The Big Hack’s Nuclear Implications: No Confidence in Essential Systems

If you’ve been distracted over the last couple of weeks by
the tempo of the news cycle in Washington, you may have missed two important
reports that together are likely to cause some sleepless nights:

• NTI’s report: Nuclear
  Weapons in the New Cyber Age
• Bloomberg’s investigation: The
  Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies

One outlines the cyber threat to nuclear weapons and all of the
related systems such as command and control, warning, and delivery. The second
tells the story of an intentional, state-sponsored effort to control computer hardware
used throughout the United States, in both corporate and intelligence systems.
Both reports point to the growing, urgent need for policy options designed to reduce
risks to our digital systems to avoid potentially catastrophic results of a
cyber hack.

Cyberattacks on
Nuclear Weapons Systems

Although it is nearly impossible to have 100% confidence in
the security of a digital system, and even well-secured nuclear weapons systems
are not immune from cyberattacks, NTI’s report provides a set of
recommendations for reducing the risk of cyberattacks on nuclear weapons and
related systems and outlines four specific cyberattack scenarios:

• An attack on early warning
  systems that provide false indications of a nuclear attack during a crisis
• Disruption of communications between
  officials, operators, and nuclear systems and/or international counterparts in
  a potential crisis
• Introduction of a
  flaw or malevolent code into nuclear weapons through the supply chain or
  otherwise in a way that could compromise the effectiveness of those weapons
• Achieving
  unauthorized control of a nuclear weapon through cyber-assisted theft and/or
  defeating of security devices.

There’s no question that the job of securing nuclear systems
is getting more difficult. Cyberattacks are becoming increasingly sophisticated
and levels of digitization are growing (for example, as will undoubtedly occur
during the upcoming modernization
of the U.S. nuclear arsenal). Taken together, this is a dangerous mix and
governments and industry must act to address the threat.

Supply Chain Attacks

The Bloomberg report details how China reportedly used a
hardware hack to infiltrate U.S. companies’ computer systems, including some
used for intelligence purposes. Specifically, it details how Chinese
manufacturers of chips used in specialty video processing servers were
approached by people who, through a combination of bribes and/or strong-arm
tactics, modified tiny chips in a way that was extremely difficult to detect
but which gave the China the ability to remotely take over the microprocessor.
If this turns out to be true (note that the U.S. companies involved are strongly
denying
the report), this would be one of the most serious computer security breaches
in history with enormous implications for national security, as well as the
economy.

What can be done?

There are no easy answers.

Driven by a desire to lower costs, most chip production is now
done overseas. Any attempt to bring it back to the U.S. would have enormous cost
implications and would likely take years to achieve. There do exist “secure
foundries” that make some of the key chips in military systems, but
even in those military systems, most of the chips are commercially-available
commodity products that draw on global supply chains.

This example of what appears to be a supply-chain breach of
historic proportions serves to reinforce one of the NTI report’s underlying
assumptions, namely that: “Although
technical cybersecurity measures are critically important and should be pursued…
we must operate under the assumption that… nuclear weapons systems, may already
be compromised.”

As a result, governments must aggressively explore technical
and policy options that incorporate this aspect of the cybersecurity threat,
understanding that it is impossible to have full confidence in the information
our digital systems provide or transmit and indeed, adversaries already may be
able to observe or, worse, sabotage our data. In the case of high-consequence
systems, all policy and technical options to reduce risks must be explored, including
the possibility of using non-digital,
non-hackable systems.