"There is no more urgent task than understanding and mitigating the potential risks posed by the interaction of advancing cyber capabilities with nuclear weapons systems."
A report published Wednesday by a U.S. nonprofit group recommends cooperation between the United States and Russia aimed at reducing the threat of a nuclear war sparked by cyberattacks on nuclear weapon systems.
"In the modern nuclear age, there is no more urgent task than understanding and mitigating the potential risks posed by the interaction of advancing cyber capabilities and nuclear weapons systems," the Nuclear Threat Initiative (NTI) asserted in the report, entitled Reducing Cyber Risks to Nuclear Weapons: Proposals From a U.S.-Russia Expert Dialogue.
The publication "highlights the critical need for a global diplomatic approach to address growing cyber risks, including, where possible, through cooperation between the United States and Russia."
"Despite significant current geopolitical tensions, the United States and Russia have a mutual interest in avoiding the use of nuclear weapons and an obligation to work together to do so based on the understanding that a cyberattack on a nuclear weapons system could trigger catastrophic and unintended conflict and escalation," the group said in an implied reference to strained relations amid Russia's ongoing invasion of Ukraine.
NTI drew from talks between U.S. and Russian nonproliferation experts that took place in 2020 and 2021 prior to last year's invasion of Ukraine.
"While acknowledging the challenges posed by an already charged political environment, the dialogue emphasized the importance of maintaining cooperation between the United States and Russia on key nuclear security issues, the value of unilateral risk reduction actions, and the benefit of developing ideas for cooperative steps to be advanced when the political situation improves," the organization noted.
The talks yielded six recommendations for the U.S. and Russia to reduce cyber risks:
- Refrain from cyber interference in nuclear weapons and related systems, including nuclear command, control, communications, delivery, and warning systems;
- Evaluate options to minimize entanglement and/or integration of conventional and nuclear assets;
- Continue to improve the cybersecurity of their respective nuclear systems, including through unilateral "fail-safe" reviews;
- Increase transparency and expand communications during periods of increased tension;
- Adopt procedures to ensure that any cyber, information, or other operation involving information and communications technologies emanating from the United States or Russia with the potential to disrupt another nation's nuclear deterrence mission be approved at the same level as required for nuclear use; and
- Eliminate policies that threaten a nuclear weapons response to cyberattack.
"Today, the United States and Russia still possess roughly 90% of the world's nuclear weapons and are also among the most proficient and active developers and users of information and communications technology (ICT)," the report notes. "Nuclear weapons policies, however, have not kept up with these technological advancements."
"Meanwhile," the publication continues, "the ubiquity of advanced digital ICT tools, as well as their fulsome functional benefits, have led both countries' nuclear weapons enterprises to incorporate digital technologies into their nuclear weapons, warning, command, control, and communications systems."
"Both the United States and Russia should prioritize cyber-nuclear weapons risk-reduction as they pursue future bilateral and multilateral arms control, confidence-building, and transparency initiatives."
"With that modernization come vulnerabilities and openness to cyberattacks that could prompt dangerous miscalculations or accidents, leading to nuclear use," NTI stated, adding that "in the mid- to long-term, cybersecurity can be improved in the
context of ongoing nuclear weapons systems modernization."
"Mutual commitments can be codified through various political or legal formats," the report states. "Nuclear force modernization in each country presents an opportunity to clarify, isolate, and distinguish which systems are involved in nuclear deterrence missions from civilian infrastructure, critical national assets, and conventional warfighting systems."
"Modernization also provides opportunities to improve system resiliency and upgrade cybersecurity measures and practices," the publication adds. "Both the United States and Russia should prioritize cyber-nuclear weapons risk-reduction as they pursue future bilateral and multilateral arms control, confidence-building, and transparency initiatives."
The new report came a day after the U.S. Department of Defense published an unclassified summary of its 2023 Cyber Strategy, the first update in five years, in which the Pentagon stated it would "use cyberspace operations for the purpose of campaigning, undertaking actions to limit, frustrate, or disrupt adversaries' activities below the level of armed conflict and to achieve favorable security conditions."
The Pentagon added that it would "remain closely attuned to adversary perceptions and will manage the risk of unintended escalation."
Russia's war and U.S. support for Ukrainian efforts to oust invaders have heightened international calls for disarmament, with U.N. Secretary-General António Guterres recently warning that nuclear modernization and rising global mistrust is "a recipe for annihilation."