• United States



Pentagon considers nuclear response to retaliate for large cyber attacks

Jan 17, 20183 mins

A draft for the Pentagon’s 2018 Nuclear Posture Review says the U.S. would consider using nuclear weapons to respond to non-nuclear attacks.

nuclear bomb test bikini atoll mushroom cloud explosion detonate
Credit: Thinkstock

Why use hack-back tactics when you can drop a nuke on your cyber attackers?

According to the draft for the Pentagon’s 2018 Nuclear Posture Review, the U.S. would consider using nuclear weapons to respond to non-nuclear attacks.

While the Pentagon’s proposed policy change suggests the U.S. should “only consider the use of nuclear weapons in extreme circumstances to defend the vital interests of the United States or its allies and partners,” large cyber attacks are considered “extreme circumstances.”

After reviewing threats posed by Russia, China, North Korea and Iran, the document reads:

The United States would only consider the use of nuclear weapons in extreme circumstances to defend the vital interests of the United States, its allies, and partners. Extreme circumstance could include significant non-nuclear strategic attacks. Significant non-nuclear strategic attacks include, but are not limited to, attacks on the U.S., allied, or partner civilian population or infrastructure, and attacks on U.S. or allied nuclear forces, their command and control, or warning and attack assessment capabilities.

Notice that “cyber attack” is not specifically mentioned, but officials who asked to remain anonymous told The New York Times that “large cyber attacks” could warrant a nuclear response.

Three current and former senior government officials said large cyber attacks against the United States and its interests would be included in the kinds of foreign aggression that could justify a nuclear response — though they stressed there would be other, more conventional options for retaliation.

The NPR draft acknowledged that Russia has a “new intercontinental, nuclear-armed, undersea autonomous torpedo” and is “developing and deploying new nuclear warheads and launchers.” Russia, the document claims, believes that limited nuclear first use of low-yield weapons would give it an advantage. “Correcting this mistaken Russian perception is a strategic imperative,” it says.

Therefore, the U.S. should develop smaller nukes, new “low-yield” nuclear weapons, which would “enhance deterrence.” One new nuke would be a cruise missile fired from submarines and another a “low-yield” warhead for ballistic missiles from subs.

The U.S. doesn’t need more nukes

But Alexandra Bell, a former senior adviser at the State Department and current senior policy director at the Center for Arms Control and Non-Proliferation, told the Huffington Post, the U.S. already has “4,000 nuclear weapons in our active stockpile, which is more than enough to destroy the world many times over. So I don’t think it makes a convincing case that we somehow lack capabilities. And, in fact, I don’t think you can make the case that this president needs any more capabilities.”

Two weeks ago, President Donald Trump was bragging about having a “much bigger” and “more powerful” nuclear button that North Korean leader Kim Jong Un.

During the Cold War, nukes guaranteed mutually assured destruction. That same mutual assured destruction has been applied to large-scale cyberwar — knock out our power grid, and we will knock out yours type thing. It remains to be seen if the threat of nuking a country for pulling off large cyber attacks would serve as a deterrent or be the start of doomsday.

“Almost everything about this radical new policy will blur the line between nuclear and conventional,” Andrew C. Weber, an assistant defense secretary during the Obama administration, told The New York Times. If the draft is adopted as is, the new policy “will make nuclear war a lot more likely.”

The draft, called “pre-decisional” by the Pentagon, is currently being reviewed by the White House. The final version is expected to be released in February.

ms smith

Ms. Smith (not her real name) is a freelance writer and programmer with a special and somewhat personal interest in IT privacy and security issues. She focuses on the unique challenges of maintaining privacy and security, both for individuals and enterprises. She has worked as a journalist and has also penned many technical papers and guides covering various technologies. Smith is herself a self-described privacy and security freak.