Cyber Vulnerabilities of Nuclear Weapons Are a Real National Security Threat


Today, most American soldiers fight from computers, not trenches, and asymmetric warfare is the new norm.

Chances are that the next nuclear detonation won’t come from a calculated missile launch, but from a nuclear accident or a cyber-attack. In 1980 at the Little Rock Air Force Base, a Titan II Missile exploded in its launch duct due to an accidental drop of a wrench socket during maintenance. A senior airman died as a result and a congressional inquiry into the accident found the Titan II missile program to be essentially reliable. Human error, or interference, can cause irreparable harm.

Cyber-attacks are a 21st century reality. The iPhone in your pocket is more powerful than the technology used during the Cold War. Individuals, non-state actors with their own agendas, now have the capabilities and the technology to hack into the U.S.’s nuclear control and command centers. The recent cyber hacks of the Federal Office of Personnel Management and Sony show how vulnerable private companies and even the government are to exploitation by determined cyber hackers.

At any moment, the U.S. has 450 Minuteman missiles (ICBMs) on “hair-trigger” alert. Meaning all those fully armed nuclear weapons could be launched in under 15 minutes. These ICBMs are online and on full alert 24/7, giving hackers unlimited opportunity and time to try to access the control center.

All of the missiles are controlled by secured and complicated software, but a determined hacker (most likely with help from an insider) could breach the security settings. In 2012 alone, NATO experienced over 2,500 “significant cyber-attacks” and according to a spokesman for the agency, the Nuclear Security Enterprise experiences up to 10 million “security significant cyber security events” each day with 1,000 of those events deemed successful against the computing infrastructure. In his remarks at the 2015 Ploughshares Fund Gala, Retired General Cartwright, a former Vice Chairman of the Joint Chiefs of Staff, warns that by hacking the nuclear missiles’ control center, the missiles could be launched and detonated remotely and without authorization. Although unclear if the missiles could be retargeted, the ICBMs are already trained on targets and the launch would result in weapons destroying another country.

Even though the ICBMs are in underground silos that can withstand nuclear blasts, the missiles may not be able to withstand an all-out cyber-attack. In 2013, the Pentagon’s Defense Science Board reported that “most of the systems” in the U.S. nuclear arsenal had not been fully assessed to understand possible weak spots in the event of an overwhelming, determined cyber-attack. And according to a Defense Department’s Director of Operational Tests and Evaluation report, in fiscal year 2014, almost every U.S. weapons program that was tested showed “significant vulnerabilities” to cyber-attacks.

The combination of network security vulnerabilities and advanced hacking technologies makes the U.S.’s Cold-War era nuclear enterprise all the more vulnerable. In 2015, it is perhaps more likely that nuclear war would be triggered by an individual’s cyber-attack on U.S.’s missile system than from another nation’s initiative.

The risk increases as 450 ICBMs are online 24/7 keeping as many nuclear missiles on full-alert all the time makes the U.S. vulnerable to starting a nuclear disaster with its own missiles.

Nuclear weapons are more vulnerable to cyber terrorism or human error than a calculated attack. If a drop of a wrench while fixing a missile can cause the implosion of a nuclear complex and a death of a soldier, it’s time to create policies that reduce the risks these weapons pose—including reducing the number of weapons that could be hacked and tacking them off high alert.