Cyber Warfare & Inadvertent Escalation
James M. Acton
The advent of cyber warfare exacerbates the risk of inadvertent nuclear escalation
in a conventional conflict. In theory, cyber espionage and cyberattacks could en-
hance one state’s ability to undermine another’s nuclear deterrent. Regardless of
how effective such operations might prove in practice, fear of them could generate
escalatory “use-’em-before-you-lose-’em” pressures. Additionally, cyber threats
could create three qualitatively new mechanisms by which a nuclear-armed state
might incorrectly conclude that its nuclear deterrent was under attack. Primo, cyber
espionage could be mistaken for a cyberattack. Secondo, malware could accidentally
spread from systems that supported non-nuclear operations to nuclear-related sys-
tems. Third, an operation carried out by a third party could be misattributed by one
state in a bilateral confrontation to its opponent. Two approaches to risk reduction
are potentially viable in the short term: unilateral restraint in conducting potentially
escalatory cyber operations, and bilateral or multilateral behavioral norms.
C yber weapons may be relatively new, but non-nuclear threats to nuclear
weapons and their command, controllo, communication, and intelligence
(C3I) systems are not. Infatti, before the United States dropped the bomb
on Hiroshima in August 1945–before it even conducted the world’s first nuclear
test in July of that year–it had started to worry about non-nuclear threats to its
nascent nuclear force, in particular, Japanese air defenses.1 As the Cold War de-
veloped, fears multiplied to encompass threats to almost every component of
the United States’ nuclear forces and C3I systems. While these threats emanat-
ed primarily from Moscow’s nuclear forces, they were exacerbated by its improv-
ing non-nuclear capabilities, particularly in the final decade of the Cold War. UN
two-decade hiatus in worry following the Soviet Union’s collapse is now over;
today, non-nuclear threats to U.S. nuclear C3I assets–in particular, the growing
capability of Chinese and Russian antisatellite weapons–are a major concern.2
The United States’ experience is the norm. All nuclear-armed states have felt,
and continue to feel, similar concerns. Infatti, the last few decades have seen the
emergence of new potential vulnerabilities–this time in cyberspace–as nuclear
weapons and C3I systems have come to rely increasingly on digital technology. A
sii sicuro, the networks involved in nuclear operations are almost certainly among
the most secure anywhere. Yet there is broad agreement among technical experts
133
l
D
o
w
N
o
UN
D
e
D
F
R
o
M
H
T
T
P
:
/
/
D
io
R
e
C
T
.
M
io
T
.
/
e
D
tu
D
UN
e
D
UN
R
T
io
C
e
–
P
D
/
l
F
/
/
/
/
1
4
9
2
1
3
3
1
8
3
2
6
5
9
D
UN
e
D
_
UN
_
0
1
7
9
4
P
D
/
.
F
B
sì
G
tu
e
S
T
T
o
N
0
7
S
e
P
e
M
B
e
R
2
0
2
3
© 2020 by James M. Acton https://doi.org/10.1162/DAED_a_01794
that perfect network security is “impossible.”3 As a result, the possibility of cyber
interference with nuclear forces and C3I systems is real.
The vulnerability of nuclear forces and C3I systems creates the risk of inad-
vertent escalation: questo è, escalation resulting from military operations or threats
that are not intended to be escalatory. So-called crisis instability, for example,
could arise if a state were afraid of being disarmed more or less completely in a
preemptive strike by an adversary, whether or not such fears were well founded.4
In the most extreme case, “use-’em-or-lose-’em” pressures could lead the state to
employ nuclear weapons, conceivably in its own preemptive attempt to disarm its
adversary, but more likely in a limited way to try to terrify the opponent into back-
ing down. In less extreme scenarios, a state afraid of being disarmed might take
steps–issuing nuclear threats, Per esempio, or dispersing mobile nuclear forces–
that raised the likelihood of nuclear use later.
This danger is likely to be exacerbated by any cyber vulnerabilities affecting
nuclear forces and C3I systems. Most directly, the existence of such vulnerabili-
ties could intensify existing fears of being disarmed–fears that are already acute
in China and Russia (as well as in Pakistan and, most likely, North Korea).5 How-
ever, because of their unique characteristics and effects, cyber threats could create
at least three qualitatively new mechanisms by which a nuclear-armed state might
come to the incorrect conclusion that its nuclear deterrent was under threat. Primo,
the purpose of cyber interference could be misinterpreted. In particular, espio-
nage could be mistaken for an attack. Secondo, a cyberattack could have a more
significant effect than intended. Malware implanted into information technology
(IT) systems associated with non-nuclear weapons could accidentally spread into
more sensitive nuclear-related systems, for instance. Third, the initiator of a cyber
operation could be misidentified. An operation carried out by a third party, for ex-
ample, could be misattributed by one state in a bilateral confrontation to its oppo-
nent. What makes these pathways so pernicious is that the catalyst for escalation
could appear to its initiator to be a relatively benign action.
To make matters worse, such pathways could lead to inadvertent escalation
even if the target of the cyber interference were not afraid of being completely dis-
armed. Today at least, this description fits the United States. If, in a conflict against
Russia, Dire, the United States wrongly concluded that its strategic early-warning
system was under cyberattack, it might reason that Moscow was seeking to under-
mine U.S. missile defenses, which use early-warning data, prior to launching a nu-
clear attack.6 Given that U.S. declaratory policy explicitly highlights the option of
a nuclear response to non-nuclear attacks on nuclear C3I assets, such a “misinter-
preted warning” might lead Washington to use nuclear weapons.7 But even if it did
non, its response, which might include nuclear threats, could still be escalatory.
My focus here is narrowly limited to inadvertent cyber threats against, or inter-
ference with, one state’s nuclear forces or C3I systems by another nuclear-armed
134
l
D
o
w
N
o
UN
D
e
D
F
R
o
M
H
T
T
P
:
/
/
D
io
R
e
C
T
.
M
io
T
.
/
e
D
tu
D
UN
e
D
UN
R
T
io
C
e
–
P
D
/
l
F
/
/
/
/
1
4
9
2
1
3
3
1
8
3
2
6
5
9
D
UN
e
D
_
UN
_
0
1
7
9
4
P
D
/
.
F
B
sì
G
tu
e
S
T
T
o
N
0
7
S
e
P
e
M
B
e
R
2
0
2
3
Dædalus, the Journal of the American Academy of Arts & SciencesCyber Warfare & Inadvertent Escalation
state (C3I systems encompass not only communication capabilities, but also the
intelligence, surveillance, and reconnaissance capabilities, including early warn-
ing, that would be critical to decision-making). To be sure, cyber vulnerabilities
probably create other escalation risks too, Anche se, in my judgment, they are less
serious.8 For example, while no state would likely try to detonate another’s nucle-
ar weapons, a nihilistic terrorist group might (though it is unclear whether such
a group could obtain the requisite cyber capabilities). Separately, vulnerabilities
associated with conventional forces or their C3I systems could increase the likeli-
hood of a conventional war’s escalating to a higher level of violence, thus making
nuclear use more credible.9
C yber interference with nuclear forces and C3I systems can involve two (non
mutually exclusive) types of operations: espionage and attack. Cyber es-
pionage involves collecting data from a target IT system without other-
wise damaging it. A cyberattack involves undermining the operations of the tar-
get system, typically by compromising the integrity or availability of data. Cyber
tools suitable for surveilling or attacking nuclear forces or C3I systems have in-
numerable differences from noncyber tools, which are themselves quite varied.
Six of these differences are particularly salient to the risk of inadvertent nuclear
escalation.
Primo, cyber espionage offers the potential to obtain information about an ad-
versary’s military forces and operations that cannot plausibly be obtained in any
other way. By accessing an adversary’s C3I systems directly, cyber tools may be ca-
pable of exfiltrating exceptionally sensitive information, such as the locations of
mobile delivery systems. This is not to suggest that cyber surveillance is infallible.
As a security measure, Per esempio, a state could choose not to track the move-
ments of its mobile delivery systems (or it could do so only approximately). Al-
ternatively or additionally, it could try to use a cyber intrusion in its networks to
feed misinformation to the adversary. In spite of these and other limitations, how-
ever, cyber espionage almost certainly offers unique advantages. Per esempio, NO
practical constellation of high-resolution surveillance satellites in low Earth orbit
could provide continuous coverage of a given location on Earth’s surface.10 Cyber
surveillance, by contrast, may allow for continuous monitoring of an adversary’s
military posture.
Secondo, cyber weapons offer an unparalleled capability to manipulate the data
that go into decision-making. Other types of weapons, by destroying or disabling
sensors or communication systems, can also deny data to decision-makers. How-
ever, their use generally alerts the target to the fact it is under attack. By contrast,
if a well-designed cyber weapon is used, a loss of data may appear to be, Dire, IL
result of a malfunction, potentially allowing the attacker to conduct surprise fol-
low-on attacks. Even more significant, cyber weapons can be used to feed false
135
l
D
o
w
N
o
UN
D
e
D
F
R
o
M
H
T
T
P
:
/
/
D
io
R
e
C
T
.
M
io
T
.
/
e
D
tu
D
UN
e
D
UN
R
T
io
C
e
–
P
D
/
l
F
/
/
/
/
1
4
9
2
1
3
3
1
8
3
2
6
5
9
D
UN
e
D
_
UN
_
0
1
7
9
4
P
D
/
.
F
B
sì
G
tu
e
S
T
T
o
N
0
7
S
e
P
e
M
B
e
R
2
0
2
3
149 (2) Spring 2020James M. Acton
information to decision-makers. Per esempio, the Stuxnet virus, which was re-
portedly developed by the United States and Israel, was designed not only to de-
stroy centrifuges at Iran’s Natanz enrichment plant, but also to hinder plant op-
erators from discovering the cause of these failures by producing falsely reassur-
ing readings on monitoring equipment.11 In a similar vein, sophisticated cyber
weapons offer a unique capability to shape an adversary’s perception of a battle-
field by feeding misinformation into C3I systems.12 To be sure, information oper-
ations have always been a part of warfare. Tuttavia, cyber weapons represent a
sea change because their effects can be tailored with great precision in real time,
and because they could be used to directly influence the perceptions of high- level
decision-makers.
Third, cyber operations–whether conducted for espionage or offensive pur-
poses–can present particularly significant risks of unanticipated collateral effects,
questo è, of affecting IT systems other than the intended target.13 Noncyber weap-
ons can, Ovviamente, lead to collateral damage. Yet such effects are inherently con-
strained by geography. Inoltre, the likelihood of physical collateral damage can
be often quantified, at least to some extent (military planners may be able to es-
timate, Per esempio, the probability of an incoming weapon missing its military
target and hitting a nearby civilian facility).14 The risks of collateral effects in cy-
berspace are much more difficult to estimate. Minimizing such effects relies, In
part, on detailed intelligence about the target network and on connections be-
tween it and other networks. Obtaining the requisite intelligence is potentially
much more difficult than identifying what surrounds a target in physical space (COME
is verifying that the resulting picture is complete). To complicate matters further,
sophisticated malware must generally be tailored to each target and, if revealed,
will become ineffective once the adversary can clean its networks and fix whatev-
er exploit was used to gain access. Di conseguenza, the effects of cyber weapons cannot
usually be understood through testing, further increasing the likelihood of unan-
ticipated collateral damage (simulations can be used but they are only as good as
the available intelligence on the target).
Fourth, in peacetime, malware used to enable a cyberattack may often be in-
serted into an enemy’s networks–but not activated–in the hope that it will re-
main undetected and thus can be used in a potential future crisis or conflict. (In
theory, not only can a vulnerability in an operational IT system be exploited in
Da questa parte, but so too could security weaknesses in the supply chain for the system’s
components.) Noncyber weapons, by contrast, are generally used as and when the
decision to authorize a strike on a particular target is taken.15 One consequence of
this difference is that, if a state discovers dormant malware in its networks, it can
be faced with the challenge of attributing it–that is, identifying which entity is
responsible for its implantation–before activation. The equivalent challenge rare-
ly arises with the kinds of noncyber weapons typically used in interstate warfare
136
l
D
o
w
N
o
UN
D
e
D
F
R
o
M
H
T
T
P
:
/
/
D
io
R
e
C
T
.
M
io
T
.
/
e
D
tu
D
UN
e
D
UN
R
T
io
C
e
–
P
D
/
l
F
/
/
/
/
1
4
9
2
1
3
3
1
8
3
2
6
5
9
D
UN
e
D
_
UN
_
0
1
7
9
4
P
D
/
.
F
B
sì
G
tu
e
S
T
T
o
N
0
7
S
e
P
e
M
B
e
R
2
0
2
3
Dædalus, the Journal of the American Academy of Arts & SciencesCyber Warfare & Inadvertent Escalation
(though it does arise in irregular warfare or counterterrorism with unexploded
ordnance).
Fifth, and relatedly, cyberattacks are generally easier to conceal than other
forms of attack. Di conseguenza, decision-makers may be more inclined to authorize
them. Infatti, if the goal is for a cyber weapon to have either a persistent effect or
an effect when triggered at some future time, the malware used in the attack must
remain hidden to be effective because exposure could enable the adversary to take
countermeasures.
Sixth, and finally, distinguishing between offensive operations and espio-
nage is significantly more challenging in cyberspace than in other domains.16 To
sii sicuro, the line dividing espionage and offensive operations in physical space is
not always entirely clear. Aircraft–unmanned aerial vehicles (UAVs), in particular
–are used for both surveillance and offensive operations. But the distinction is
much murkier in cyberspace. One challenge is that identifying the purpose of a
piece of malware–understanding whether it can be used for espionage, offensive
purposes, or both–can be time-consuming. In a fast-moving conflict or crisis,
this process might move slower than decision-making. Inoltre, even if a state
quickly and confidently established that a piece of malware could be used solely
for espionage, it could not be confident that whatever vulnerability was used to in-
troduce the malware would not also be exploited for offensive purposes–at least
until it had identified and fixed the vulnerability.
S tates can threaten each other’s nuclear forces through a combination of of-
fensive “counterforce” operations to target nuclear-weapon delivery sys-
tems preemptively, and air and missile defense operations to intercept
whatever remained. The United States openly acknowledges it would seek to lim-
it the damage it would suffer in a nuclear war.17 Russian doctrine is believed to em-
brace a similar concept.18 India may be moving in the same direction.19
The question of whether, in practice, a state could actually succeed in limit-
ing the damage it would suffer in a nuclear war to an extent that decision-makers
would consider meaningful is currently a subject of considerable debate.20 How-
ever, from the perspective of inadvertent escalation, what matters is not whether
damage-limitation operations would actually prove effective, but whether a po-
tential target believes they might. In this context, Chinese and Russian fears that
the United States is seeking the capabilities–non-nuclear capabilities, in partic-
ular–to negate their nuclear deterrents could prove escalatory in a crisis or con-
flict by generating “crisis instability,” that is, pressures to use nuclear weapons
before losing the capability to do so.21 And even though the United States is not
concerned today about the possibility of being disarmed, Washington appears
to be less sanguine about the future, given growing threats to its C3I assets, In
particular.
137
l
D
o
w
N
o
UN
D
e
D
F
R
o
M
H
T
T
P
:
/
/
D
io
R
e
C
T
.
M
io
T
.
/
e
D
tu
D
UN
e
D
UN
R
T
io
C
e
–
P
D
/
l
F
/
/
/
/
1
4
9
2
1
3
3
1
8
3
2
6
5
9
D
UN
e
D
_
UN
_
0
1
7
9
4
P
D
/
.
F
B
sì
G
tu
e
S
T
T
o
N
0
7
S
e
P
e
M
B
e
R
2
0
2
3
149 (2) Spring 2020James M. Acton
Cyber capabilities could contribute to damage-limitation operations in two
distinct ways. Primo, cyber espionage could prove useful in collecting intelligence
that might increase the effectiveness of counterforce attacks and air and missile
defenses, especially if complemented by effective analytic tools for synthesizing
large amounts of data from multiple sources.22 If cyber espionage helped reveal
the locations of mobile weapons, Per esempio, it could enable preemptive attacks
against them. And if it helped to reveal targeting data, it could assist defenses in
intercepting missiles and aircraft after launch.
Secondo, cyber weapons could be used, alongside other capabilities, to con-
duct counterforce strikes. A hypothetical cyber “kill switch” that could per-
manently shut down an adversary’s nuclear C3I systems would certainly be at-
tractive to any state with a damage-limitation doctrine. In practice, this kind
of perfect capability seems fanciful, not least because a state could find analog
or even nonelectronic ways to use its own nuclear forces given enough time (In
fatto, some states may even prepare such means in advance). At best, Perciò, UN
cyberattack could be a “pause button” that delayed an adversary’s ability to use
its nuclear weapons. Real cyber weapons are likely to be still less effective, how-
ever. All nuclear-armed states likely operate multiple C3I systems with some de-
gree of redundancy between them. Cyber operations would probably not prove
equally effective against these different systems, potentially delaying the target
from using some elements of its nuclear forces for longer periods of time than
others.
Even given these limitations, Tuttavia, cyberattacks could still assist with
damage limitation. They could buy more time for counterforce operations to at-
trite an opponent’s nuclear forces and reduce the coherence of any retaliatory at-
tacks, somewhat simplifying the task of air and missile defenses. Inoltre, IL
potential for cyberattacks to shape an adversary’s perceptions could prove valu-
able. Per esempio, an attacker might try to “blind” its adversary’s early-warning
system just before launching counterforce strikes on its nuclear forces.
Just how effective cyber-enabled damage-limitation operations might prove
in an actual conflict is far from clear, not least because of the difficulty of test-
ing cyber weapons. That said, any state that has made the enormous investments
necessary to develop damage-limitation capabilities is likely to spend relatively
modest additional sums on developing complementary cyber tools, and it might
reach a different conclusion about their potential efficacy. Even more important,
from the perspective of inadvertent escalation, its potential adversaries might do
so too.
China, in particular, appears to be concerned about cyber-enabled damage
limitation. Summarizing the thinking of their peers on this subject, two Chi-
nese scholars, Tong Zhao and Li Bin, have concluded that “Chinese analysts
have demonstrated an acute awareness of the potential vulnerabilities of the
138
l
D
o
w
N
o
UN
D
e
D
F
R
o
M
H
T
T
P
:
/
/
D
io
R
e
C
T
.
M
io
T
.
/
e
D
tu
D
UN
e
D
UN
R
T
io
C
e
–
P
D
/
l
F
/
/
/
/
1
4
9
2
1
3
3
1
8
3
2
6
5
9
D
UN
e
D
_
UN
_
0
1
7
9
4
P
D
.
/
F
B
sì
G
tu
e
S
T
T
o
N
0
7
S
e
P
e
M
B
e
R
2
0
2
3
Dædalus, the Journal of the American Academy of Arts & SciencesCyber Warfare & Inadvertent Escalation
country’s nuclear C3I system, particularly against cyber infiltrations.”23 Russian
views have been less aired. Infatti, a dichotomy has emerged in what little pub-
lic discussion there has been. Per esempio, three respected experts, including a
former general officer in Russia’s Strategic Rocket Forces, have recently played
down the threat, arguing that “because the command-and-control systems of
strategic nuclear forces are isolated and highly protected, they are, in all proba-
bility, not vulnerable to cyber attacks.”24 At about the same time, Tuttavia, an-
other influential Russian scholar argued that, among the emerging non-nuclear
technologies that could threaten nuclear forces, “probably the most dangerous
development is cyber weapons, which could be used for non-nuclear disarming
and decapitating attack by completely paralysing the entire command-and-con-
trol system.”25 News reports that Russia has created cyber defense units for its
nuclear forces suggest that the Russian military may be less than sanguine about
the cyber threat.26
F ears about cyber-enabled damage limitation may be particularly pernicious
because of the potential difficulty of detecting a cyberattack. A sophisticat-
ed cyberattack on nuclear forces or C3I systems could conceivably occur
without being detected. In the extreme case, a state might only find out that it had
been attacked when it attempted to launch nuclear weapons and discovered that
its ability to do so had been impeded in some way. If a state believed that it would
be unlikely to detect an ongoing cyberattack, then it could rationally conclude
that it might be under attack even in the absence of attack indicators. The simple
belief that an opponent had highly sophisticated cyber capabilities could, there-
fore, precipitate a false positive–the incorrect assessment that an attack was un-
derway–by itself. By contrast, if a state’s nuclear forces were under assault from
kinetic strikes, the target would likely be aware. To be sure, it is still not entirely
impossible that a state could wrongly come to believe it was under kinetic attack.
Early-warning systems, Per esempio, have produced false warnings of incoming
ballistic missile strikes.27 But mistakes of this kind could be identified once the in-
coming weapons ceased to exist (though the window of time before they disap-
peared could be particularly dangerous).
To make matters worse, a state that was concerned about its nuclear forces and
C3I systems coming under cyberattack might be inclined, especially in a crisis or
conflict, to interpret ambiguous indicators in the worst possible light. For exam-
ple, if one of its nuclear C3I systems malfunctioned because of, Dire, bad design
or aging components, it might wrongly attribute the failure to a cyberattack (In
fatto, the temptation among operators to do so might be particularly strong if they
would otherwise be held responsible for an internal failure). Regardless of pre-
cisely how it arose, Tuttavia, a false positive that occurred in a crisis or conflict
could generate significant escalation pressures.
139
l
D
o
w
N
o
UN
D
e
D
F
R
o
M
H
T
T
P
:
/
/
D
io
R
e
C
T
.
M
io
T
.
/
e
D
tu
D
UN
e
D
UN
R
T
io
C
e
–
P
D
/
l
F
/
/
/
/
1
4
9
2
1
3
3
1
8
3
2
6
5
9
D
UN
e
D
_
UN
_
0
1
7
9
4
P
D
/
.
F
B
sì
G
tu
e
S
T
T
o
N
0
7
S
e
P
e
M
B
e
R
2
0
2
3
149 (2) Spring 2020James M. Acton
C oncerns about the potential for cyber operations to enhance the effective-
ness of damage limitation can have effects beyond generating crisis insta-
bility at a time of heightened tensions or during a conflict. In peacetime,
such concerns may induce nuclear-armed states to take steps to try to ensure that
nuclear weapons could be employed when duly ordered in a crisis or conflict, even
at the expense of exacerbating the danger of inadvertent or unauthorized use.
Concerned states, Per esempio, could remove permissive action links–electronic
“locks” designed to prevent the unauthorized use of nuclear weapons–because of
the perceived danger that they could be hacked and thus subverted to prevent au-
thorized use.28
Alternatively or additionally, states could make plans to predelegate the au-
thority to use nuclear weapons down the chain of command to guard against
the possibility of the communication links serving national leaders being sev-
ered. The dangers of predelegation depend, in part, on the degree of flexibility
afforded to commanders in determining whether and how to use nuclear weap-
ons. Nevertheless, certain risks are inherent in any model. A localized commu-
nications failure might be mistaken for an attack, Per esempio, leading to inad-
vertent use.29 Predelegation also increases the risk of unauthorized use because
a field commander could order the use of nuclear weapons in a scenario in which
he or she was not permitted to do so. This danger becomes greater as more people
are granted launch authority. In this respect, cyber threats could promote a partic-
ularly dangerous form of predelegation by inducing a state to entrust launch au-
thority to the relatively large number of lower-level officers who are capable of is-
suing a launch order without electronic communications.
S urveillance operations in cyberspace, even if conducted exclusively for de-
fensive purposes, pose unique risks of escalation. Cyber surveillance of an
adversary’s nuclear forces can serve purposes besides damage limitation.
In any dyad involving two nuclear-armed states, each has a strong incentive to
monitor the status of the other’s nuclear forces at all times–and particularly
during a crisis or conflict–including for the exclusively defensive purpose of
spotting any preparations for nuclear use. Several intelligence collection tech-
Carino, including overhead imagery and signals intelligence, are likely used for
this purpose. Given the potentially unique advantages of surveillance in cyber-
spazio, Tuttavia, states may see good reason to adopt it alongside these other ap-
proaches, especially if they judge that the likelihood of cyber espionage being
detected is small.
Depending on the sophistication of the malware used and the target’s defens-
es, the true likelihood of being detected may or may not be small, but the conse-
quences of being caught could be significant. Infatti, if the target detected ongo-
ing cyber espionage of networks associated with its nuclear forces or C3I systems,
140
l
D
o
w
N
o
UN
D
e
D
F
R
o
M
H
T
T
P
:
/
/
D
io
R
e
C
T
.
M
io
T
.
/
e
D
tu
D
UN
e
D
UN
R
T
io
C
e
–
P
D
/
l
F
/
/
/
/
1
4
9
2
1
3
3
1
8
3
2
6
5
9
D
UN
e
D
_
UN
_
0
1
7
9
4
P
D
/
.
F
B
sì
G
tu
e
S
T
T
o
N
0
7
S
e
P
e
M
B
e
R
2
0
2
3
Dædalus, the Journal of the American Academy of Arts & SciencesCyber Warfare & Inadvertent Escalation
inadvertent escalation could result from either of two concerns that are distinct
from those that might plausibly be generated by other forms of surveillance.
Primo, even if the target of cyber interference were convinced that the oper-
ation was being conducted exclusively for the purpose of espionage, it might
worry that the data being collected could be used against it in damage-limita-
tion operations. Intelligence collection in physical space could also enable dam-
age limitation, but it differs from cyber surveillance in one critical respect. In a
crisis or conflict, a state would generally have no way of knowing whether or not
countermeasures against physical surveillance (such as camouflage or conceal-
ment) had proved effective–unless its nuclear forces were successfully attacked.
By contrast, if it detected an ongoing effort to collect intelligence through its C3I
networks, it would know definitively that at least some of its cyber defenses had
failed. This realization might lead the state to fear that attacks on its nuclear forc-
es were imminent.
Secondo, because of the difficulty of rapidly distinguishing cyber espionage
from a cyberattack, espionage against nuclear forces or C3I systems would risk
being misinterpreted as an attack. In theory, the use of armed UAVs for surveillance
of an adversary’s nuclear forces could generate a similar risk. Tuttavia, a state mo-
tivated by purely defensive considerations would have strong and obvious reasons
not to use armed UAVs in this way.
The risks resulting from cyber espionage being mistaken as an attack would de-
pend on who had initiated the operation and who was the target. China or Russia
might assess that U.S. cyber surveillance was actually an offensive effort intend-
ed to undermine–or, more likely, give Washington the option of undermining–
Beijing’s or Moscow’s ability to launch nuclear weapons, thus potentially generat-
ing crisis instability. By contrast, because Washington is apparently more confident
in the survivability of its nuclear deterrent, cyber espionage directed against U.S.
nuclear forces or C3I systems would be less likely to have the same result. Nonethe-
less, such operations would likely be of real concern to Washington and could, for
esempio, be misinterpreted as a prelude to nuclear use by China or Russia.
E ven if the two states involved in a crisis or conflict did not engage in any
kind of deliberate cyber interference with one another’s nuclear forces or
C3I systems, one of them might wrongly conclude that the other had. Such a
misperception, which could be the result of collateral effects or third-party action,
could also induce escalation through crisis instability or misinterpreted warning.
A state that eschewed cyber operations of any kind against an opponent’s nu-
clear forces or C3I systems might still launch such operations against adversary
military networks involved exclusively in non-nuclear operations. If, because
of design flaws, imperfect intelligence, or mistakes in execution, the malware
used in such attacks spread and infected networks that were involved in nuclear
141
l
D
o
w
N
o
UN
D
e
D
F
R
o
M
H
T
T
P
:
/
/
D
io
R
e
C
T
.
M
io
T
.
/
e
D
tu
D
UN
e
D
UN
R
T
io
C
e
–
P
D
/
l
F
/
/
/
/
1
4
9
2
1
3
3
1
8
3
2
6
5
9
D
UN
e
D
_
UN
_
0
1
7
9
4
P
D
.
/
F
B
sì
G
tu
e
S
T
T
o
N
0
7
S
e
P
e
M
B
e
R
2
0
2
3
149 (2) Spring 2020James M. Acton
operations, the target might conclude that its nuclear forces or C3I systems were
under deliberate cyberattack or cyber surveillance.
There could be collateral effects even if a state’s networks for nuclear opera-
tions were entirely isolated; air-gapping (physically isolating one particular net-
work from others) È, after all, not a cyber security panacea.30 Moreover, achiev-
ing perfect isolation could prove difficult in practice.31 To give but one reason, ev-
ery nuclear-armed state, apart from the United Kingdom, has dual-use delivery
systems, which can be used to deliver nuclear or non-nuclear weapons. Such de-
livery systems represent a potential point of contact between the C3I systems sup-
porting nuclear operations and those supporting non-nuclear operations.
In practice, some nuclear-armed states–perhaps many or even all of them–
have not tried to isolate their nuclear C3I systems. The United States, Per esempio,
has a number of dual-use C3I assets for communications and early warning that
support both nuclear and non-nuclear operations.32 Other nuclear-armed states,
including China and Russia, may as well, but are less transparent.33 Because the
networks supporting dual-use C3I assets are likely to be connected directly to oth-
ers involved in non-nuclear operations, there may be a particularly high risk of
their being subject to collateral effects.
C atalytic warfare is a long-standing theoretical concern about a multipolar
nuclear world that cyber capabilities could make all too real. During the
Cold War, American strategists occasionally opined that China might try
to take advantage of a U.S.-Soviet confrontation by firing nuclear weapons (most
likely from submarines) at one or both of the superpowers in the hope that they
would misattribute the origin of the attack and proceed to launch a nuclear war
that would “weaken or destroy” each other.34 Such fears were clearly absurd then.
Armageddon was not in China’s interests, even if it were only a bystander. While
that remains even truer today, the advent of cyber warfare makes catalysis plausi-
ble, albeit as a result of inadvertence rather than deliberate action.
In peacetime, multiple nuclear-armed states may simultaneously prepare for
conflict against the same adversary. Currently, for example, China, Russia, E
North Korea all have incentives to try and penetrate the United States’ nuclear
forces and C3I systems. If a state with multiple adversaries detected malware in
the networks supporting its nuclear forces, the identity of the perpetrator might
not be immediately clear.35 (The same would be true, Ovviamente, for attacks against
other networks, but the consequences would be less significant.)
Especially in a conflict or crisis, the difficulty of resolving this uncertainty
could have serious consequences. One key factor that affects the “quality of at-
tribution” for cyber operations is time: as more time is spent on attribution, con-
clusions are likely to become more accurate and more confident.36 As a corol-
lary, “when high-level decisions . . . have to be made under pressure, the speed of
142
l
D
o
w
N
o
UN
D
e
D
F
R
o
M
H
T
T
P
:
/
/
D
io
R
e
C
T
.
M
io
T
.
/
e
D
tu
D
UN
e
D
UN
R
T
io
C
e
–
P
D
/
l
F
/
/
/
/
1
4
9
2
1
3
3
1
8
3
2
6
5
9
D
UN
e
D
_
UN
_
0
1
7
9
4
P
D
.
/
F
B
sì
G
tu
e
S
T
T
o
N
0
7
S
e
P
e
M
B
e
R
2
0
2
3
Dædalus, the Journal of the American Academy of Arts & SciencesCyber Warfare & Inadvertent Escalation
political developments may outpace the speed of the attribution process.”37 A cri-
sis or conflict is one such circumstance. If a state found malware in its nuclear
forces or C3I systems, then it might feel that it had no choice but to act on the as-
sumption that its attacker was the other party involved in the contingency.38 In
Febbraio 1998, Per esempio, the United States discovered a successful hack of mil-
itary networks while preparing to bomb Iraq and, to quote White House official
Richard Clarke, “assumed” that Baghdad was the culprit when, Infatti, teenagers
from Canada, Israel, and the United States turned out to be responsible.39
If a third party–and not the state’s immediate adversary–were, in fact, A
blame for a cyber intrusion, then catalytic escalation with the immediate adver-
sary could result. The severity of the escalation pressures in this case is up for de-
bate. On the one hand, awareness of any uncertainty associated with attribution
might limit the forcefulness of any response. On the other, in contrast to the Cold
War, when a catalytic strike by China would necessarily have been limited, a cyber
intrusion might appear to be the precursor to an all-out damage-limitation attack,
exacerbating the escalation risks.
A final difference between the cyber and noncyber weapons that can threat-
en nuclear forces and C3I systems is the much greater difficulty of limiting
or otherwise cooperatively managing cyber capabilities. Strategic nuclear
forces have long been subject to arms control, at least between the United States
and the Soviet Union or Russia. Other relevant noncyber capabilities, including
high-precision conventional munitions and antisatellite weapons, have general-
ly not been subject to any form of international governance, and the technical and
political challenges to managing them cooperatively are very real. These challeng-
es, Tuttavia, pale in comparison to those associated with governing cyber capabil-
ities. Nonetheless, two ways forward present themselves.
Primo, states can and should act unilaterally to mitigate the risks. States should,
Per esempio, enhance their ability to prevent, detect, and mitigate the consequenc-
es of cyber interference with nuclear weapons and C3I systems and their associat-
ed supply chains. While much of the required effort here would be highly techni-
cal–finding vulnerabilities, scanning networks, and so forth–states should also
consider whether they should change the way that their nuclear forces are pos-
tured and operated in order to help mitigate the consequences of what will inev-
itably be some degree of cyber vulnerability. To give but one example, any mili-
tary that currently tracks the locations of its own mobile nuclear forces after dis-
persal could consider whether, to reduce the consequences of cyber espionage, Esso
should stop doing so. Infatti, when a U.S. ballistic missile submarine is deployed
on a deterrence patrol, its location is unknown except to submariners serving on
that vessel. While this security precaution was developed long before the emer-
gence of cyber warfare, it could help reduce the likelihood that cyber surveillance
143
l
D
o
w
N
o
UN
D
e
D
F
R
o
M
H
T
T
P
:
/
/
D
io
R
e
C
T
.
M
io
T
.
/
e
D
tu
D
UN
e
D
UN
R
T
io
C
e
–
P
D
/
l
F
/
/
/
/
1
4
9
2
1
3
3
1
8
3
2
6
5
9
D
UN
e
D
_
UN
_
0
1
7
9
4
P
D
/
.
F
B
sì
G
tu
e
S
T
T
o
N
0
7
S
e
P
e
M
B
e
R
2
0
2
3
149 (2) Spring 2020James M. Acton
of U.S. C3I networks might compromise the most survivable component of the
United States’ nuclear forces.
Restraint represents another form of unilateral risk reduction. In particular,
states should adopt a consciously risk-averse approach to authorizing potential-
ly escalatory cyber operations, particularly those that are targeted directly against
nuclear forces or C3I systems, including dual-use networks. All of the escalation
pathways outlined above, with the exception of false positives, involve a cyber op-
eration by one state against another (even if the initiator could end up being a by-
stander to the subsequent escalation sequence). States, Perciò, should put in
place rigorous internal processes–if they do not already exist–to ensure that, In
deciding whether to proceed with a potentially escalatory cyber operation, IL
strategic risks are fully considered and weighed against the potential intelligence
and military benefits.
Conducting such assessments fairly and rigorously would likely prove diffi-
cult. One challenge would be deciding which cyber operations were “potentially
escalatory” and so subjected to greater scrutiny. A second would be ensuring that
low-probability but high-consequence escalation risks were not unduly discount-
ed in comparison to more obvious and immediate military and intelligence bene-
fits. Part of the solution should be to ensure that the assessment of escalation risks
is not narrowly confined to the military or intelligence personnel responsible for
proposing, planning, and conducting cyber operations. Such personnel are gener-
ally not trained in estimating–if an adversary detected a cyber operation–how
threatening it might perceive the operation to be and how it might react. Piuttosto,
a broader cast of experts, including intelligence analysts who specialize in under-
standing foreign decision-makers, should be involved. In this context, this essay
and other academic works hopefully have a role to play by identifying and raising
awareness of the potential risks.
In definitiva, the authority to approve or reject a proposed cyber operation should
rest with the senior officials who would be responsible for managing the real-world
consequences of escalation. In the United States, Per esempio, it should general-
ly fall, if it does not already, to Senate-confirmed civilians. In the case of cyber in-
terference that would directly affect the nuclear forces or C3I systems of anoth-
er nation, Tuttavia, the president should be the decision-maker. Again, this pro-
posal is easier to suggest than to implement: for it to be effective, real buy-in from
the bureaucracy would be required. Advisers would have to bring the decision-
maker rapidly up to speed on complex technical details about the proposed op-
eration and on the adversary’s strategic culture and threat perceptions. More-
Sopra, planners should develop two or more options that posed varying escalation
risks–at least one of which did not involve any interference with nuclear forces or
C3I systems–so that the decision-maker could properly assess any trade-offs be-
tween escalation risks and military and intelligence benefits.
144
l
D
o
w
N
o
UN
D
e
D
F
R
o
M
H
T
T
P
:
/
/
D
io
R
e
C
T
.
M
io
T
.
/
e
D
tu
D
UN
e
D
UN
R
T
io
C
e
–
P
D
/
l
F
/
/
/
/
1
4
9
2
1
3
3
1
8
3
2
6
5
9
D
UN
e
D
_
UN
_
0
1
7
9
4
P
D
/
.
F
B
sì
G
tu
e
S
T
T
o
N
0
7
S
e
P
e
M
B
e
R
2
0
2
3
Dædalus, the Journal of the American Academy of Arts & SciencesCyber Warfare & Inadvertent Escalation
Behavioral norms represent a more challenging but complementary path-
way to reducing escalation risks. Per esempio, states could agree, on a bilateral or
multi lateral basis, not to launch cyber operations of any kind against each other’s
nuclear forces or C3I systems. While such an agreement would not be verifiable
in the traditional sense, it might nonetheless be enforceable: any state that con-
sidered launching a cyber operation in violation of the agreement would have to
reckon with the possibility that the target (which would presumably be scanning
its networks continuously) would detect the intrusion and respond in kind. In this
modo, deterrence could motivate compliance. To be sure, the challenges to reaching
such an agreement would be daunting. In particular, it would likely be difficult to
define what systems would and would not be covered by any prohibition, not least
because of the existence of dual-use C3I assets. In the short term, Tuttavia, more
modest steps are possible. Per esempio, states should reassure one another that
any decision to launch a cyber operation against another state’s nuclear forces or
C3I systems, including dual-use networks, would be taken at the head of state or
head of government level.
Norms are far from an ideal way to try to manage existential risks, but there
is evidence that they can change behavior, including in cyberspace. In 2015, for
esempio, President Barack Obama and President Xi Jinping agreed that neither
of their states would engage in “cyber-enabled theft of intellectual property . . .
with the intent of providing competitive advantages to companies or commercial
sectors.”40 In 2018, the U.S. National Counterintelligence and Security Center as-
sessed that Chinese cyber activity was taking place at “lower volumes” than be-
fore the agreement, and that it was mostly directed against “cleared defense con-
tractors or IT and communications firms.”41 This statement indicates that China
largely ceased conducting cyber activities for commercial gain, even if its compli-
ance was not perfect. On balance, this experience suggests that trying to negoti-
ate behavioral norms can be worth the effort, even if success is not guaranteed. In-
deed, in the case of an agreement designed to prevent nuclear war, the incentives
for compliance would be particularly strong.
If these suggestions seem to fall far short of the challenge presented by the
potential risk of cyber interference with nuclear forces or C3I systems, it is be-
cause they almost certainly do. There is a profound mismatch between the im-
portance of governing cyber capabilities and governments’ (In)ability to do so.
That said, modest steps may prove to have extrinsic value. For much of the Cold
War, the idea that the United States and the Soviet Union might conduct inspec-
tions of one another’s nuclear forces seemed far-fetched. But such inspections,
which today involve counting the reentry vehicles emplaced on intercontinental
ballistic missiles, were the culmination of a stop-start confidence-building pro-
cess that began, after the Cuban missile crisis, with the modest first step of creat-
ing a hotline between the two superpowers. Political change in the Soviet Union
145
l
D
o
w
N
o
UN
D
e
D
F
R
o
M
H
T
T
P
:
/
/
D
io
R
e
C
T
.
M
io
T
.
/
e
D
tu
D
UN
e
D
UN
R
T
io
C
e
–
P
D
/
l
F
/
/
/
/
1
4
9
2
1
3
3
1
8
3
2
6
5
9
D
UN
e
D
_
UN
_
0
1
7
9
4
P
D
.
/
F
B
sì
G
tu
e
S
T
T
o
N
0
7
S
e
P
e
M
B
e
R
2
0
2
3
149 (2) Spring 2020James M. Acton
was unquestionably a necessary enabling condition for the breakthroughs of the
late 1980s and early 1990s, but it might not have been possible to capitalize on such
change had there not been an ongoing arms control process on which to build.
There is no guarantee that an analogous process for managing cyber capabilities is
possible. But if it is, it will inevitably begin with a modest first step.
about the author
James M. Acton holds the Jessica T. Mathews Chair and is Co-Director of the
Nuclear Policy Program at the Carnegie Endowment for International Peace. His
recent work includes the 2018 International Security article, “Escalation through En-
tanglement: How the Vulnerability of Command-and-Control Systems Raises the
Risks of an Inadvertent Nuclear War.”
endnotes
1 Richard Rhodes, The Making of the Atomic Bomb (New York: Simone & Schuster, 1986), 687.
2 NOI. Department of Defense, Nuclear Posture Review (Washington, D.C.: Office of the Sec-
retary of Defense, 2018), 56–57, https://media.defense.gov/2018/Feb/02/2001872886/
-1/-1/1/2018-NUCLEAR-POSTURE-REVIEW-FINAL-REPORT.PDF.
3 Defense Science Board, NOI. Department of Defense, Task Force Report: Resilient Military
Systems and the Advanced Cyber Threat (Washington, D.C.: Office of the Under Secretary
of Defense for Acquisition, Technology and Logistics, 2013), 6, https://nsarchive2.gwu
.edu/NSAEBB/NSAEBB424/docs/Cyber-081.pdf. For theory and evidence supporting
this conclusion, see Andrew Futter, Hacking the Bomb: Cyber Threats and Nuclear Weap-
ons (Washington, D.C.: Georgetown University Press, 2018), chap. 2 E 4; Page O.
Stoutland and Samantha Pitts-Kiefer, Nuclear Weapons in the New Cyber Age: Report of the
Cyber- Nuclear Weapons Study Group (Washington, D.C.: Nuclear Threat Initiative, 2018),
https://media.nti.org/documents/Cyber_report_finalsmall.pdf; Erik Gartzke and Jon
R. Lindsay, “Thermonuclear Cyber War,” Journal of Cyber Security 3 (1) (2017): 38–40;
and Patricia Lewis and Beyza Unal, “Cyber Threats and Nuclear Weapons Systems,"
in Understanding Nuclear Weapon Risks, ed. John Borrie, Tim Caughley, and Wilfred Wan
(Geneva: United Nations Institute for Disarmament Research, 2017), http://www
.unidir.org/files/publications/pdfs/understanding-nuclear-weapon-risks-en-676.pdf.
4 For the classic Cold War discussion of crisis instability, see Thomas C. Schelling, IL
Strategy of Conflict (Cambridge, Massa.: Harvard University Press, 1960), chap. 9. For
more recent treatments that stress limited nuclear use, see Caitlin Talmadge, “Would
China Go Nuclear? Assessing the Risk of Chinese Nuclear Escalation in a Convention-
al War with the United States,” International Security 41 (4) (2017): 50–92; and Michael
S. Gerson, “No First Use: The Next Step for U.S. Nuclear Policy,” International Security
35 (2) (2010): 35–39.
146
l
D
o
w
N
o
UN
D
e
D
F
R
o
M
H
T
T
P
:
/
/
D
io
R
e
C
T
.
M
io
T
.
/
e
D
tu
D
UN
e
D
UN
R
T
io
C
e
–
P
D
/
l
F
/
/
/
/
1
4
9
2
1
3
3
1
8
3
2
6
5
9
D
UN
e
D
_
UN
_
0
1
7
9
4
P
D
/
.
F
B
sì
G
tu
e
S
T
T
o
N
0
7
S
e
P
e
M
B
e
R
2
0
2
3
Dædalus, the Journal of the American Academy of Arts & SciencesCyber Warfare & Inadvertent Escalation
5 Vedere, Per esempio, Futter, Hacking the Bomb, 117–125.
6 James M. Acton “Escalation through Entanglement: How the Vulnerability of Com-
mand-and-Control Systems Raises the Risks of an Inadvertent Nuclear War,” Interna-
tional Security 43 (1) (2018): 67–73. The focus of that work is dual-use C3I systems. How-
ever, because of their unique characteristics, cyber operations could also create mis-
interpreted warning, even in the case of C3I systems reserved exclusively for nuclear
operations.
7 NOI. Department of Defense, Nuclear Posture Review, 21.
8 Deliberate interference could also create escalation pathways unique to cyberspace.
For one such example, the “cyber commitment problem,” see Gartzke and Lindsay,
“Thermo nuclear Cyber War,” 41–45.
9 Per esempio, David C. Gompert and Martin Libicki, “Cyber Warfare and Sino-American
Crisis Instability,” Survival 56 (4) (2014): 7–22.
10 Revisit times are likely to be longest for the most capable satellites, which can generally
only be procured in small numbers because of their cost.
11 Jon R. Lindsay, “Stuxnet and the Limits of Cyber Warfare,” Security Studies 22 (3) (2013):
384.
12 Per esempio, David A. Fulghum, Robert Wall, and Amy Butler, “Cyber-Combat’s First
Shot: Israel Shows Electronic Prowess: Attack on Syria Shows Israel Is Master of the
High-Tech Battle,” Aviation Week & Space Technology 167 (21) (2007): 28–31.
13 Steven M. Bellovin, Susan Landau, and Herbert Lin, “Limiting the Undesired Impact of
Cyber Weapons: Technical Requirements and Policy Implications,” in Bytes, Bombs, E
Spies: The Strategic Dimensions of Offensive Cyber Operations, ed. Herbert Lin and Amy Zegart
(Washington, D.C.: Brookings Institution Press, 2018), 274–276.
14 Other causes of collateral damage, such as planners’ misidentifying a civilian facility as a
military one, are less easy to quantify.
15 Unmanned aerial vehicles capable of both intelligence collection and offensive opera-
tions are an exception because they can be used for surveillance ahead of a decision
to employ them for offensive purposes. It seems unlikely, Tuttavia, that one nuclear-
armed state would use such platforms against another in this way in peacetime.
16 Lin and Zegart, “Introduction,” in Bytes, Bombs, and Spies, 6.
17 NOI. Department of Defense, Nuclear Posture Review, 23.
18 NOI. thinking about the requirements for force survivability can be explained only by the
belief that Russia might conduct counterforce strikes.
19 Christopher Clary and Vipin Narang, “India’s Counterforce Temptations: Strategic Di-
lemmas, Doctrine, and Capabilities,” International Security 43 (3) (2018/2019): 7–52.
20 Vedere, Per esempio, Keir A. Lieber and Daryl G. Press, “The New Era of Counterforce:
Technological Change and the Future of Nuclear Deterrence,” International Security 41
(4) (2017): 9–49; Charles L. Glaser and Steve Fetter, “Should the United States Re-
ject MAD? Damage Limitation and U.S. Nuclear Strategy Toward China,” International
Sicurezza 41 (1) (2016): 63–70; and Austin Long and Brendan Rittenhouse Green,
“Stalking the Secure Second Strike: Intelligenza, Counterforce, and Nuclear Strategy,"
Journal of Strategic Studies 38 (1–2) (2015): 38–73.
147
l
D
o
w
N
o
UN
D
e
D
F
R
o
M
H
T
T
P
:
/
/
D
io
R
e
C
T
.
M
io
T
.
/
e
D
tu
D
UN
e
D
UN
R
T
io
C
e
–
P
D
/
l
F
/
/
/
/
1
4
9
2
1
3
3
1
8
3
2
6
5
9
D
UN
e
D
_
UN
_
0
1
7
9
4
P
D
/
.
F
B
sì
G
tu
e
S
T
T
o
N
0
7
S
e
P
e
M
B
e
R
2
0
2
3
149 (2) Spring 2020James M. Acton
21 For discussions of Chinese and Russian concerns, Vedere, Per esempio, Alexei Arbatov, Vlad-
imir Dvorkin, and Sergey Oznobishchev, Non-Nuclear Factors of Nuclear Disarmament:
Ballistic Missile Defense, High-Precision Conventional Weapons, Space Arms (Moscow: IMEMO
RAN, 2010), https://www.files.ethz.ch/isn/144178/10002.pdf; and Fiona S. Cunning-
ham and M. Taylor Fravel, “Assuring Assured Retaliation: China’s Nuclear Posture and
U.S.-China Strategic Stability,” International Security 40 (2) (2015): 15–23.
22 Paul Bracken, “The Cyber Threat to Nuclear Stability,” Orbis 60 (2) (2016): 197–200.
23 Tong Zhao and Li Bin, “The Underappreciated Risks of Entanglement: A Chinese Per-
spective,” in Entanglement: Russian and Chinese Perspectives on Non-Nuclear Weapons and Nu-
clear Risks, ed. James M. Acton (Washington, D.C.: Carnegie Endowment for Interna-
tional Peace, 2017), 62.
24 Alexey Arbatov, Vladimir Dvorkin, and Petr Topychkanov, “Entanglement as a New Se-
curity Threat: A Russian Perspective,” in Entanglement, ed. Acton, 13. They go on to
add, Tuttavia, that “radio channels for communicating with and controlling satellites–
especially missile early-warning assets–are more vulnerable.”
25 Sergey Rogov, “Disarmament and Deterrence–Bridging the Divide,” remarks at the 5th
EU Non-Proliferation and Disarmament Conference, Brussels, Belgium, novembre 3,
2016, https://www.iiss.org/-/media/images/dialogues/eunp/eunp-2016/documents/
disarmament-and-deterrence—bridging-the-divide_-sergey-rogov-_-iiss.ashx.
26 “Cyber Security Units to Protect Russia’s Nuclear Weapons Stockpiles,” RT, ottobre 17,
2014, https://www.rt.com/news/196720-russia-missile-forces-cybersecurity/.
27 Per esempio, David Hoffman, “‘I Had a Funny Feeling in My Gut,’” The Washington Post,
Febbraio 10, 1999, http://www.washingtonpost.com/wp-srv/inatl/longterm/coldwar
/shatter021099b.htm.
28 Martin C. Libicki, Brandishing Cyberattack Capabilities (Santa Monica, Calif.: RAND Cor-
poration, 2013), 22–23, https://www.rand.org/content/dam/rand/pubs/research_
reports/RR100/RR175/RAND_RR175.sum.pdf.
29 For a dated example, see Daniel Ellsberg, The Doomsday Machine: Confessions of a Nuclear
War Planner (New York: Bloomsbury, 2017), 53–57. It bears emphasizing that technolog-
ical developments have massively reduced the likelihood of a communications black-
out and that the United States no longer predelegates launch authority. Piuttosto, what’s
significant in Ellsberg’s account is the predilection of the military officers he inter-
viewed to regard a communication blackout as an attack.
30 Martin C. Libicki, Cyberspace in Peace and War (Annapolis, Md.: Naval Institute Press,
2016), 49–50.
31 Ibid.
32 Acton “Escalation through Entanglement,” 63–65.
33 Ibid., 65–66 and 78–80.
34 Richard Rosecrance, Strategic Deterrence Reconsidered, Adelphi Paper 116 (London: The In-
ternational Institute for Strategic Studies, 1975), 33.
35 The literature on catalytic escalation in cyberspace emphasizes the somewhat different
case of a third party that wants to spark a conflict between two others. Vedere, for exam-
ple, Futter, Hacking the Bomb, 118; and Libicki, Cyberspace in Peace and War, 315.
148
l
D
o
w
N
o
UN
D
e
D
F
R
o
M
H
T
T
P
:
/
/
D
io
R
e
C
T
.
M
io
T
.
/
e
D
tu
D
UN
e
D
UN
R
T
io
C
e
–
P
D
/
l
F
/
/
/
/
1
4
9
2
1
3
3
1
8
3
2
6
5
9
D
UN
e
D
_
UN
_
0
1
7
9
4
P
D
/
.
F
B
sì
G
tu
e
S
T
T
o
N
0
7
S
e
P
e
M
B
e
R
2
0
2
3
Dædalus, the Journal of the American Academy of Arts & SciencesCyber Warfare & Inadvertent Escalation
36 Thomas Rid and Ben Buchanan, “Attributing Cyber Attacks,” Journal of Strategic Studies 38
(1–2) (2015): 32.
37 Ibid.
38 Infatti, in wartime, states have to make such assumptions since it is simply not possible
to attribute every incoming attack.
39 William M. Arkin, “Sunrise, Sunset,” The Washington Post, Marzo 29, 1999, http://www
.washingtonpost.com/wp-srv/national/dotmil/arkin032999.htm. Relatedly, there is
also evidence of states’ attempting to collect intelligence about adversaries’ capabilities
by targeting third parties. Ben Buchanan, The Cybersecurity Dilemma: Hacking, Trust, E
Fear Between Nations (Oxford: Oxford University Press, 2016), 69–71.
40 Office of the Press Secretary, The White House, “Fact Sheet: President Xi Jinping’s State
Visit to the United States,settembre 25, 2015, https://obamawhitehouse.archives.gov/
the-press-office/2015/09/25/fact-sheet-president-xi-jinpings-state-visit-united-states.
41 NOI. National Counterintelligence and Security Center, Foreign Economic Espionage in
Cyberspace, 2018 (Washington, D.C.: Office of the Director of National Intelligence, 2018),
7, https://www.dni.gov/files/NCSC/documents/news/20180724-economic-espionage
-pub.pdf.
l
D
o
w
N
o
UN
D
e
D
F
R
o
M
H
T
T
P
:
/
/
D
io
R
e
C
T
.
M
io
T
.
/
e
D
tu
D
UN
e
D
UN
R
T
io
C
e
–
P
D
/
l
F
/
/
/
/
1
4
9
2
1
3
3
1
8
3
2
6
5
9
D
UN
e
D
_
UN
_
0
1
7
9
4
P
D
/
.
F
B
sì
G
tu
e
S
T
T
o
N
0
7
S
e
P
e
M
B
e
R
2
0
2
3
149
149 (2) Spring 2020James M. Acton
Scarica il pdf