The subject of the interrelation of threats in the fields of information and communication technologies and nuclear weapons is gradually becoming one of the dominant topics in current international security issues. In early summer 2019, a group of researchers working under the auspices of the Nuclear Threat Initiative (NTI) presented the Russian version of the “Nuclear Weapons in the New Cyber Age” report prepared by the Cyber-Nuclear Weapons Study Group (hereinafter referred to as the NTI Report). Russian assessments of the proposals put forward by American experts may contribute to finding constructive solutions that may be ultimately transferred to international communication platforms.
Understanding the Threats
The NTI Report is structured very logically and succinctly. The authors give specific examples using formalized scenarios and demonstrate the practical dimension of specific threats and their consequences. This is followed by concrete proposals. On the whole, this approach is conducive to understanding the essence of certain phenomena and is useful both for experts in the area under consideration and for the general public. Moreover, one would like to think that decision-makers in various countries will be interested in the problems considered.
The authors considered four “illustrative scenarios”:
Scenario 1: Warning systems provide false indications of a nuclear attack during a crisis.
Scenario 2: A cyberattack disrupts communications between officials, operators and nuclear systems, and/or international counterparts in a potential crisis.
Scenario 3: An adversary introduces a flaw or malevolent code into nuclear weapons through the supply chain or otherwise in a way that could compromise the effectiveness of those weapons
Scenario 4: An adversary is able to achieve unauthorized control of a nuclear weapon through cyber-assisted theft and/or defeating of security devices.
These scenarios look quite realistic. We will not go into detailed descriptions (or, more precisely, retellings) of them. A brief summary is given in Figure 1.
At the same time, we will note that each scenario has an element of simplification, which is generally justified from the point of view of the research objectives. An important clarification should be made, at least for the first scenario. An early warning system comprises many elements, and it is highly improbable that the decision to deliver a retaliatory strike will be made on the basis of a single sub-system. The probability of the “entire set” malfunctioning or being hacked and providing the exact same information appears to be very low. At the same time, when nuclear powers are in a crisis that has an obvious military aspect to it, the threat of a hastily made decision will also increase.
A Search for Solutions
The authors of the NTI Report propose the following three guiding principles that should be taken into account when developing approaches to minimizing the risk of cyber threats against nuclear weapons:
- The United States will continue to require a safe, secure, and reliable nuclear deterrent as long as nuclear weapons remain a central element of its security strategy.
- Technical measures alone are unable to completely eliminate the cyber threat to nuclear weapons.
- The cyber challenge is global, and a unilateral approach is not sufficient.
These principles appear to be quite sound and constructive. Item 1 is certainly reasonable for Russia and for other nuclear powers.
Maybe such statements should be also reflected in bilateral (or even multilateral) declarations on international security issues and strategic stability. Naturally, conditions should emerge first for such declarations.
The experts make several very specific proposals, which are grouped as follows:
reducing the risk of launch as a result of miscalculation;
reducing risks to the nuclear deterrent;
reducing the risk of unauthorized use;
taking a global approach to the cyber threat to nuclear weapons systems.
On the whole, this approach seems logical, but the feasibility of these proposals is questionable.
Certainly, the key task shared by all nuclear powers is to guarantee the impossibility of accidentally interfering with nuclear weapons and related infrastructure through information and communication technologies. What is problematic is the attitude of various states to interference that is deliberate, i.e. intentionally carried out by government services against probable adversaries. This contradiction sharply limits the room for joint action to minimize threats.
In particular, the recommendation contained in the NTI Report on bilateral and multilateral steps towards developing certain new rules of behaviour in cyberspace are unlikely to be fully implemented. This is primarily due to one of the key features of cyber weapons: the impossibility of reliably ascertaining the adversary’s target, even if the malware itself has been detected. Identical cyber weapons can be used to collect information and interfere with the systems into which the malware has been introduced.
Unilateral and Multilateral Approaches
At the same time, much can be done in the context of unilateral measures to minimize cyber threats.
It would seem that the most important task in this area is the training of qualified military personnel for the nuclear forces. Excellent knowledge of relevant weapons and military equipment, as well as the rules of operation in any situation and basic “digital hygiene” will evidently contribute to the overall reduction of threats.
Comprehensive rules and regulations for protecting equipment from external interference already exist. However, given that individual components are purchased from foreign manufacturers (this problem is relevant for both Russia and the United States), there is still danger of hardware implants. Let us hope that personnel of the relevant departments in the military and the special services have the necessary qualifications to detect such threats.
At the same time, certain national measures for enhancing the cyber protection of the nuclear weapons infrastructure should be compiled into some sort of “best practices” collection. Perhaps P5 countries (China, France, Russia, the United Kingdom, and the United States) could prepare some handbooks to be distributed, for instance, as part of a Non-Proliferation Treaty Review Conference. This would to some extent demonstrate the responsible approach of recognized nuclear powers to current issues related to nuclear weapons.
As we have mentioned before, developing a relevant section in the Glossary of the Key Nuclear Terms could be a useful step, as fine-tuning the Glossary is supposedly still on the agenda. A dialogue based on a uniform conceptual and categorial framework leads to negotiations being more effective. At the same time, forming a uniform terminology should not be viewed as a trivial task. The solution of this task requires both political will and a deep understanding of the subject of negotiations. And still, even if such procedures do not have a positive outcome, such communications promote an improved understanding of assessments, approaches and paradigms among partners.
We should remember the Joint Statement of the Russian Federation and the People’s Republic of China on strengthening global strategic stability today, which envisages, among other things, a joint “analysis of the regulation of new strategic security dimensions” related to the “possible impact of achievements in science and technology.” Moreover, Russia and China consider it appropriate to conduct a multilateral study of the relevant problems and their legal regulation on the basis of the United Nations.
Expanding the Context
As we have already mentioned, the crucial feature of cyber weapons (that kind of links it with “kinetic” weapons, primarily strategic weapons) is that the delivery vehicle and the payload are two different things: the same product can be used to introduce malware intended for monitoring and spying, as well as for control hacking and disabling.
Maybe classifying cyber weapons by hostile impact type can create conditions for searching for points of contact between various countries and international organizations. In general, the task of formalizing and coordinating definitions is one of the most complicated stages of any negotiation process, and a key stage that determines the success of the negotiations and the prospects for adapting the agreements to the rapidly changing reality against the backdrop of the scientific and technological progress.
As for deliberate cyberattacks that may be of interest to states that have the requisite capabilities, we should take note of the opinion of the UK-based Chatham House, which draws attention to the complex dynamics of military-political relations in the event of a further escalation in rhetoric concerning cyberattacks preventing combat missile launches as part of the so-called “left of launch” concept, which the General Staff of the Armed Forces of the Russian Federation calls “pre-start intercept.” The problem is that the hypothetical “Party A,” fearing an attack of such kindby “Party B,” may decide to use weapons at the early stages of a conflict. And if “Party B” is bluffing, then calling its bluff may result in the “failure” of the deterrent tactic. If “Party B” is confident in its supreme cyber capabilities, then its actions can easily become overconfident and result in a “hot” conflict.
Strictly speaking, the problem of the “rules of the game” in cyberspace is important in and of itself, without being tied to nuclear weapons. For instance, attempts can be made to train “cyber soldiers” to follow the rules of international humanitarian law, as, for instance, Professor Götz Neuneck from the Institute for Peace Research and Security Policy at the University of Hamburg (IFSH) suggests. And the specific content of such concepts as “proportionality” and “military necessity” when applied to cyberspace requires additional research. Joint international exercises, including those related to nuclear systems, ideally with the participation of “probable adversaries,” could be a useful event in this area. Thus, states could gain some experience of acting in a simulated combat situation and gain experience of interaction through emergency communication channels, which is of crucial importance.
Safe Communication Lines
For decades, information and communication technologies have been developing at breakneck speed, and the militarization of cyberspace accompanies these processes. In general, any technological changes result in new threats, and “Neo-Luddism” will hardly be a suitable cure for such threats. “Nuclear abolitionists” are unlikely to achieve their goals in the foreseeable future either: we are seeing a return to the international rivalry of great powers, and nuclear weapons are one of the principal elements confining death and destruction in the course of this rivalry within relatively moderate bounds.
The only way to preserve strategic stability and prevent catastrophic consequences from the incorrect use of nuclear weapons is to perform an in-depth analysis of the impact that new technologies have on the relevant systems. This analysis should be as open as possible and involve an element of international dialogue at both the state and expert levels. At the same time, it is necessary to “increase literacy” in information and communication technologies and nuclear weapons (and their control systems) both among military personnel and among civilian specialists and decision-makers. The NTI Report and the subsequent communication activities of its authors are a step in the right direction, especially since representatives of the Ministry of Defence of the Russian Federation attended the presentation of the report at the Institute for U.S. and Canadian Studies of the Russian Academy of Sciences.
From our partner RIAC
Hacking of the Newswires connected with Trading: A refresher for the business community
This case I am touching on is regarding Leonid Momotok in which he and other traders used insider trading information from not yet released press releases to amass windfalls in illegal trading. He pleaded guilty to conspiracy to commit wire fraud in his role to hack into three business newswires and obtain through theft the information related to finance that enabled illegal trading advantages. Their trades resulted in at least $30million in illegal profits. He pleaded guilty and faced up to 20 years in prison, restitution, a fine and criminal forfeiture.
The crux of the enabling operation to obtain an illegal advantage was gained through computer hackers in Ukraine who gained intrusion into Marketwired L.P, PR Newswire Association LLC (PRN) and Business Wire (Newswire Companies).Marketwired is owned by NASDAQ Inc., Business Wire is part of the billionaire Warren Buffet’s Berkshire Hathaway and PR Newswire is a Cision unit. The hackers used cyber-attack methods to obtain entry into the Newswire Companies’ networks. Once in, they stole upcoming press announcements about earnings, gross margins, confidential and material financial information and revenue information. They even sent messages regarding their activities. They went on to state they had gained access to the log-on to 15 wire business employees. While the traders made lists of what information they wanted, the hackers provided instructions on how to access and use the overseas server networks. And by having insider information before the public release the traders capitalized by placing trades prior to release date of the press releases. Caterpillar, Hewlett Packard, Panera Bread, Home Depot and others were some of those affected regarding nonpublic information. The hackers received a percentage of the profits and received it through shell corporations.
The Dubovoy Group defendants tried to avoid detection by spreading their trading to more than 10 brokers firms in various names, etc. They helped each other with the activities as much as able. They stole over 100,000 unpublished press releases. Leonid Momotok owned 1% interest in two of Arkadiy Dubovoy’s companies.“He advised Arkadiy Dubovoy how to trade using the stolen information, and he had formal trading authority for brokerage accounts used in the scheme but held in the name of other members of the Dubovoy Group, …p 12.’
Involvement in the apprehension and prosecution of the perpetrators included many government agencies. The President’s Financial Fraud Enforcement Task Force had a leading hand in the pursuit and prosecution.
9-11 Terrorist Attack: Defensive countermeasures of deter and detect
On September 11, 2001 at 8:46 a.m. an airliner slammed into the North Tower of the World Trade Center in New York City. At 9:03 a.m. a 2nd airliner slammed into the South Tower. The planes carried thousands of gallons of jet-fuel aboard in effect making them lethal weapons. Tens of thousands of people worked in these buildings daily and both buildings fell to the ground within 90 minutes. More than 2,600 people died in the World Trade Center tower attacks. Then at 9:37 a.m. a 3rd airliner rammed into the western side of the Pentagon. 125 people died in the Pentagon attack. And a 4thairliner was intended for attack in either the U.S. Capitol or White House but the heroics of passengers crashed the plane, hence thwarting the attack. A total of 256 people died in the four planes. The death toll even surpassed the Pearl Harbor attacks of 1941.
Those responsible for the horrific attack were 19 Arabs carrying out Islamist extremists plans. Their headquarters were located in Afghanistan. They were resourceful and some had lived in the United States for some time and four of them had trained to be pilots. They were not well educated. They carried out the terrible attacks with knives, cutters, mace, etc. And they had tried to bring down the World Trade Center in 1993 but failed however in the result killed six people and wounded a thousand. It was an effort led by Ramzi Yousef. Others including Omar Abdel Rahman who had plans to blow up the Lincoln and Holland tunnels and other New York City landmarks, but they were arrested. Ramzi Yousef and others had various other terror plans of which some succeeded and some fortunately did not.
Bin Ladin was known and thought to be a financier but not thought of as a terrorist leader until later. In 1998 Bin Ladin and four others issued a fatwa in which it was publicly declaring it was God’s order that Muslims should try to kill any American they could. Bin Ladin was a wealthy Saudi and had conducted jihadist activities against the Soviet Union. But he also held grievances against the United States such as a U.S. troop presence in Saudi Arabia. He recruited and trained followers in Afghanistan and continued carrying out acts of terror, including on the United States. His people attacked embassies, hotels, and even attempted to sink the USS Cole Navy Ship by a terrorist attack. His rhetoric is derived from Islam, history and the economic and political disorder in the area. He formed an alliance between the al Qaeda group he led and the Taliban. The Clinton administration had tried cruise missile strikes against al Qaeda in Afghanistan and tried to get the Taliban to force Bin Ladin to leave Afghanistan. The U.S. unsuccessfully utilized CIA paid foreign agents to try to capture or kill Bin Ladin and his group.
As early as 1998 or 1999 Bin Ladin had been contacted by Khalid Sheikh Mohammed with an idea of using the planes as a method of attacking the World Trade Center and other targets. The original plans were for 10 planes to target both east and west coasts of the United States. The CIA did uncover some reports of Bin Ladin’s intent on attacks. The U.S. continued its disruption attempts globally and also utilized diplomacy with countries. The “predator drone” was eventually fitted with a missile should an attack on Bin Ladin provide an opportunity. Some of the reasons and connections to the actions of the perpetrators of the planned 9-11 terrorist attack became apparent after the attack. Unrest had come to the surface in the time before the attack as the Taliban leader opposed attacking the United States, in contrast to Bin Ladin’s wishes.
On 9/11 the terrorists were successful in hijacking the four planes. The planes were being used as terrorist weapons and confusion was present with air control. But eventually the FAA and NORAD who controlled airspace did receive a “shoot down order” but it was after the plane in Pennsylvania had been forced down by passengers in the only way to stop the plane from being used as a weapon.
The enactment of the United States “Patriot Act” removed barriers that had impeded terrorism investigations in their outlay, scope and means. And in effect sped up the investigation and prosecution of the defendants. The FBI was point on the investigation that followed the attack and the operation was named Operation PENTTBOM. At one time more than half of the FBI’s personnel worked on the case. They followed through on more than one-half million leads. It was the largest crime scene in the FBI’s history. Also in the time period following the 9/11 attack the Department of Homeland Security was created in March 2003, which brought together 22 separate agencies and offices into a Cabinet level department. The 9/11 Commission had made several recommendations and in this report some details are brought forward. These would be included under the defensive counterintelligence support mode of operation and include the principles of deter and detect within the countermeasures. It included recognizing 72 fusion centers throughout the country which acts as a focal point for receipt, analysis and sharing of threat related information. Also establishing related training and informational programs to deal with threats. One such example is the National Terrorism Advisory System. And the DHS developed and implemented a risk-based transportation security strategy. An action taken such as strengthening airline passenger’s pre-screening and targeting terrorist travel will deter terrorists as they become aware of increased security measures and thwart terrorists from attempting to board airlines for terrorist activities. The airliner’s cabin cockpit doors have been hardened post-911 and Air Marshalls are used appropriately as well as some flight crew being eligible to carry firearms. The TSA behavior detection officers use non-intrusive behavior observation to identify people who may be high risk. The TSA also utilizes detection methods such as canine teams to sniff for explosives on passengers and in luggage. Post 9/11 all cargo on U.S. planes is screened commensurate with their checked luggage. The flights coming into the U.S. from foreign countries are required to provide information prior to departure and checks all passengers against watch lists the government utilizes such as the Secure Flight Program. It also increases efficiency by allowing those cross-checked with biometrics to have expedited travel.
Today a significant defensive countermeasure post-911 is that airlines now screen all checked and carry-on baggage for explosives. The U.S. has increased security of U.S. borders and identification documents. Certain areas are closely watched and critical security improvements along the Northern and maritime are emplaced. The Dept. Of Homeland Security has taken aggressive action to enhance the security of the nation’s infrastructure and also cyber infrastructure and networks. There in a federal government system cyber intrusion detection system which includes EINSTEIN and the National Cybersecurity and communications integration center is the nation’s hub for organizing cyber response efforts. DHS and DOD are working together to protect against threats to military and civilian computer systems and networks. This is another example of defensive countermeasures. DNDO is affiliated with nuclear detection and back in 2003 only 68% of arriving trucks and passenger vehicles were scanned along the northern border with no system on the southwest border. But today the systems scan 100% of all containerized cargo and personal vehicles arriving in the U.S. through land port of entries and up to 99% of sea containers. Counter-proliferation of nuclear and biological threats is a high priority of the DHS. The tragic occurrence of 9-11 has brought about real focus on the danger of leaving vulnerabilities open to exploitation. The DHS also has importantly increased efforts to track and disrupt terrorist financing through programs such as ECTF or Electronic Crimes Task Force.
Another action taken post-9/11 was the creation of the National Counterterrorism Center or NCTC which was to serve 5 functions which were; Threat Analysis, Identity Management, Information sharing, Strategic Operational Planning and National Intelligence Management.
The U.S. Department of Justice charged ZACARIAS MOUSSAOUI with numerous terrorism charges and indicates others involved in the terrorist acts. The United States Department of Defense obtained a video tape of Bin Ladin basically accepting responsibility of the 9-11 attacks and the DOD has a transcript of the video and a portion I will quote is as follows. UBL refers to Osama Bin Ladin: “UBL: The brothers, who conducted the operation, all they knew was that they have a martyrdom operation and we asked each of them to go to America but they didn’t know anything about the operation, not even one letter. But they were trained and we did not reveal the operation to them until they are there and just before they boarded the planes.UBL: (…inaudible…) then he said: Those who were trained to fly didn’t know the others.”
Bin Ladin, America’s most wanted terrorist was killed by United States Special Forces in a compound in Pakistan on May 2, 2011. The CIA had been involved in investigating Bin Ladin for years.
Counterintelligence Threat Brief for Turkey
I will provide a Counterintelligence threat brief on traditional and non-traditional Counterintelligence threats to non-security cleared individuals who are traveling to Turkey as business travelers or for personal reasons. MIT, the official Turkey intelligence agency is active. And non-traditional threats also exist as Turkey includes diverse elements of persons from different Muslim nations. Some of which include terrorist groups with their main base of operation located in a different country but also operating within Turkey. As seen in EurAsia Review, conflicts that were usually based on national interests today are based typically on non-national interests such as ethnicity, religion and culture. Asymmetric warfare rather than having a clear issue now has several. And a weaker enemy will use it strengths against a superior adversaries weaknesses.
Using OSINT (Open Source Intelligence) to conduct my research I uncovered motive for Turkey seeking intelligence from the United States. Turkey is a NATO ally and an American ally. However, that is the crux of their relationship. It has never encompassed social and economic theology. They are predominately a Muslim country and have disagreements about many aspects of wars and conflicts that the US had interests in such as Iraq and Syria. Turkey targets Kurd fighters in Syria while we support them. And they opposed the action President Trump put in place of recognizing Jerusalem as Israel’s Capitol. There is a great amount of suspicion and mistrust regarding the failed coup of President Erdoğan. And Fethullah Gülen, the suspected leader of the attempted coup resides in the United States and refuses to extradite him. They believe Gulen is responsible for the assassination of Russian ambassador Andrey Karlov. They have typically bought US military products and technology but have made a deal with Russia to purchase an advanced missile defense system. Andrew Brunson who is an American Pastor is being held and faces spying charges and thus far efforts to release him are unsuccessful. They are suspicious of everyone. They will not hesitate to leverage information acquired through their intelligence services from the United States or any source. Turkey has long been thought of as torn between the East and West. In Turkey if you access the internet via a local ISP they can install spyware on your computer that can control it. Charter Schools are being targeted by Turkey since Gulen was instrumental in them and that tie is enough for Erdogan to lash out. MIT-Turkey’s intelligence agency places agents in journalist positions as cover which often leads to someone divulging information that is considered private.
If Turkey has decided to spy on you it probably originates from passport screening. Some things that a US visitor should be aware of are to self-assess if you could be thought of as a terrorist, narcotics trafficker or criminal. Black market activity. Do not be caught with suspicious or incriminating luggage. Do not identify known associations that Turkey may find incriminating. They may utilize any of these ways to recruit you as an asset of theirs. Usually direct and indirect activities used in conducting their intelligence operations are non-threatening and unobtrusive. Beware of local laws and customs as one example is in Turkey derogatory comments regarding government and its leaders are prohibited. It may be illegal to use insulting language.
Information Turkey may covet and target from a target such as a defense contractor non-intelligence employee may include customer data, employee data, vendor information, pricing strategies, propriety information, technical plans, corporate strategies, financials, computer access protocols, acquisition strategies, investment date, business directories of phone and emails. They may be subtle and use elicitation to gain information slowly and by gaining your trust. Be alert for tips. Throw them off their own game by asking why they ask. Refer them to public sources if specifically targeted questions are posed. Or say you cannot discuss it or just do not know. Examples of things I would consider for combating their intelligence collection efforts are to use rental electronic devices. Disable the Wi-Fi. And on the flight travel with the device as carry-on luggage. Do not use foreign storage devices in your devices. Do not leave documents and information in your hotel room. Do not use the hotel safe. Select your own cab.
But sometimes harassment incidents are utilized and obviously are meant to intimidate or test a US citizen’s reactions. If harassment is selected to be used on a prospective recruit it can be used in a variety of means.
Abrogation of Article 370 and Indian Plan for Plebiscite in Jammu & Kashmir
Since 2014 India is being ruled by a Hindu ultra-nationalist party of Bhartiya Jannta Party (BJP) and extremist Narendra Modi...
Addressing Economic Challenges in Africa Through Deep Investments
The African continent comprises a diverse collection of countries, each with its own set of challenges. The governance of individual...
The Threat to Life from Ocean Microplastics
Authors: Meena Miriam Yust and Arshad Khan When Chelsea Rochman at the University of Toronto and colleagues began their study on medakas...
5 tips to make the most out of your workout routine
Whether you’re hitting the gym to get healthy, tone up or improve your overall well-being, there’s no denying that seeing...
Trips that transform: How airline miles can transform a child’s life
Maksim was just a few months shy of 2 years old when his parents rushed him to the emergency room...
Scaling up support for sustainable development: Mongolia on the rise
Mongolia’s economic rebound in recent years reveals a country rising up to the challenges borne from adverse economic shocks. The...
Hacking of the Newswires connected with Trading: A refresher for the business community
This case I am touching on is regarding Leonid Momotok in which he and other traders used insider trading information...
Russia3 days ago
Battle for the Arctic: Friends and foes
Southeast Asia3 days ago
South-East Asia youth survey: Skills prized over salary
Middle East23 hours ago
“Today Saudi Arabia finally lost the war on Yemen.”
Americas2 days ago
U.S.-North Korea Nuclear War: Assessing Plausible Risks
East Asia2 days ago
Deeper meanings of the Hong Kong protests: Is China a gamechanger or yet another winner?
Defense2 days ago
Kashmir: A Nuclear Flash Point
Middle East2 days ago
Business and boxing: two sides of the same coin
South Asia1 day ago
The Likely Outcome of Narendra Modi’s Unconstitutional Seizure of Kashmir