by Basma Khalil 29 July 2020
In this era of rapidly evolving technology, nuclear facilities are exposed to a dynamic and evolving spectrum of cyber vulnerabilities. Cyber-attacks on nuclear facilities are a matter of concern and it’s not for the first time that a cyber-attack has been carried out. Such as attack on the nuclear program of Iran to serve the purpose of espionage, attack on Korean Hydro and Nuclear Power Company (2014) for data theft purposes and also Nuclear Regulatory Commission/U.S. Department of Energy (2016) in which was an intentional attempt by an employee to infect computers of U.S. government and he used spear-phishing technique for it. Attack on the Indian nuclear facilities of Kudankulam was informed in September 2019, a malware attack on Kudankulam by the Indian Computer Emergency Response Team. Indian Department of Atomic Energy, investigated the attack and later on confirmed, that only one computer was targeted, connected to the administrative network’s internet servers. Later on, Nuclear Power Cooperation of India Limited (NPCIL) confirmed that operational networks at Kudankulam are completely separate from the administrative systems. A recent attack on Iran; July 2, 2020, on its nuclear facility at Natanz earlier this month, is considered as lethal as Stuxnet attacks and have raised serious concerns about the vulnerability of nuclear facilities vis-à-vis cybersecurity threats. Such types of attacks can cause serious damage to nuclear reactors and can also cause an off-site release of harmful radioactive radiation, although there was an off-site release of radiation that could create radioactive pollution states must be careful from cyber in the future which could be hazardous.
Rapid advancement in cyber technology can be a blessing and a curse at the same time. Because if on one hand it provides with the opportunity of innovation in the domain of network-centric warfare and added to the cost-effectiveness of war-related expenditures, but it also poses serious threats which could possibly by dissemination of information, hacking, sabotage, theft, and release of important and covert information related to the critical infrastructure whether it’s civilian, military or nuclear. The international community, these days is facing serious cyber threats to nuclear facilities and has already taken measures by designing a technical and legal framework to secure the nuclear facilities from any kind of cyber-sabotage and threat. .
In the context of South Asia, the region is already exposed to cyber threats and vulnerabilities keeping in view the attack on Kudankulam, although that was an administrative breach with the rapid pace of advancement in cyber technology, attacks could also be launched on operational facilities. Cyber technology and security are considered an important pillar of national security and states have already started integrating cybersecurity policies and initiatives in their national security frameworks. India has already formulated Cyber Security Policy 2013 and inducted in national security framework but Pakistan has not formulated any policy yet but the government has taken different initiatives such as establishing the National Centre of Excellence of Cyber Security, PAK-CERT, etc. India and Pakistan are involved in cyberspace rivalry; both states attack each other and breach security using tools, such as cyber spoofing, spear-phishing and denial of data services. Pakistan’s digital infrastructure is facing serious cybersecurity threats from India due to India’s increasing cybersecurity collaboration with Israel. The region is already under the potential hazard of Advance Persistent Threats along with ongoing cyber-espionage campaigns. There are no strong international norms framed yet that could legally bind the states against the acquisition and use of cyber technology. States are likely to exploit their cyber capabilities for both low and high-intensity conflicts in the absence of clear international norms or rules of engagement.
States like India are aiming to pursue the development of cyber weapons which can offset disadvantages in conventional warfare. Hence use of cyber weapons and attacks can cause serious damages as cyber weapons are offensive in nature because states will not be able to absorb the attack or if the inn case state absorbs the attack, may not be able to respond in a significant way. Different tools used by malevolent actors can endanger the nuclear facilities, ranging from network-based attacks, packet sniffing, cyber-spoofing, radio attacks, crypto attacks, spyware attacks, and air-gapped network attacks which increase the intensity of the damage. The potential use of offensive cyber operations using such tools will exploit the vulnerabilities exist in nuclear infrastructure and of systems will increase the possibility of war in the future could cause serious damages to the nuclear facilities region.
In South Asia, the situation may lead to strategic imbalance as India is already aiming to acquire the cyberweapons. Admiral Suresh Mehta, former Indian Naval Chief in an interview to Start Post admitted that Indian armed forces have invested a lot in network-based operations; both in single and in a joint fashion and India cannot afford cyber vulnerability. Information Technology is India’s strength and it would be in its interest to invest in developing a formidable ‘offensive’ and ‘defensive’ cyber warfare capability. Keeping in view the Indian ambitions Pakistan cannot remain silent so Pakistan has also started acquiring and developing cyber tools and techniques to deal with any future consequences. Pakistan has a multilayered defense for the entire spectrum of any nuclear security threat – insider, outsider, and cyber threats that work on the principle of Five Ds, that is, to deter, detect, delay, defend, and destroy.
However, the level of damage that could be inflicted by cyber-attacks and operations may adversely impact the deterrence stability of the region According to McConnell there are four elements that are essential for achieving cyber deterrence which include ‘attribution’ that enables states to guess about who carried out the attack, ‘location’ from where the attack was launched ‘response’ the capability to absorb an attack and retaliate and ‘transparency’ which explains about the knowledge of enemy’s capability. Due to the complex nature of cyber technology, it seems difficult to achieve all the essentials of cyber deterrence. In a global context as well as South Asia establishing cyber deterrence seems to be a bit difficult. If in case any of the operations are carried out against nuclear facilities, it may take a long time to reach the base of the network or malware technique that how it was used, and from where the attack was launched and who were the involved actors.
The scenario of global security and strategic balance in South Asia has been changed with the advent of cyber tools technology. Never the less recent attacks on nuclear facilities demonstrate an inconsistent approach towards ensuring cybersecurity. Although the international community is making efforts through various workshops, training, and reports and insisted upon collaboration in the cybersecurity of nuclear facilities. As far as the cyber deterrence is concerned, South Asian states may require a little more effort and time to fulfill the essentials of deterrence.
The writer is working as Research Affiliate at Strategic Vision Institute Islamabad, a nonpartisan based out of Islamabad.