Andrew Futter. Hacking the Bomb: Cyber Threats and Nuclear Weapons. Washington, DC: Georgetown University Press, 2018. xiii + 197 pp. $29.95 (paper), ISBN 978-1-62616-565-6.
Reviewed by Jessica Perales-Ludemann (Air University)
Published on H-War (December, 2019)
Commissioned by Margaret Sankey (Air University)
The world has become more connected, and that connection has given national security policymakers a new type of vulnerability. The internet has magnified this vulnerability and, coupled with increasing cyber capabilities, makes this threat increasingly worrisome. In Hacking the Bomb: Cyber Threats and Nuclear Weapons, Andrew Futter examines these vulnerabilities from the standpoint of cybersecurity and nuclear weapons and asks whether nuclear symptoms are safe from cyberattacks. Futter is an associate professor in the School of History, Politics, and International Relations at the University of Leicester in the United Kingdom.
Futter points out that the interconnected world we live in today is rife with cyber capabilities and threats, and argues that we must plan accordingly. Dismissing these threats is dangerous and, at the very least, a negligent practice of national security. Historically, the network for nuclear weapons systems is separated from traditional defense systems, leaving them seemingly less vulnerable to cyberattacks. However, this does not remove the threat of hacking, disrupting, and spoofing the nuclear weapons systems. There is a plethora of opportunities to exploit a country’s nuclear arsenal, and surprisingly, they do not all involve what most traditionally think of as hacking. Futter argues that while hacking is a threat to security, so is espionage and intellectual property theft.
With the increasing reliance on modern systems, the threat of hacking and potentially corrupting the command and control systems of the nuclear arsenal grows. Futter points out that “cyberattacks have become an increasingly important and influential component of conflict” whether the adversary is a peer, near-peer, or rogue actor (p. 111). He differentiates the intent of these actors and divides them into two groups: disabling and enabling. The disabling group is designed to disable the nuclear system in a time of need. The enabling group performs actions that inadvertently enable the system to launch a nuclear weapon, causing global instability. The balance between these two is crucial. The balance of positive and negative command control is also at the core of this issue. Positive command control allows a nuclear system to retain the ability to launch a nuclear weapon in a time of international emergency. Negative control ensures that safety measures and maintenance time is allotted to prevent an unintentional launch or accident. Futter argues that this dichotomy increases the vulnerability of these weapons systems. The more complicated a system, the more complicated the failure of the system can become. Futter states, “complex systems-particularly computer-based systems are likely to contain more bugs, problems, and unseen errors than their more basic analog predecessors, especially those that rely on complex code, link multiple functions and hardware and must make accurate computations quickly” (p. 46).
Futter also provides insight into the role of cyber in other warfighting domains. Security is no longer predominantly physical, and policymakers cannot treat it as such. Since the domains are interconnected, a vulnerability in one domain leads to a vulnerability in all. Futter’s approach is proactive and provides a comprehensive assessment of the issues and need for cyber-policy development across the nuclear enterprise. His argument that future nuclear policy must include cyber challenges is a vital and robust point. Discounting cyber vulnerabilities is a dangerous game. Futter lays out the challenge of nuclear security and the need for cyber-policy integration with the existing and future nuclear policy in an organized and precise fashion. His arguments are clear and poignant.
Accepting the inevitability of nuclear espionage and cyberattack will aid in creating realistic policy aimed at keeping the global nuclear order. Futter claims that policies that rely on the use of deterrence based on retaliation must be reconsidered and reevaluated to adapt to a new battlefield, a sentiment that I believe is crucial for the security of any nation-state in possession of nuclear weapons. Futter also offers several other courses of action including: establishing a global nuclear order, building more time into the decision timeline in nuclear crisis response, reducing global nuclear forces in heightened readiness states, and working collectively among existing “red team” nuclear systems to discover existing security issues. The recommendation I most agree with is working with other nuclear powers to establish worldwide nuclear guidelines. It is a global responsibility to ensure the protection of nuclear systems. Nuclear systems are not safe from attack, and it is dangerous to treat nuclear and cyber threats as separate issues. Futter’s Hacking the Bomb is a must-read for any policymaker and defense theorist. The cyber domain touches everything, and defense professionals must integrate it into all policies.
If there is additional discussion of this review, you may access it through the network, at: https://networks.h-net.org/h-war.
Citation:
Jessica Perales-Ludemann. Review of Futter, Andrew, Hacking the Bomb: Cyber Threats and Nuclear Weapons.
H-War, H-Net Reviews.
December, 2019.
URL: http://www.h-net.org/reviews/showrev.php?id=54471
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 United States License. |