On September 19, the Valdai Discussion Club hosted a presentation of the Valdai Paper titled “Nuclear Weapons in the Cyber Age: New Challenges for Security, Strategy and Stability.”
Andrew Futter, Senior Lecturer in International Politics, Department of Politics and International Relations, University of Leicester began the presentation by looking at the word “cyber” and its implications in different states.
Futter noted that in Anglo-Saxon societies, the word has implications of “anything bad that involves a computer,” and that NATO countries view cyberspace as a separate domain for warfare, while countries such as Russia and China view the matter more broadly.
Discussing nuclear weapons management, Futter outlined two chief problems for nuclear weapon safety, system complexity and new means of attack. The more complex systems, Futter noted, lead to greater risks, especially when they are digitized through modernization.
He also noted that modernization of nuclear systems opens up new ways of attack, which can be used by both state actors and terrorists. Futter said that terrorists would be more likely to use enabling attacks, to launch missiles, while states would prefer disabling attacks to prevent the other state from launching missiles.
Futter also noted that the new cyber-threat leads to new issues of when a cyber-attack should lead to physical retaliation, as well as discussed the issue of escalation prevention mechanisms. One major threat of cyber-attacks against nuclear systems could be that states would be pressured to “use or lose” their nuclear arsenals, an issue of particular concern in the case of India and Pakistan.
By itself, a nuclear arsenal acts as a deterrent against cyber-attacks, Futter added, but issues with attribution could exacerbate the situation, particularly if terrorists launch cyber-attacks on nuclear infrastructure that could mistakenly be attributed to another state.
Andrey Sushentsov, Programme director of the Valdai Discussion Club Foundation noted that the issue of cybersecurity is particularly topical as of late, following hacker attacks against political organizations in the United States and a general atmosphere of distrust.
Oleg Demidov, a cybersecurity strategy consultant at the PIR Center, said that all cyberattacks remain physical and logical, and the two cannot be separated from each other, with the exception of purely physical radioelectronic warfare.
He also said that unlike nuclear attacks, which take as much as 30 minutes from launch to impact, cyberattacks take milliseconds to take effect. Demidov confirmed that an attribution issue remains with cyber-warfare, as it is much less clear, who could be responsible.
According to Demidov, the most crucial element of cyberattacks in the balance of power is the threshold of retribution, as the key elements in NATO doctrine are human casualties or massive damage to infrastructure. While massive casualties are not defined, the term could mean such elements as critical communications infrastructure, he added.
During the question and answer session, the issue of using old technology for cyberattack prevention was discussed, as well as whether the modernization of nuclear weapons systems is a bad thing. Futter noted that the safest way to control a nuclear arsenal would be through the use of a nuclear triad, as in the case of Russia and the US, although achieving the triad also poses proliferation issues, as other states may also seek to acquire more nuclear weapons and delivery systems.
The issue of India and Pakistan’s nuclear weapons was discussed in detail, as the countries had the most risk-prone nuclear weapons systems. In the case of India, the country used third-party components for its nuclear weapons system, which could make it open to hacking, particularly when it comes to components acquired from China.