Cybersecurity of Nuclear Weapons Systems: Threats, Vulnerabilities, and Consequences

Cyber capabilities are evolving in ways that could put at risk countries’ nuclear command, control, and communication systems. While the consequences of a cyberattack to these nuclear weapons systems would be significant, there is a lack of matured risk assessment. Moreover, the public conversation lacks a sufficient framework for understanding how cyber capabilities could threaten those systems.

The paper argues that the digitalization of nuclear weapons systems, while providing several benefits, also creates new vulnerabilities by expanding the attack surface through which adversaries could use cyber means to interfere with or disable nuclear systems. This increases the risks posed by cyberattacks and undermines the confidence needed for reliable decision making in times of conflict. These risks raise significant concerns about the reliability and integrity of nuclear command and control systems.

The paper concludes with recommendations for conceptualizing/addressing such risks. It also encourages greater discussion and confidence building between stakeholders with nuclear weapons—including between defense industry and government, between nuclear possessor states, and with states under extended deterrent arrangements. It also encourages academics and nongovernmental organizations to press these stakeholders for public information and reassurance on how governments are addressing potential cyber risks to nuclear weapons systems.

This report followed a workshop on the subject, held in partnership between Chatham House and the Stanley Center. The discussion, held in London in July 2017, featured forty experts on cyber security, nuclear weapons, and artificial intelligence and automation from Europe and the United States.