U.S. Nukes Face Up to 10 Million Cyber Attacks Daily

Thomas D'Agostino of the National Nuclear Security Administration looks at a device that detects radiation at the Yangshan Port in Shanghai.

The computer systems of the agency in charge of America's nuclear weapons stockpile are "under constant attack" and face millions of hacking attempts daily, according to officials at the National Nuclear Security Administration.

Thomas D'Agostino, head of the agency, says the agency faces cyber attacks from a "full spectrum" of hackers.

[READ: Scientists With Nuclear Testing Experience Rapidly Dwindling]

"They're from other countries' [governments], but we also get fairly sophisticated non-state actors as well," he said. "The [nuclear] labs are under constant attack, the Department of Energy is under constant attack."

A spokesman for the agency says the Nuclear Security Enterprise experiences up to 10 million "security significant cyber security events" each day.

"Of the security significant events, less than one hundredth of a percent can be categorized as successful attacks against the Nuclear Security Enterprise computing infrastructure," the spokesman said—which puts the maximum number at about 1,000 daily.

The agency wants to beef up its cybersecurity budget from about $126 million in 2012 to about $155 million in 2013 and has developed an "incident response center" responsible for identifying and mitigating cyber security attacks.

In April of last year, the Department of Energy's Oak Ridge National Laboratory was successfully hacked and several megabytes of data were stolen, D'Agostino said. Internet access for workers at the lab was disconnected following the breach.

[PHOTOS: Iran Participates in War Games]

Adam Segal, a cybersecurity expert with the Council on Foreign Relations, says it's likely that a majority of those 10 million daily attacks are automated bots that "are constantly scanning the Internet looking for vulnerabilities."

"The numbers are kind of inflated on that front," Segal says, adding that it's extremely unlikely that hackers would be able to remotely launch a nuclear warhead, because those systems are "airgapped" or disconnected from standard internet systems. But the Stuxnet computer worm, discovered in 2010, was widely spread to supposedly-secure uranium enrichment plants in Iran, Indonesia and India, shutting those systems down.

[DEBATE: Should the U.S. Use Military Action to Hinder Iran's Nuclear Plan?]

The NNSA says they are not aware of any viruses or malware that could remotely launch a nuclear warhead, but the "Stuxnet worm is a very real example of how sophisticated malware can cause physical damage to industrial systems."

Segal says Stuxnet was a lesson—no matter how secure a computer system appears to be, it can be breached. Many experts said the worm was so sophisticated that it had to have been developed by a team of hackers associated with a national government.

"Stuxnet showed that airgapping is not a perfect defense," Segal says. "Even in secure systems, people stick in their thumb drives, they go back and forth between computers. They can find vulnerabilities that way. If people put enough attention to it, they can possibly be penetrated."

D'Agostino said with the agency facing so many hacking attempts, its employees have to remain vigilant.

"All it takes is one person to let their guard down," he said. "This is going to be, in my view, an ever-growing area of concern."

Segal says any successful hackers would likely have to have an intimate knowledge of the programming languages used by the Department of Energy.

"There'd probably have to be a state-based actor behind it. You have to understand a lot about the systems," he says. "Hacking into the Department of Energy and looking for nuclear secrets—how to build a bomb, is probably much easier than trying to take over a bomb or a launch code, and probably of more interest to the Russians or the Chinese or the Iranians."

• Commission OKs First New Nuclear Reactor Since 1970s
  
• Mort Zuckerman: Obama Must Act Promptly to Prevent a Nuclear Iran
  
• Check out U.S. News Weekly: an insider's guide to politics and policy. 

Reader Comments Read all comments (12)

Add Your Thoughts

Comment Name State Select One AL AK AZ AR CA CO CT DE DC FL GA HI ID IL IN IA KS KY LA ME MD MA MI MN MS MO MT NE NV NH NJ NM NY NC ND OH OK OR PA RI SC SD TN TX UT VT VA WA WV WI WY International Email

Please enter the two words below into the text field underneath the image.

Incorrect please try again

Enter the words above: Enter the numbers you hear:

Your comment will be posted immediately, unless it is spam or contains profanity. For more information, please see our Comments FAQ.