Do Computers Pose a Nuclear Threat?
Some social impacts of modern technology--such as threats to personal privacy--can be scary. Others are terrifying. Take the ongoing, vexing interplay between computer security and nuclear weapons.
Over the last three weeks, a new group of computer hackers that calls itself Masters of Downloading has released information to back up its claim to have penetrated sensitive Pentagon computer systems.
The group claims to have stolen software of the Defense Information Systems Network Equipment Manager, which controls military communications systems, including global-positioning satellites. The group of 15 hackers, which includes two from Russia, released a statement and a sample of the software, complete with interface screens.
The “masters” also announced that they had cracked communications links to U.S. submarines.
The Defense Department says it is treating the group’s intrusion “very seriously,” but it downplayed the significance of the break-ins.
Pentagon spokesmen reportedly say the military uses computers only to support weapons and people, and that computers are not essential to U.S. security.
Unfortunately, the picture is not quite that simple. Both people and firepower engaged in national security depend on information, and much of the required information is now managed by computers and networks. If this information is not reliable or is confusing, and this unreliability and confusion are combined with stressful time constraints, the results could be catastrophic, especially when the firepower is nuclear.
“The threat of accidental nuclear war is more dangerous now than ever,” despite the end of the Cold War, said Bruce Blair, a senior researcher at the Brookings Institution in Washington and a former nuclear launch control officer. “The current alert postures are inherently dangerous and getting more dangerous.”
An article published last week in the New England Journal of Medicine, by Blair and coauthors associated with Physicians for Social Responsibility, calls for steps to “de-alert” U.S. and Russian nuclear weapons systems. They suggest an end to the current status of “launch on warning”--the policy of launching nuclear-armed missiles when warning of an attack is received by defense authorities.
In 1979, the U.S. North American Air Defense Command, or NORAD, in Cheyenne Mountain, Colo., brought U.S. nuclear facilities to full-alert status when a computerized training tape was mistakenly mounted on the “live” early-warning system. In 1980, a 39-cent computer chip in a communications system between NORAD and the Strategic Air Command failed, producing a warning that the U.S. was under full nuclear attack.
In 1995, the Russians came ominously close to “launch on warning” when the U.S. lofted a satellite on a rocket launched from an island off Norway. Because of the rocket’s unusual launch site and its trajectory, the Russians at first thought it was a U.S. Trident missile fired from a submarine. They went to full nuclear alert, even activating the nuclear “briefcase” that accompanies President Boris N. Yeltsin.
In these cases, and others, the time pressures on military decision makers have been intense. Blair notes that the Strategic Threat Assessment Team at NORAD, and its complementary Tactical Threat Assessment Team, have three minutes to decide if an attack warning is genuine. The Russians have 10 minutes before they need to make a decision. (The 1995 incident was resolved in eight minutes.)
The biggest danger now, say Blair and others, such as former Sen. Sam Nunn, a Georgia Democrat, is the frighteningly lax control the Russians maintain over their nuclear arsenals. Budget cuts, political instability and sheer neglect have brought the Russian air defense and command-and-control systems to a critically dangerous point.
*
Into this dark picture we can insert computer unreliability, such as the year-2000 problem--which Blair says the Russians haven’t begun to solve--and confusing and conflicting information scrambled or manipulated by anonymous hackers. While it is probably impossible for hackers to get into systems that might enable an unauthorized launch of nuclear weapons--although even this is not completely certain--the growing number of penetrations of Pentagon systems raises the specter of unreliability and confusion in a crisis. Computer data may not be the trigger on a nuclear warhead. But it could lead someone to pull that trigger hastily.
Defense computer systems need to be far more secure than they are now. Even Pentagon officials admit this. But the real solution is to deactivate nuclear weapons in both the U.S. and Russia. A nuclear standoff on a hair trigger is no longer necessary, if it ever was. Blair and his coauthors recommend a “stand-down” from constant alert status, removal of launch keys from missile silos and removal of warheads from missiles.
Without such measures, the door is open to a vast expansion of control and surveillance over computer networks by government agencies that are responsible for intelligence and computer security. The unnecessary extension of Cold War strategies in nuclear weapons systems might then infect the Internet itself.
Blair says a paper on “de-alerting” nuclear forces is on the desk of Defense Secretary William S. Cohen right now. Let’s hope he reads it and is convinced by its arguments.
