nuclear warfare in cybersecurity
Nuclear weapons are possibly some of the most dangerous warfare instruments created. There is no weapon more destructive than nuclear weapons. We really have no control over the impact of a nuclear weapon once it is detonated. In a densley populated area such as a city or town it would kill thousands instantly, others would die from radiation exposure, their children would experience birth defects.
Why is Nuclear warfare relevant to Cybersecurity?
red= nuclear powers
On the 6th of August 1945, the first-ever Nuclear bomb dropped was on Hiroshima, Japan. The US chose Hiroshima based on the two psychological objectives they had put forward. First, to scare the Japanese, so they would surrender. Second, to ensure the world knew and feared America’s destructive weapons. The US was expecting to develop an even more destructive Hydrogen ‘H’ bomb in a few years, which meant any war in the future would likely be devastating.
In May 1945, Germany had already surrendered, but Japan was yet to surrender. They were both part of the axis powers along with Italy. Japan continued fighting for several reasons. One, Bushido code which was a rigid code of honor and loyalty deeply ingrained in Japanese society, a refusal to surrender. This warrior ethos, combined with a belief in the divine nature of the Emperor, made surrender unthinkable. One of the second reasons was Japanese feared the consequences of an Allied occupation, including the loss of national sovereignty and the Emperor's position. At the time, japan’s military also held significant power and they believed they could defeat the US.
Hiroshima was also a significant military and industrial center, housing a large army headquarters and several wartime factories. Its selection was based on its military importance. Meteorological conditions were also important for visual bombing, allowing for accurate targeting and photographic documentation of the bomb's effects. Hiroshima met these criteria.
On the 9th of august 1945, the US chose Nagasaki as its second bomb site. The original target for the second bomb was Kokura, but cloud cover prevented the bomber from accurately targeting the city. Nagasaki was the secondary target and had clear weather conditions. Nagasaki, like Hiroshima, had largely escaped the intense firebombing campaigns that had devastated other Japanese cities. This allowed for a clear assessment of the atomic bomb's destructive power.
It wasn’t long before the Soviet Union, with their own spies stole the US secrets and developed their own bomb in 1949. The ‘Tsar Bomba’ was the largest Nuclear weapon ever dropped. On the 30th of October 1961 the weapon was dropped over Mityushikha Bay on the island of Novaya Zemlya in the Arctic ocean. The sheer scale of the Tsar Bomba was massive. It was so large that a modified Tu-95 bomber had to be used to deliver it. When detonated over the remote Novaya Zemlya archipelago, the fireball was visible from hundreds of kilometers away, and the mushroom cloud reached a height of 60 kilometers.
Tsar Bomba, Nuclear Museum
how is nuclear warfare relevant to cyberwarfare?
The intersection of nuclear weapons and cybersecurity is becoming increasingly important in the 21st century. For example the effects of Stuxnet on Iran’s nuclear facility, we have known for years that being a nuclear power gives countries a massive advantage over others, and power can be taken through cyberwarfare by taking control of nuclear facilities.
we need to remember that nuclear weapons were developed well before complex computing infrastructure was relevant. Today nuclear weapons rely on Command and Control systems (C2) which can be hacked. There are several risks associated with this, cyber attacks on nuclear systems can result in escalation and the use of these cyber weapons. Russia and the US, the two biggest nuclear powers, are also two of the biggest sponsors of state hackers.
C2 systems have several components that are at risk. They detect incoming missile launches and provide warnings to command centres. The United States Nuclear Command and Control system (NCCS), has to be able to transport data while being able to withstand physical and cyber attacks, and is also a high value target for cyber attacks. C2 systems are at risk to several attacks, DDoS (distributed denial of service) where servers are overloaded with traffic. MiTM (man in the middle) attacks where communication between systems can be intercepted, which can also result in spoofing or false positives, where incorrect information can be relayed. Data exfiltration where data such as launch codes targeting information, or operational plans can be stolen through C2 systems.
Launch facilities are generally pretty fortified locations, but can be at risk of several cyber attacks. Malware such as Stuxnet or computer worms that can be spread from computer to computer without internet access. Cyber-physical damage, where software systems that control hardware are hacked to damage nuclear infrastructure. Attackers can also create false positives/flags leading the impression of a threat that needs to be defended against, leading to unintended escalation.
what cybersecurity practices should you implement to protect your nuclear infrastructure?
Network security
isolation- Keep nuclear command and control systems isolated from the public internet to minimize exposure.
air gapping- Physically disconnect critical systems from networks where possible.
network segmentation- Divide networks into smaller segments to limit the impact of potential breaches.
IDS/IPS- Implement robust IDPS solutions to detect and prevent unauthorized access.
firewalls- Employ advanced firewalls to filter incoming and outgoing network traffic.
Personnel
Security awareness training/ background checks
RBAC- role based access control, limit access to sensitive information
Least privileged access
system and data protection
access controls- Implement strict access controls, including multi-factor authentication and role-based access.
data encryption- Encrypt sensitive data both at rest and in transit.
software updates- Keep operating systems and applications up-to-date with the latest security patches.
Back ups- Regularly back up critical data and systems to enable rapid recovery in case of a cyberattack.
incident response plan- Develop and test a comprehensive incident response plan to address cyber incidents effectively.
Nuclear frAMEWORK
The United States doesn’t have an exact cybersecurity standard for protecting nuclear weapons however they do have a compliance standard where controls can be implemented
Nuclear Sector: Cybersecurity Framework Implementation Guidance (cisa.gov)
This framework is very integrated with C2 (command and control) and implements controls from the NIST (National Institute of Information Technology) framework. Becuase of how Nuclear warfare and Cyber warfare are intersected we end up with significant overlaps, the main difference is Nuclear warfare has a more critical element to its operations, as nuclear risks are more devastating to its environment.
As nuclear infrastructure becomes more complex, and countries are still heavily reliant on this infrastructure, there is no room for error. Nuclear systems are also one of the US’s most secure security systems. Since the 9/11 attacks, America has heavily focused on implementing robust cyber infrastructure. NIST and Nuclear Sector have key similarities. They both focus on a risk based approach, where they focus on identifying, assessing and managing cyber risks. A focus on a holistic life cycle approach, where the entire life cycle of assets is considered and the security of each asset no matter if their being developed or decommissioned.
Both Frameworks focus on continuous updating, based on new threat intelligence, evolution of threats and technology. Continuous evaluation is crucial as war no matter what state, physical, psychological, cyber, nuclear, is ever evolving and you can never be completely safe.
An important note about Cyber and Nuclear weapon infrastructure is that the vendors are mostly privatised, and this can result in a mostly ungoverned system and an increase of vulnerabilities. Companies like Lockheed Martin have been victims of cyber breaches over the past few years. Attacks on the private sector can result in the exfiltration of data that is classified and critical to nuclear infrastructure . Governments are still debating how much to invest and what level of effort should be put into managing cybersecurity infrastructure regarding nuclear weapons.
Even through significant funds have been invested into developing security technology to protect nuclear systems, they seem to suffer from the same vulnerabilities and design bugs, we see in day to day software and operating systems. World leaders want to be assured of two things; Nuclear weapons can be detonated at any point, and will not fail. Two, security, nuclear weapons will not be detonated by people unathorised to detonate them.
pdf-146469-72419 (cybersecurityandlaw.com)
United-Kingdom-Government-Chatham-House-Research.pdf (gwu.edu)
how does nuclear fission work?
Nuclear weapons get their explosive force either through fission or fission and fusion reactions. Creating a either a fission bomb or a thermonuclear ‘hydrogen’ bomb. The first fission bomb test produced the equivalent of 20,000 ton of TNT, the first thermonuclear bomb test produced the equivalent of 10,000,000 tons of TNT.
Nuclear fission is essentially when an atom's nucleus splits into two or more smaller nuclei, releasing a ton of energy in the process, usually a neutron is shot at a nucleus and absorbed which causes instability and a fission reaction. This energy is what powers nuclear reactors and atomic bombs.
Nuclear fission begin when a neutron collides with the particle of a heavy atom, Uranium is the heaviest naturally occurring element that’s abundant. The nucleus of an atom splits into two or more nuclei. In a nuclear context a neutron is absorbed by a Uranium 235 nucleaus and will briefly turn into a uranium 236 as the neutron is absorbed. The fission process will release excess neutrons which will trigger a chain reaction with heavier atoms.
Many nuclear facilities exist to enrich uranium. Uranium comes in three different isotopes , 238 is the most common isotope found in the earths crust, however 235 is much easier to split apart during a fission reaction and about 90% U-235 is needed to power a nuclear weapon. It’s important to remember that explosiveness isn’t inherent to just the isotope itself, but its ability to sustain a chain reaction. The difference between the isotopes is that U-235 has three fewer neurons than U-238, about 0.7% of naturally occurring uranium is U-235.
Nuclear Uranium facilities exist to enrich uranium. To enrich uranium most facilities will use the gas centrifuge method where uranium oxide concentrate is converted to its gas form at low temperatures called Uranium Hexorfloride (UF6). The enrichment process separates the enriched uranium through isotope separation. Isotope separation is achieved by spinning the gas at high speeds in the centrifuges so the heavier isotopes accumulate near the edges while the lighter ones are concentrated in the centre. This separates the uranium into two streams the depleted uranium known as ‘tails’ with very little U-235 and the enriched uranium that can be used in nuclear weapons.
The enriched uranium is then turned into a metallic form where it can be shaped into a sphere or cylinder to go inside a nuclear weapon. The uranium core will be placed around its other components that go inside the nuclear weapon. The components that go inside the weapon will be; the fissile material (metallic uranium or plutonium) which undergoes fission to release energy. the explosive lens which is a specialized shaped charge, that controls the shape of the detonation wave, kind of similar to an optical lense.A Neutron initiator to kick start the process is placed in the centre of the uranium core, it releases a burst of neutrons on activation. The neutron initiator is one of the key elements in a nuclear explosive, if the chain reaction begins too soon (predetonation) the result is called a fizzle, the bomb will still detonate but the explosion will be a lot smaller than expected.
The tamper isn’t always present in nuclear weapons, but it surrounds the core and reduce the critical mass of the core. So when thermal expansion occurs from the chain reaction from nuclear fission, the tamper delays that expansion and reflects neutrons which keeps the mass of the core supercritical longer. In modern nuclear weapons, chemical explosives will detonate around the core of the weapon, this blast occurs around the core to direct the force as inwardly as possible, bringing the atoms closer together, once it is dense enough to reach critical mass the neutrons are injected, which begins the fission reaction.
cold war and the arms race
The Cold War, a period of tension between the United States and the Soviet Union, was marked by an arms race. At its core was the development and increasing the numbers of nuclear weapons, creating a world that potentially could be annihilated .
The cold war was a clash of two main different ideas, communism vs capitalism. The idea was almost that the strongest country in a warfare context would also be the most correct country in terms of ideologies. This lead to the development of more nuclear weapons, today we have significantly fewer nuclear weapons than in the 1980s from about 70,000 back then to around 15,000 today all together.
The United States and the Soviet Union never fought directly against each other, however they fought in proxy wars such as Afganistan, Korea, and Vietnam. No nuclear bombs were dropped on countries during the cold war, however up until 1963 multiple nuclear weapon tests were performed, causing wide spread environmental contamination.
intersecting the nuclear and cyber worlds
The domains of nuclear warfare and cybersecurity might seem worlds apart, but they are increasingly intersected as nuclear warfare becomes more dependant on cyber infrastructure. A decent understanding of nuclear warfare is essential in cybersecurity and cyberwarfare, particularly in the protection of critical infrastructure and national security systems. essentially a comprehensive understanding of nuclear warfare is important in this field.