonium-239 surrounded by chemical explosives and a tamper as well as an explosive lens to compress the explosive material.

The secondary explosive used for nuclear fusion, will have fusion fuel in the form of lithium deuteride which is a combination of both Deuterium and tritium, surrounded by a radiation case/hohleraum to push X-rays from the primary stage to the secondary stage. As well as a spark plug wich is a small amount of fissile material to set off the secondary stage.

In the primary stage, the fission bomb is detonated which releases mass amounts of energy. Most of the energy that is release from the fissile material is in the form of X-rays. These X-rays are commpressed downwards or inwards towards the fusion fuel. This is achieved via the hohlraum or radiation case which absorbs the X-rays and redirects them back towards the fusion case, the extreme heat is what helps trigger nuclear fusion.

A ‘spark plug’ made of uranium fissions which releases outwards energy, This causes the fusion fuel (lithium deuteride) to react which releases tritium. The tritium then fuses with deuterium which forms helium and releases free neutrons. These free neutrons then cause additional fission reactions which also causes more pressure on the Lithium Deuteride, which then causes more fusion reactions. Kind of like a feedback loop or nuclear cycle, these reactions cycle until an explosion occurs.

what is cyberterrorism?

Cyberterrorism is different from other forms of cybercrime. For an act to qualify as Cyberterrorism, it must:

• be politically motivated

• involve technology and networks

• must have malicious intent to intimidate a government or country/population.

Cybercrime in comparison is generally financially motivated or just vandalism created to disrupt a network. There is a debate about what the scope of cyberterrorism actually is, as some researchers view it as just cyberwar, the same way that modern terorrism and warfare arent easily defined.

Famous examples of cyberterrorism include the 2014 Sony pictures hack by North Korean group “the Guardians of Peace” in response to the making of the film The Interview. The group stole employee data, unreleased films, plans for future films. Then used a variation of the Shamoon wiper which is malware designed to target 32bit windows systems.

The Ukraine Power Grid Hack occurred in 2015. The group responsible was highly likely to be the Russian hacking group, Sandworm. On the 23rd of December 2015, they used BlackEnergy3 Malware to create bots to execute DDoS (distributed denial of service) attacks, BlackEnergy3 is shared through email attachments containing Microsoft powerpoints or words documents.

early on, Script kiddies and hacktivists

Cyberterrorism as an idea, can be traced back to the early days of the internet when people with basic programming skills, often referred to as "script kiddies," began experimenting with hacking. These early attacks were primarily motivated by less threatening ideas such as pure vandalism or curiosity

Hacktivism emerged as a more politically charged form of cybercrime, with groups like Anonymous using cyberattacks to promote social and political causes. While their actions often had a symbolic impact, they laid the groundwork for more serious threats. The idea of hacktivism is interesting because members of anonymous have described plans in the early days would start off with something like “what do we all dislike?” and the answer would be “pedophiles” or “beastiality” and while everyone had different political opinions they would bond over a shared hate.

Organised cybercrime

As the internet became more widely used, hacking and cybercrime became more lucrative. Organized criminal groups, either independent or state sponsored, recognized the potential for financial gain through cyberattacks. Ransomware, phishing, and data breaches became commonplace, blurring the lines between cybercrime and cyberterrorism.

MafiaBoy was a cybercrime group operating in the late 1990’s. A Canadian teenager, Michael Calce, led a group responsible for a series of Distributed Denial of Service (DDoS) attacks against major websites, including Amazon, eBay, CNN, and Yahoo!. These attacks showcased the potential for significant disruption through coordinated online activity.

The Shadow Crew was another group active in the early 2000’s. They ran an online marketplace before the dark web was a thing. It offered a platform where cybercriminals could buy and sell a loads of stolen goods and services such as credit card numbers, counterfeit items, drugs, everything. At its peak, the marketplace had thousands of registered users, processing transactions worth millions of dollars.

state sponsored atps

State sponsored cyberterrorism has become more prominent in recent years. Cyberattacks motivated by more than just financial gain have increased. Events such as the Morris Worm, Sony Pictures Attack, Wannacry Ransomware (debatable). State Sponsored Cyberterrorism is when a government funds hackers activities and directs them towards a certain target.

The main countries sponsoring ATP’s is China, Russia, and the US. They have funded attacks against countries critical infrastructure, politicians and economic state. The most well-known state sponsored adversary groups include Lazarus Group (North Korea), Cozy Bear (Russia), Double Dragon (China), Fancy Bear (Russia), Helix Kitten (Iran).

a new era of warfare

Cybercriminals are becoming increasingly skilled, with access to advanced tools and techniques. As they advance, we need to advance our defenses. As the number of connected devices grows exponentially and so does IOT (internet of things), so do the potential attack surfaces. Hackers could exploit vulnerabilities in IoT devices to launch large-scale attacks or infiltrate networks.

I believe with the rise of AI, Artificial intelligence will revolutionize both offense and defense. Malicious actors could employ AI to develop self-learning malware, automate attacks, and evade detection. We can also develop self-learning AI for our own penetration testing, and use it to advance our own defenses.

Nation-states will continue to invest heavily in cyber capabilities to gain strategic advantages. The lines between cyber espionage, cybercrime, and cyber warfare will blur further. Countries developing tools such as Pegasus and Predator Spyware, will only advance and become more dangerous.

increasing attack surface

As the IOT (internet of things) expands, so does the attack surface that needs to be protected. Most of our critical infrastructure is part of the internet of things, this includes transport, and power grids. The 2015 Ukraine power grid attack where the communication of electricity companies was disrupted, cutting off electricity for ukrainians. At the time, most of Ukraines power infrastructure was built when it was part of the Soviet Union and had been upgraded with Russian parts. Nonetheless, this is a clear example of an attack that we can prevent in the future. How?

• Implement Zero trust/ Least privileged access- Nobody should have root user privileges or more privileges than they need on any surface.

• Upgrading and patching- keeping hardware and software systems up to date and patching potential vulnerabilities.

• Thinking like the opps- Pen testing our own critical infrastructure to find vulnerabilities.

Cyberterrorism is a growing field, as critical infrastructure becomes more reliant on networks, frameworks to protect them needs to be implemented. As well as safety measures and a bigger investment in cybersecurity.

A computer worm, that took down a nuclear program in Iran,

discovered in 2009 by security researchers. Not like normal malware, Stuxnet was a sophisticated weapon specifically designed to target a single, target: Iran's nuclear program.

Stuxnet didn't steal secrets or data or disrupt websites with excess traffic. Instead, it infiltrated the industrial control systems (ICS) managing Iran's uranium enrichment facilities. These facilities use centrifuges to spin uranium at incredibly high speeds, which is pretty much crucial for nuclear fuel production. Stuxnet, through a series of exploits, manipulated these centrifuges.

why?

The motivations behind the US and Israel's desire to take down Iran's nuclear program are complex.

The US and Israel have long been at odds with Iran's government, which they view as a sponsor of terrorism and a threat in the Middle East. A nuclear program was seen as further increasing to Iran's regional influence.

as well, the US and Israel are concerned about Iran's support for Hezbollah and Hamas, militant groups viewed as threats to their security. A nuclear program could increase the influence and power of these groups.

The US and Israel feared Iran's nuclear program could lead to the development of nuclear weapons. A nuclear-armed Iran was seen as a significant threat to regional stability.

how does stuxnet work?

Stuxnet is believed to have snuck into Iranian systems through various methods, possibly via infected USB drives inserted into control system computers.

Once inside, Stuxnet could move laterally across the network, infecting other vulnerable Windows machines like a digital disease. It also used rootkit techniques to hide its presence and avoid detection. the techniques it could’ve used include; altering directory structures or file attributes to hide malicious files from standard system tools used for browsing directories or identifying file types.

Stuxnet didn't target Iranian computers directly. Instead, it zeroed in on Programmable Logic Controllers (PLCs) through Siemens software. if no PLCs were found it would remain dormant. the industrial control system (ICS) brains managing uranium enrichment facilities. PLCs automate critical tasks, like controlling centrifuge speeds. The PLC’s would inform the controller that nothing was out of ordinary. Meaning nothing would be picked up on until it was too late.

Stuxnet was designed to be delivered via USB drive. The Natanz facility was air-gapped (not connected to the internet). A crucial component is the rootkit which hides malicious activity on a system. to install the rootkit, It employed digitally signed device drivers. These drivers are like software extensions that allow the operating system to communicate with hardware devices. The "digital signature" acts like a seal of authenticity, telling the system that the driver comes from a trusted source.

Stuxnet used private key certificates stolen from two Taiwanese device manufacturers. With these stolen certificates, Stuxnet could forge the digital signatures on its own malicious drivers, making them appear legitimate to the system.

Once the system accepted the forged signatures, Stuxnet could install its kernel-mode rootkit driver, giving it privileged access to the core of the system so it could manipulate the PLCs. Stuxnet exploited four zero-day bugs. that is a lot of zero-day exploits. Also, Stuxnet's target wasn't a typical computer. It needed to penetrate multiple layers of security to reach the PLCs. At least one was a Siemens vulnerability, and the rest were windows.

Typically, hackers keep zero-day exploits secret to use them again in future attacks. Stuxnet's creators seemingly disregarded this convention, sacrificing future potential for immediate success in this specific operation

Nuclear facilities

if you’re unsure how nuclear facilities work. a centrifuge is a cylindrical machine that spins at very high speeds. Inside the centrifuge, uranium hexafluoride (UF6), a gas form of uranium, is fed into the machine.

As the centrifuge spins , the heavier U-238 atoms are forced slightly outward due to centrifugal force, this is the force that pushes outwards due to rotation. The lighter U-235 atoms are less affected and tend to concentrate more towards the centre.

The slightly enriched uranium gas from the centrifuge is then fed to another centrifuge for further enrichment. This process is repeated in a series of linked centrifuges, called a cascade, which will increase the concentration of uranium resulting in U-235. which is required for an explosion.

so we know by controlling the speed of the centrifuges, the output of uranium can be controlled.

centrifuge speed won’t directly effect the weapon. The weapon design relies on the fissile properties of the enriched uranium, not the speed at which it was enriched. Once you have the enriched uranium, the speed at which it was created in the centrifuge is irrelevant to the weapon's function.

why target the nuclear facility directly?

it could’ve been sent as a message to Iran about the consequences of pursuing a nuclear weapons program.

A crippled nuclear program could have strengthened the US and Israel's hand in negotiations with Iran. This could have pressured Iran to accept limitations on its enrichment activities or abandon the program altogether.

discovery and aftermath

The first sign came from international inspectors. The International Atomic Energy Agency (IAEA) routinely visits Iran's Natanz facility to ensure peaceful use of nuclear materials. During a visit, inspectors noticed an alarming trend: a surge in damaged centrifuges.

Normally, wear and tear takes around 800 centrifuges out of commission per year at a facility like Natanz. But in 2010, the IAEA found nearly 2,000 malfunctioning machines – a massive, unexplained jump. One analyst estimated it set the program back two years.

Eventually, Stuxnet was discovered because it escaped the nuclear facility. An office in Iran was experiencing reboots and weird blue screens, even after new OS installs. The security expert at the office contacted Sergey Ulasen, who worked for an anti-virus vendor. After isolating the malware, he realised how many zero-days it was exploiting.

These bugs have since been patched and it is unlikely for your operating system to be vulnerable to Stuxnet. Developers release patches when they release software updates.

Stuxnet was the first piece of intrusive computer code to be widely recognised, especially as part of politcal conflict. bringing us foward into a world, where cyber warfare becomes more important.

Maybe if you were using a Windows Operating system in 2017, you might of heard of a strain of ransomware that effected 150 countries, took hold of hundreds of thousands of computers and cyber infrastructure systems.

what is WannaCry? and where did it come from?

what is ransomware?

Ransomware is essentially like someone breaking into your house and locking you out. They keep you from all your valuables and necessities. They’ll let you back in if you pay a ransom, let’s say they demand $1000, you could just not pay it and focus on breaking back into your house. but let’s say it takes ten days to break back into your house. Where are you going to stay and eat while they control your house? A nearby hotel costs $200 a night to stay, it’s going to cost you double to not pay the ransom.

Ransomware can infect through various methods; phishing emails, and exploiting software vulnerabilities. Wannacry infected Windows operating systems through a Server Message Block vulnerability known as EternalBlue.

Once the ransomware infects your system, it uses encryption to scramble your files. This encryption process essentially turns your data into gibberish, making it inaccessible.

After encryption, you'll be presented with a message informing you that your files are locked and demanding a ransom payment, typically in cryptocurrency like Bitcoin, to regain access. The ransom amount can vary depending on the attacker and the perceived value of your data.

Ransomware attacks often employ scare tactics. The message might display a countdown timer, pressuring you to pay before your files are permanently deleted.

how was wannacry ransomware spread?

Wannacry was spread through an exploit rather than phishing emails. This exploit was called Eternalblue, This exploit, developed by the US National Security Agency (NSA), when it should’ve been reported to the infosec community. Then later leaked by a hacking group, targeted a flaw in Microsoft Windows' Server Message Block (SMB) protocol.

SMB is a file-sharing protocol commonly used on Windows networks. EternalBlue exploited a weakness in how SMB handled communication requests, allowing attackers remote access to vulnerable systems.

Microsoft had already released a security patch to fix the EternalBlue vulnerability months before the WannaCry attack. However, many users and organizations hadn't installed the patch, leaving their systems open to be exploited.

EternalBlue provided the entry point, and WannaCry, upon infecting a system, scanned the network for other vulnerable machines using the same exploit, essentially propagating itself further. kind of functioning like a computer worm.

The combination of EternalBlue's widespread presence in unpatched systems and WannaCry's worm-like behavior created a domino effect. One infected machine could quickly infect others within the same network, leading to the rapid global spread.

WHo created wannacry?

Wannacry is believed to have been developed in North Korea by the Lazurus Group.There is similar coding techniques used in WannaCry and other malware linked to North Korean hacking groups. While there is some evidence, we don’t have absolute proof.

Attributing cyberattacks can be complex. Hackers often use techniques to mask their location and identity, making it difficult to pinpoint the exact source.

The exact motives behind WannaCry are also not entirely clear. Was it a financial attack targeting ransom payments, or was it an attempt to disrupt critical infrastructure?

does wannacry still exist?

Variants of WannaCry have emerged since the initial attack, but these might be copycat attempts or modifications by other criminals. Wannacry isn’t really a significant threat anymore.

a ‘kill switch’ was discovered by a researcher named Marcus Hutchins. Hutchins noticed that the WannaCry code contained a function that checked for a specific domain name before proceeding with encryption. This domain name – a string of characters – didn't appear to be linked to any known malicious infrastructure.

for $10.96 Hutchins registered the domain name. Once Hutchins registered the domain, the behavior of WannaCry changed. The malware would check for the domain and, upon finding it active, wouldn't initiate the encryption process. This essentially functioned as a kill switch, halting the spread of WannaCry.

While Hutchins is hailed as a hero for his role in stopping WannaCry, he was later arrested on unrelated charges of creating and distributing malware.

why is wannacry significant?

Wannacry pretty much put ransomware on the map. It showed attackers the potential financial gain of this tactic, leading to a surge in ransomware attacks in the following years.

WannaCry wasn't a targeted attack; it infected hundreds of thousands of computers in over 150 countries. This massive scale highlighted the interconnectedness of the digital world and the potential for cyberattacks to have a widespread impact.

The attack exploited a known vulnerability (EternalBlue) in Microsoft Windows that had already been patched. This underscored the crucial role of keeping software up to date with security updates to address vulnerabilities and avoid becoming an easy target.

While the original WannaCry isn't a major threat for patched systems, it serves as a reminder of the ever-present danger of ransomware and the need for continuous improvement in cybersecurity measures to defend against evolving cyber threats.

Nuclear weapons are possibly some of the most dangerous warfare instruments created. There is no weapon more destructive than nuclear weapons. We really have no control over the impact of a nuclear weapon once it is detonated. In a densley populated area such as a city or town it would kill thousands instantly, others would die from radiation exposure, their children would experience birth defects.

Why is Nuclear warfare relevant to Cybersecurity?

On the 6th of August 1945, the first-ever Nuclear bomb dropped was on Hiroshima, Japan. The US chose Hiroshima based on the two psychological objectives they had put forward. First, to scare the Japanese, so they would surrender. Second, to ensure the world knew and feared America’s destructive weapons. The US was expecting to develop an even more destructive Hydrogen ‘H’ bomb in a few years, which meant any war in the future would likely be devastating.

In May 1945, Germany had already surrendered, but Japan was yet to surrender. They were both part of the axis powers along with Italy. Japan continued fighting for several reasons. One, Bushido code which was a rigid code of honor and loyalty deeply ingrained in Japanese society, a refusal to surrender. This warrior ethos, combined with a belief in the divine nature of the Emperor, made surrender unthinkable. One of the second reasons was Japanese feared the consequences of an Allied occupation, including the loss of national sovereignty and the Emperor's position. At the time, japan’s military also held significant power and they believed they could defeat the US.

Hiroshima was also a significant military and industrial center, housing a large army headquarters and several wartime factories. Its selection was based on its military importance. Meteorological conditions were also important for visual bombing, allowing for accurate targeting and photographic documentation of the bomb's effects. Hiroshima met these criteria.

On the 9th of august 1945, the US chose Nagasaki as its second bomb site. The original target for the second bomb was Kokura, but cloud cover prevented the bomber from accurately targeting the city. Nagasaki was the secondary target and had clear weather conditions. Nagasaki, like Hiroshima, had largely escaped the intense firebombing campaigns that had devastated other Japanese cities. This allowed for a clear assessment of the atomic bomb's destructive power.

It wasn’t long before the Soviet Union, with their own spies stole the US secrets and developed their own bomb in 1949. The ‘Tsar Bomba’ was the largest Nuclear weapon ever dropped. On the 30th of October 1961 the weapon was dropped over Mityushikha Bay on the island of Novaya Zemlya in the Arctic ocean. The sheer scale of the Tsar Bomba was massive. It was so large that a modified Tu-95 bomber had to be used to deliver it. When detonated over the remote Novaya Zemlya archipelago, the fireball was visible from hundreds of kilometers away, and the mushroom cloud reached a height of 60 kilometers.

how is nuclear warfare relevant to cyberwarfare?

The intersection of nuclear weapons and cybersecurity is becoming increasingly important in the 21st century. For example the effects of Stuxnet on Iran’s nuclear facility, we have known for years that being a nuclear power gives countries a massive advantage over others, and power can be taken through cyberwarfare by taking control of nuclear facilities.

we need to remember that nuclear weapons were developed well before complex computing infrastructure was relevant. Today nuclear weapons rely on Command and Control systems (C2) which can be hacked. There are several risks associated with this, cyber attacks on nuclear systems can result in escalation and the use of these cyber weapons. Russia and the US, the two biggest nuclear powers, are also two of the biggest sponsors of state hackers.

C2 systems have several components that are at risk. They detect incoming missile launches and provide warnings to command centres. The United States Nuclear Command and Control system (NCCS), has to be able to transport data while being able to withstand physical and cyber attacks, and is also a high value target for cyber attacks. C2 systems are at risk to several attacks, DDoS (distributed denial of service) where servers are overloaded with traffic. MiTM (man in the middle) attacks where communication between systems can be intercepted, which can also result in spoofing or false positives, where incorrect information can be relayed. Data exfiltration where data such as launch codes targeting information, or operational plans can be stolen through C2 systems.

Launch facilities are generally pretty fortified locations, but can be at risk of several cyber attacks. Malware such as Stuxnet or computer worms that can be spread from computer to computer without internet access. Cyber-physical damage, where software systems that control hardware are hacked to damage nuclear infrastructure. Attackers can also create false positives/flags leading the impression of a threat that needs to be defended against, leading to unintended escalation.

what cybersecurity practices should you implement to protect your nuclear infrastructure?

Network security

• isolation- Keep nuclear command and control systems isolated from the public internet to minimize exposure.

• air gapping- Physically disconnect critical systems from networks where possible.

• network segmentation- Divide networks into smaller segments to limit the impact of potential breaches.

• IDS/IPS- Implement robust IDPS solutions to detect and prevent unauthorized access.

• firewalls- Employ advanced firewalls to filter incoming and outgoing network traffic.

Personnel

• Security awareness training/ background checks

• RBAC- role based access control, limit access to sensitive information

• Least privileged access

system and data protection

• access controls- Implement strict access controls, including multi-factor authentication and role-based access.

• data encryption- Encrypt sensitive data both at rest and in transit.

• software updates- Keep operating systems and applications up-to-date with the latest security patches.

• Back ups- Regularly back up critical data and systems to enable rapid recovery in case of a cyberattack.

• incident response plan- Develop and test a comprehensive incident response plan to address cyber incidents effectively.

Nuclear frAMEWORK

The United States doesn’t have an exact cybersecurity standard for protecting nuclear weapons however they do have a compliance standard where controls can be implemented

Nuclear Sector: Cybersecurity Framework Implementation Guidance (cisa.gov)

This framework is very integrated with C2 (command and control) and implements controls from the NIST (National Institute of Information Technology) framework. Becuase of how Nuclear warfare and Cyber warfare are intersected we end up with significant overlaps, the main difference is Nuclear warfare has a more critical element to its operations, as nuclear risks are more devastating to its environment.

As nuclear infrastructure becomes more complex, and countries are still heavily reliant on this infrastructure, there is no room for error. Nuclear systems are also one of the US’s most secure security systems. Since the 9/11 attacks, America has heavily focused on implementing robust cyber infrastructure. NIST and Nuclear Sector have key similarities. They both focus on a risk based approach, where they focus on identifying, assessing and managing cyber risks. A focus on a holistic life cycle approach, where the entire life cycle of assets is considered and the security of each asset no matter if their being developed or decommissioned.

Both Frameworks focus on continuous updating, based on new threat intelligence, evolution of threats and technology. Continuous evaluation is crucial as war no matter what state, physical, psychological, cyber, nuclear, is ever evolving and you can never be completely safe.

An important note about Cyber and Nuclear weapon infrastructure is that the vendors are mostly privatised, and this can result in a mostly ungoverned system and an increase of vulnerabilities. Companies like Lockheed Martin have been victims of cyber breaches over the past few years. Attacks on the private sector can result in the exfiltration of data that is classified and critical to nuclear infrastructure . Governments are still debating how much to invest and what level of effort should be put into managing cybersecurity infrastructure regarding nuclear weapons.

Even through significant funds have been invested into developing security technology to protect nuclear systems, they seem to suffer from the same vulnerabilities and design bugs, we see in day to day software and operating systems. World leaders want to be assured of two things; Nuclear weapons can be detonated at any point, and will not fail. Two, security, nuclear weapons will not be detonated by people unathorised to detonate them.

pdf-146469-72419 (cybersecurityandlaw.com)

United-Kingdom-Government-Chatham-House-Research.pdf (gwu.edu)

how does nuclear fission work?

Nuclear weapons get their explosive force either through fission or fission and fusion reactions. Creating a either a fission bomb or a thermonuclear ‘hydrogen’ bomb. The first fission bomb test produced the equivalent of 20,000 ton of TNT, the first thermonuclear bomb test produced the equivalent of 10,000,000 tons of TNT.

Nuclear fission is essentially when an atom's nucleus splits into two or more smaller nuclei, releasing a ton of energy in the process, usually a neutron is shot at a nucleus and absorbed which causes instability and a fission reaction. This energy is what powers nuclear reactors and atomic bombs.

Nuclear fission begin when a neutron collides with the particle of a heavy atom, Uranium is the heaviest naturally occurring element that’s abundant. The nucleus of an atom splits into two or more nuclei. In a nuclear context a neutron is absorbed by a Uranium 235 nucleaus and will briefly turn into a uranium 236 as the neutron is absorbed. The fission process will release excess neutrons which will trigger a chain reaction with heavier atoms.

Many nuclear facilities exist to enrich uranium. Uranium comes in three different isotopes , 238 is the most common isotope found in the earths crust, however 235 is much easier to split apart during a fission reaction and about 90% U-235 is needed to power a nuclear weapon. It’s important to remember that explosiveness isn’t inherent to just the isotope itself, but its ability to sustain a chain reaction. The difference between the isotopes is that U-235 has three fewer neurons than U-238, about 0.7% of naturally occurring uranium is U-235.

Nuclear Uranium facilities exist to enrich uranium. To enrich uranium most facilities will use the gas centrifuge method where uranium oxide concentrate is converted to its gas form at low temperatures called Uranium Hexorfloride (UF6). The enrichment process separates the enriched uranium through isotope separation. Isotope separation is achieved by spinning the gas at high speeds in the centrifuges so the heavier isotopes accumulate near the edges while the lighter ones are concentrated in the centre. This separates the uranium into two streams the depleted uranium known as ‘tails’ with very little U-235 and the enriched uranium that can be used in nuclear weapons.

The enriched uranium is then turned into a metallic form where it can be shaped into a sphere or cylinder to go inside a nuclear weapon. The uranium core will be placed around its other components that go inside the nuclear weapon. The components that go inside the weapon will be; the fissile material (metallic uranium or plutonium) which undergoes fission to release energy. the explosive lens which is a specialized shaped charge, that controls the shape of the detonation wave, kind of similar to an optical lense.A Neutron initiator to kick start the process is placed in the centre of the uranium core, it releases a burst of neutrons on activation. The neutron initiator is one of the key elements in a nuclear explosive, if the chain reaction begins too soon (predetonation) the result is called a fizzle, the bomb will still detonate but the explosion will be a lot smaller than expected.

The tamper isn’t always present in nuclear weapons, but it surrounds the core and reduce the critical mass of the core. So when thermal expansion occurs from the chain reaction from nuclear fission, the tamper delays that expansion and reflects neutrons which keeps the mass of the core supercritical longer. In modern nuclear weapons, chemical explosives will detonate around the core of the weapon, this blast occurs around the core to direct the force as inwardly as possible, bringing the atoms closer together, once it is dense enough to reach critical mass the neutrons are injected, which begins the fission reaction.

cold war and the arms race

The Cold War, a period of tension between the United States and the Soviet Union, was marked by an arms race. At its core was the development and increasing the numbers of nuclear weapons, creating a world that potentially could be annihilated .

The cold war was a clash of two main different ideas, communism vs capitalism. The idea was almost that the strongest country in a warfare context would also be the most correct country in terms of ideologies. This lead to the development of more nuclear weapons, today we have significantly fewer nuclear weapons than in the 1980s from about 70,000 back then to around 15,000 today all together.

The United States and the Soviet Union never fought directly against each other, however they fought in proxy wars such as Afganistan, Korea, and Vietnam. No nuclear bombs were dropped on countries during the cold war, however up until 1963 multiple nuclear weapon tests were performed, causing wide spread environmental contamination.

intersecting the nuclear and cyber worlds

The domains of nuclear warfare and cybersecurity might seem worlds apart, but they are increasingly intersected as nuclear warfare becomes more dependant on cyber infrastructure. A decent understanding of nuclear warfare is essential in cybersecurity and cyberwarfare, particularly in the protection of critical infrastructure and national security systems. essentially a comprehensive understanding of nuclear warfare is important in this field.