Richard A
By Richard A Clarke and Steven Andreasen
US President Barack Obama (pictured) is expected to unveil a new nuclear policy initiative this week in Berlin. Whether he can make good on his first-term commitments to end outdated Cold War nuclear policies may depend on a firm presidential directive to the Pentagon rejecting any new missions for nuclear weapons — in particular, their use in response to cyber attacks.
The Pentagon’s Defence Science Board concluded this year that China and Russia could develop capabilities to launch an “existential cyber attack” against the United States — that is, an attack causing sufficient damage that our government would lose control of the country. “While the manifestation of a nuclear and cyber attack are very different,” the board concluded, “in the end, the existential impact to the United States is the same.”
Because it will be impossible to fully defend our systems against existential cyber threats, the board argued, the United States must be prepared to threaten the use of nuclear weapons to deter cyber attacks. In other words: I’ll see your cyber war and raise you a nuclear response.
Some would argue that Obama made clear in his 2010 Nuclear Posture Review that the United States has adopted the objective of making deterrence of nuclear attacks the “sole purpose” of our nuclear weapons. Well, the board effectively reviewed the fine print and concluded that the Nuclear Posture Review was “essentially silent” on the relationship between US nuclear weapons and cyber threats, so connecting the two “is not precluded in the stated policy”.
As the board noted, cyber attacks can occur very quickly and without warning, requiring rapid decision-making by those responsible for protecting our country. Integrating the nuclear threat into the equation means making clear to any potential adversary that the United States is prepared to use nuclear weapons very early in response to a major cyber attack — and is maintaining nuclear forces on “prompt launch” status to do so.
Russia and China would certainly take note — and presumably follow suit. Moreover, if the United States, Russia and China adopted policies threatening an early nuclear response to cyber attacks, more countries would surely take the same approach. It’s hard to see how this cyber-nuclear action-reaction dynamic would improve US or global security. It’s more likely to lead to a new focus by Pentagon planners on generating an expanding list of cyber-related targets and the operational deployment of nuclear forces to strike those targets in minutes.
Against that backdrop, maintaining momentum toward reducing the role of nuclear weapons in the United States’ national security strategy (and that of other nations) — a general policy course pursued by the past five presidents — would become far more difficult. Further reductions in nuclear forces and changes in “hair-trigger” postures, designed to lessen the risk of an accidental or unauthorized nuclear launch, would also probably stall.
Fortunately, Obama has both the authority and the opportunity to make clear that he meant what he said when he laid out his nuclear policy in Prague in 2009. For decades, presidential decision directives have made clear the purpose of nuclear weapons in US national security strategy and provided broad guidance for military planners who prepare the operations and targeting plans for our nuclear forces. An update to existing presidential guidance is one of the homework items tasked by the 2010 Nuclear Posture Review.
Cyber threats are very real, and there is much we need to do to defend our military and critical civilian infrastructure against what former defence secretary Leon E Panetta referred to as a “cyber Pearl Harbor” — including enhancing the ability to take action, when directed by the president, against those who would attack us. We also need more diplomacy such as that practiced by Obama with his Chinese counterpart, Xi Jinping, at their recent summit. Multinational cooperation centres could ultimately lead to shared approaches to cyber security, including agreements related to limiting cyber war.
US cyber-vulnerabilities are serious, but equating the impact of nuclear war and cyber war to justify a new nuclear deterrence policy and excessive Cold War-era nuclear capabilities goes too far. It diminishes the unique threat of national devastation and global extinction that nuclear weapons represent, undermines the credibility of nuclear deterrence by threatening use for lesser contingencies and reduces the urgency for focused action to lessen nuclear dangers. Excessive rhetoric on the threat of cyberwar from the United States and blurring the distinction between cyber and nuclear attacks just makes progress toward cyber-peace more difficult.
With a stroke of his pen and his speech in Berlin, Obama can keep the United States from uploading the cyber-nuclear link.
WP-BLOOMBERG
By Richard A Clarke and Steven Andreasen
US President Barack Obama (pictured) is expected to unveil a new nuclear policy initiative this week in Berlin. Whether he can make good on his first-term commitments to end outdated Cold War nuclear policies may depend on a firm presidential directive to the Pentagon rejecting any new missions for nuclear weapons — in particular, their use in response to cyber attacks.
The Pentagon’s Defence Science Board concluded this year that China and Russia could develop capabilities to launch an “existential cyber attack” against the United States — that is, an attack causing sufficient damage that our government would lose control of the country. “While the manifestation of a nuclear and cyber attack are very different,” the board concluded, “in the end, the existential impact to the United States is the same.”
Because it will be impossible to fully defend our systems against existential cyber threats, the board argued, the United States must be prepared to threaten the use of nuclear weapons to deter cyber attacks. In other words: I’ll see your cyber war and raise you a nuclear response.
Some would argue that Obama made clear in his 2010 Nuclear Posture Review that the United States has adopted the objective of making deterrence of nuclear attacks the “sole purpose” of our nuclear weapons. Well, the board effectively reviewed the fine print and concluded that the Nuclear Posture Review was “essentially silent” on the relationship between US nuclear weapons and cyber threats, so connecting the two “is not precluded in the stated policy”.
As the board noted, cyber attacks can occur very quickly and without warning, requiring rapid decision-making by those responsible for protecting our country. Integrating the nuclear threat into the equation means making clear to any potential adversary that the United States is prepared to use nuclear weapons very early in response to a major cyber attack — and is maintaining nuclear forces on “prompt launch” status to do so.
Russia and China would certainly take note — and presumably follow suit. Moreover, if the United States, Russia and China adopted policies threatening an early nuclear response to cyber attacks, more countries would surely take the same approach. It’s hard to see how this cyber-nuclear action-reaction dynamic would improve US or global security. It’s more likely to lead to a new focus by Pentagon planners on generating an expanding list of cyber-related targets and the operational deployment of nuclear forces to strike those targets in minutes.
Against that backdrop, maintaining momentum toward reducing the role of nuclear weapons in the United States’ national security strategy (and that of other nations) — a general policy course pursued by the past five presidents — would become far more difficult. Further reductions in nuclear forces and changes in “hair-trigger” postures, designed to lessen the risk of an accidental or unauthorized nuclear launch, would also probably stall.
Fortunately, Obama has both the authority and the opportunity to make clear that he meant what he said when he laid out his nuclear policy in Prague in 2009. For decades, presidential decision directives have made clear the purpose of nuclear weapons in US national security strategy and provided broad guidance for military planners who prepare the operations and targeting plans for our nuclear forces. An update to existing presidential guidance is one of the homework items tasked by the 2010 Nuclear Posture Review.
Cyber threats are very real, and there is much we need to do to defend our military and critical civilian infrastructure against what former defence secretary Leon E Panetta referred to as a “cyber Pearl Harbor” — including enhancing the ability to take action, when directed by the president, against those who would attack us. We also need more diplomacy such as that practiced by Obama with his Chinese counterpart, Xi Jinping, at their recent summit. Multinational cooperation centres could ultimately lead to shared approaches to cyber security, including agreements related to limiting cyber war.
US cyber-vulnerabilities are serious, but equating the impact of nuclear war and cyber war to justify a new nuclear deterrence policy and excessive Cold War-era nuclear capabilities goes too far. It diminishes the unique threat of national devastation and global extinction that nuclear weapons represent, undermines the credibility of nuclear deterrence by threatening use for lesser contingencies and reduces the urgency for focused action to lessen nuclear dangers. Excessive rhetoric on the threat of cyberwar from the United States and blurring the distinction between cyber and nuclear attacks just makes progress toward cyber-peace more difficult.
With a stroke of his pen and his speech in Berlin, Obama can keep the United States from uploading the cyber-nuclear link.
WP-BLOOMBERG
