Tweet
A great Stuxnet point from Lee Smith:
The atomic age isn’t exactly over, but it seems we may have entered a new phase of it. In the age of cyberwarfare, what does it mean to have a nuclear weapon if someone else may own your command and control systems – and you may not even know that they do? If the Iranians do manage to build a bomb, can they now risk embarrassment, not to say a nuclear catastrophe, by testing it? And even if they test it successfully, what’s its strategic worth if they don’t know whether or not they can actually use it? Even concepts like nuclear deterrence will have to be reviewed. The relative stability of the Cold War was a function of clarity: Deterrence is a strategy premised on clear red-lines, warnings and threats. Cyberwarfare is precisely the opposite, where no one has to own anything and there is little, if any, accountability.
Of course, there were Cold War debates about how stable the Soviets’ command-and-control systems actually were, so this isn’t exactly a new problem for deterrence theory. But it still highlights the unpredictability that (possible/hypothetical/real) cyberwar means for nuclear powers, especially as we consider that the cyber-efforts of various actors that they may consider short of war could still have the most profound implications for control of the world’s deadliest weapons.
3 Comments
Support this site!
Subscribe to the newsletter
Advertise on Firedoglake
Send
us your tips
Make us your homepage
About ATTACKERMAN
RSS/XML Feed
Even here, we have a security concept called the “air gap”. An air gap is just that – no connection between a highly secure network and the internet. Entirely self contained, there is simply no path in that is not mediated by by network security and software professionals.
What just happened here is the players tipped their hand about a year or two too early. Now, the Iranians just air-gap their critical systems. Sure, it slows them down a little, but it allows them to control at the lowest levels who has access.
mikey
What’s equally odd is that while the “air gap” is acknowledged as one way to secure private and public secure networks, the Federal government is planning on spending billions to “secure” the networks of Federal Agencies. More money for the contractors (including Israeli-owned and controlled cybersecurity hardware and software developers, and security integrators) with very little to show in terms of reduced risk or benefit to Federal Agencies.
Also, all it takes is one “weaponized” USB device, inserted on a secure network, and the air gap is breached. The stuxnet worm was allegedly inserted into the secure facility by just such a delivery device.
There are several potential problems such as someone else controlling your command & control systems to start or prevent you from starting any missiles. When and where a missile should go is essential, but if someone else is doing the targeting then you would get the blame for their choices.
Someone who wanted to start a war, but do it with a ‘false flag’ could have your missiles flying to a target and only your country would be considered guilty. The real perpetrator(s) would ‘win’.
If someone wanted to attack you and you didn’t control your missiles, then it’s possible you would be a sitting target and wiped off the map before you even realized you had no control to begin a counter-attack.
Having a weapon makes you ‘guilty’, but not having control makes you ‘stupid and guilty’.
The only thing perhaps even worse would be for a faction within a country to gain control over nukes, start a war and lead your country into war when it is clearly not in your nation’s interest. Then you would be ‘guilty, stupid and dead’.
None of these scenarios is good.
The only one which might be good would be for pacifists to control and turn off nuclear missile systems. But, even that could be risky if that country’s enemies saw it as an opportunity.
It’s just plain risky to mess with the “mother nature” of the way things are and have to be.