Research by Chatham House has identified nuclear weapons as potential targets of cyberattack. How an offensive cyber-operation against nuclear weapons systems might work, and why states have not yet undertaken such an attack, are issues worth examining in detail.
A cyberattack against nuclear weapons systems would require extraordinary state-level capabilities. It would entail virtual or physical access to closed networks that could be achieved only by exploiting a range of vulnerabilities, which may be found in the supply chain, poor design, altered software and hardware, or clandestine digital routes to the critical assets.
An insider threat – someone working in a weapons complex with malicious intent − could implant malware to degrade, disrupt or destroy systems and assets. The malware could lie dormant and unnoticed in the system for months or even years, to be activated when necessary.