States are contending with new issues in deterrence, arms control, and stability as a result of a shift in contemporary international relations, driven by the latest information and technology revolution. Concern over cyber has increasingly impacted all aspects of nuclear security, operations and thinking, yet the term ‘cyber’ is inherently nebulous and diverse. There are currently no formal international agreements linking nuclear weapons and cyber capabilities, and to fill this void states have invested considerable resource to address the ‘cyber’ challenge – but what does this mean for nuclear security?
In this policy brief, ‘Managing the cyber-nuclear nexus’, Dr Andrew Futter, Associate Professor of International Politics at the University of Leicester and Member of the Younger Generation Leadership Network, presents an argument for going back to basics when discussing cyber challenges: its risks, focus, and referents. Given that a cyber-attack against a nuclear weapon state could result in a nuclear response, this timely brief stresses the importance of addressing the full ‘cyber’ spectrum, and the importance of differentiating disabling and enabling threats. Noting that:
- There is a need to use clear language when referring to ‘cyber’. There is a clear need to correctly identify and describe each cyber challenge in order to find tailored solutions;
- Cyber-threats and challenges operate across a broad spectrum and scale. Not every threat in the nuclear realm is equal; much of what is currently termed a ‘cyber-attack’ should not be seen through the lens or warfare, nor constitutes a ‘new’ challenge;
- Intentions are as important as capabilities. Simply possessing advance cyber capabilities does not mean they will be used offensively. Both states and non-state actors must be assessed pragmatically;
- Cyber challenges should be viewed as part of a broader package of emerging disruptive technologies. A focus purely on nuclear weapons in international arms control agreements is no longer practical as the nuclear world is increasingly blurred;
- The cyber challenge is inherently human. Humans write code, enter data, build systems and make decisions, Artificial Intelligence (AI) may change this long-term but the easiest cyber target is currently human;
- States need to think outside of the box in their approaches to security, arms control and confidence building.
It is conceivable for states to find international agreement over the use and threat of cyber in relation to nuclear weapons. Early warning systems, sharing best practice, and a public declaration of the associated dangers are all good first steps. The nuclear realm has been faced with periods of significant technological change before, and the key now is collectively addressing and minimising the challenge of the cyber era.
The opinions articulated above also do not necessarily reflect the position of the European Leadership Network or any of its members. The ELN’s aim is to encourage debates that will help develop Europe’s capacity to address pressing foreign, defence, and security challenge.