Nuclear Age Peace Foundation

Author: Bruce Blair

  • Protocol for a U.S. Nuclear Strike

    This article is part of a series from the November 2017 Harvard University conference entitled “Presidential First Use: Is it legal? Is it constitutional? Is it just?” To access all of the transcripts from this conference, click here.

    The current US protocol for deciding whether to launch a nuclear strike—developed in the early 1960s, with the advent of intercontinental ballistic missiles—has two main functions and virtues: first, it concentrates the power and authority over the use of nuclear weapons in the presidency, at the highest level of the executive branch of the US government, thus keeping it out of the hands of the military and others. Second, it enables the president to respond rapidly and decisively to a nuclear attack by an enemy whose missiles may fly from one side of the planet to the other in 30 minutes; or whose missiles launched from submarines in the oceans may fly to targets in the United States in 15 minutes. It’s critical to have a protocol that allows the president to consider the use of nuclear weapons and, if necessary, to order their use, and to have the process of implementation begin in a very, very short period of time.

    The protocol’s virtues also produce its disadvantages. By virtue of the speed and concentration of authority in this protocol, the president has an opportunity to effectively railroad the nuclear commanders and forces into executing even a very large nuclear strike first—preemptively or preventively. That could lead to a misguided decision based on an impulsive psychology or on other factors that lead to a very bad call.

    The other downside to this protocol, which we used to talk about a lot more than we do today, is that the protocol itself, rooted as it is in speed and concentrated authority, can railroad the president into authorizing, in a hasty way, the use of nuclear weapons based on indications, possibly false, of an attack underway (a strategy known as “launch on warning”). In other words, we might believe we are retaliating when in fact we’re launching first.

    During the Cold War, to my knowledge, a false alarm never led to notification of the president at the beginning of the protocol that I’m about to describe. The false alarms were caught before that happened. Ironically, today, with the proliferation of ballistic missiles over the last decade (there’s been a huge surge in ballistic missile proliferation, and in their testing) you find that recent missile launches—from China, from Iran, from North Korea—have led on multiple occasions to sufficient ambiguity that the presidents have actually been notified about the ongoing event.

    Here are the key features of the current protocol. It begins with an early-warning function: the effort to detect a possible attack against North America and to notify the president and others to begin a process of deliberation. Every single day, the early-warning staffs out in Colorado and Omaha pick up events that require a second look to determine whether we’re under attack. Events they might review include a Japanese satellite launch into space, a North Korean missile test, a US missile test out of California, a wildfire in the southwest US. Most of these are usually dismissed quickly. Once or twice a month, something happens that requires a really close second look. And once in a blue moon, something happens and all hell breaks loose, as in the case of a false alarm concerning a missile launch.

    If these staffs receive any indication that we may be under attack, they have three minutes from the time the first sensor data arrives until they have to provide a preliminary assessment as to whether North America is under attack. If the assessment is of medium or high confidence that there is a threat, they initiate a process that will bring the president and his top advisors into an emergency conference no matter what time of day or night.

    Imagine that the president has decided to initiate a conference with his top advisors to consider the first use of nuclear weapons. The United States does not have a no-first-use policy. Furthermore, under the current review of our nuclear policy, undertaken primarily by the Pentagon, there is an emerging thesis that we should move further away from no first use and consider use of nuclear weapons in a wider variety of contingencies. We are on the verge of modifying our assurance to non-nuclear-weapons countries that we would not use nuclear weapons against them, in contradiction to the position adopted by the Obama administration.

    The emergency meeting of the president and his top advisors will typically include statutory members of the National Security Council: the secretary of defense; the secretary of state; the national security advisor; the chairman of the Joint Chiefs, who participates at the discretion and the invitation of the secretary of defense; and a number of key military command centers and personnel, the most important of whom is the commander of strategic forces based in Omaha, Nebraska, who commands all our strategic nuclear weapons.

    Time and circumstances permitting, the commander will brief the president on his nuclear options and their consequences. It will not be a long briefing. He’s going to have to boil this down into very, very brief sound-bites for the president: here are your options and here are the consequences. The commander will then ask the president a couple questions, such as whether he wants to withhold attacks on a particular location, such as a populous city. That briefing, if we are under attack, will be as short as 30 seconds. Of course, if the president is considering the first use of nuclear weapons, the timeline is not nearly as short and that conversation can last for quite a long period.

    If we are under attack, the president is going to have to consider his options in about six minutes, given how this protocol tends to work. If we’re not under attack, he can deliberate longer. Then he makes a decision: What option am I going to pursue? Am I going to decide to attack North Korea, for example? (With the current preprogrammed attack plan, I estimate we would have 80 nuclear aim points in North Korea.)

    Let’s say the president chooses an option. It will be conveyed instantly to the war room at the Pentagon, which probably initiated the presidential conference in the first place. The people in the Pentagon war room are listening in on the conversation and are beginning, as they hear the president moving toward a decision to use nuclear weapons, to prepare a launch order.

    Note that the secretary of defense does not confirm the president’s decision, nor does he or she have a right to veto it, nor does anyone else have the authority to override the decision. This is what Elaine Scarry has identified as, in effect, a “thermonuclear monarchy,” which gives the US president almost carte blanche command over the nuclear forces.

    When the president conveys his decision to the war room, they ask him to authenticate his identity using a special code. It’s referred to colloquially as “the biscuit,” otherwise known more officially as the “gold code.” If that code matches, the war room at the Pentagon, or an alternate, will format a launch order that will be transmitted down the chain of command to the executing commanders of the submarines, land-based rockets, and bombers.

    That launch order is roughly half the length of a tweet. It contains all the information necessary for the crews down the chain of command to launch their forces: the time to fire, the chosen war plan, an unlock code that the crews need to physically unlock their weapons prior to the launch, and special authentication codes that the crews check with the codes in their safes to satisfy themselves that these orders came from the president (those codes are not in the possession of the president, but of the military).

    That takes two minutes: 10 seconds to authenticate, then a minute or two to format and transmit the order. And in two more minutes, from the receipt of that order down the chain of command, missiles could be leaving their silos; it takes only about one minute for a Minuteman crew in the plains states of the Midwest to carry out their launch checklist. This was my job in the 1970s and at the time, it took me one minute. We delayed a little bit, for classified reasons, but that’s how long it took then and that’s how long it takes today.

    After the crews enter the war plan it goes out to all the missiles, which are preprogrammed with what wartime targets to strike. In peacetime, they are aimed at the ocean, but changing their targets to Moscow or any other targets is as easy as changing the channel on your TV set.

    Today, within a minute or two there can be up to 400 high-yield strategic weapons launched out of their silos to their targets, wherever those targets may be. Submarines take about 10 minutes longer because it takes them longer to target their missiles, position the submarine, and get to the proper depth. But even submarines on alert in the Pacific and Atlantic Oceans would within 15 minutes be launching missiles out of their tubes, then firing them one at a time every 15 seconds.

    Lastly, the bombers would take 8 to 10 hours to reach their launch points if they were already on alert. They are not normally, today, in peacetime, on alert. They don’t even have bombs on board, so in a crisis they would have to be placed on full alert, with bombs and cruise missiles loaded, before they were usable.

    To sum up: the president wakes up, gives an order through a system so streamlined that there’s almost no gatekeeping, and, within five minutes, 400 bombs leave on missiles launched out of the Midwest. About 10 minutes later, another 400 leave on missiles launched out of submarines. That’s 800 nuclear weapons—roughly the equivalent of, in round numbers, 15,000 Hiroshima bombs.

    Reform of current US launch protocol is long overdue. Layering on new safeguards that strengthen checks and balances on presidential launch authority is necessary to reduce the risk of nuclear first use. Safeguards include the Markey-Lieu Bill, which would prohibit the president from employing nuclear weapons first unless Congress has declared war and provided specific authorization for their use; the Betts/Waxman solution, which would add the secretary of defense and attorney general to the chain of command to certify that a presidential launch order is authentic and legal; and adoption of a no-first-use policy, which would draw a red line that, if crossed, makes the president accountable and even impeachable.

    Regarding a second strike, the United States should eliminate launch on warning and move toward a true retaliatory posture, requiring protection of the president and his successors and providing a large increase in warning and decision time.

  • The Wrong Deterrence: The Threat of Loose Nukes Is One of Our Own Making

    Nuclear terrorism, thankfully, is still only a specter, not a reality. But the recent wave of bloodshed in Russia underscores the urgency of the need to prevent terrorists capable of indiscriminate slaughter from acquiring nuclear bombs.

    To its credit, the Bush administration has finally launched an ambitious initiative to better secure nuclear and radiological materials, particularly in violence-racked Russia. But unless the Global Threat Reduction Initiative, which was introduced in May, becomes part of a far more comprehensive approach to the challenges of nuclear theft and terrorism, it is destined to fall well short of its goal of safeguarding the American people from the threat of nuclear weapons.

    The initiative builds on the bilateral nonproliferation efforts of the Nunn-Lugar Cooperative Threat Reduction program, a U.S. government-funded, post-Cold War effort that focused on securing Russia’s nuclear arsenal. The new, expanded cooperative effort seeks to collect weapons-grade plutonium and enriched uranium that could be used in nuclear bombs from dozens of additional countries, and to lock them down in secure facilities.

    But with U.S. and Russian strategic nuclear forces still on hair-trigger alert, we need to recognize that present policies for reducing the risk of nuclear strikes against the United States by terrorists or rogue countries are inconsistent and self-defeating. On the one hand, in the name of deterrence, U.S. and Russian strategic nuclear forces both comply with their presidents’ instructions to be constantly prepared to fight a large-scale nuclear war with each other at a moment’s notice. On the other hand, in the name of nonproliferation, the United States and Russia cooperate closely in securing Russia’s nuclear weapons against theft.

    By keeping thousands of nuclear weapons poised for immediate launch, even under normal peacetime circumstances, the United States projects a powerful deterrent threat at Russia. But at the same time, it causes Russia to retain thousands of weapons in its operational inventory, scattered across that country’s vast territory, and to keep them ready for rapid use in large-scale nuclear war with America. And to maintain the reliability of these far-flung weapons, Russia must constantly transport large numbers back and forth between a remanufacturing facility and the dispersed military bases. This perpetual motion creates a serious vulnerability, because transportation is the Achilles’ heel of nuclear weapons security.

    On any given day, many hundreds of Russian nuclear weapons are moving around the countryside. Nearly 1,000 of them are in some stage of transit or temporary storage awaiting relocation at any time. This constant movement between the far-flung nuclear bases and the remanufacturing facility at Ozersk in the southern Urals stems from the esoteric technical fact that Russian nuclear bombs are highly perishable. In contrast to American bombs, which have a shelf life of more than 30 years, Russian bombs last only eight to 12 years before corrosion and internal decay render them unreliable — prone to fizzling instead of exploding. At that point, they must be shipped back to the factory for remanufacturing. Every year many hundreds of bombs, perhaps as many as a thousand, roll out of Russia’s Mayak factory. The United States turns out fewer than 10 per year. In Russia, the rail and other transportation lines linking the factory to the far-flung nuclear bases across 10 time zones are buzzing with nuclear activity and provide fertile ground for terrorist interception.

    Keeping a small strategic arsenal consolidated at a limited number of locations close to the Mayak factory would be the ideal security environment for preventing Russian nuclear bombs from falling into terrorist hands. But the ongoing nuclear dynamic between the former Cold War foes creates the opposite environment, which undercuts security. Russian nuclear commanders, confronted with U.S. submarines lurking off their coasts with 10-minute missile-flight times to Moscow and thousands of launch-ready U.S. warheads on land- and sea-based missiles aimed at thousands of targets in Russia, are compelled to match the American posture in numbers, alert status and geographic dispersal. U.S. leaders must decide which goal takes precedence: sustaining the Cold War legacy of massive arsenals to deter a massive surprise nuclear attack, or shoring up the security of Russian nuclear weapons to prevent terrorists from grabbing them (or corrupt guards from stealing and selling them).

    And terrorists grabbing such a weapon as it shuttles between deployment fields and factories is not the worst-case scenario stemming from this nuclear gamesmanship. The theft of a nuclear bomb could spell eventual disaster for an American city, but the seizure of a ready-to-fire strategic long-range nuclear missile or group of missiles capable of delivering bombs to targets thousands of miles away could be apocalyptic for entire nations.

    If scores of armed Chechen rebels were able to slip into the heart of Moscow and hold a packed theater hostage for days, as they did in 2002, might it not be possible for terrorists to infiltrate missile fields in rural Russia and seize control of a nuclear-armed mobile rocket roaming the countryside? It’s an open question that warrants candid bilateral discussion of the prospects of terrorists capturing rockets and circumventing the safeguards designed to foil their illicit firing, especially since the 9/11 commission report revealed that al Queda plotters considered this very idea.

    Another specter concerns terrorists “spoofing” radar or satellite sensors or cyber-terrorists hacking into early warning networks. By either firing short-range missiles that fool warning sensors into reporting an attack by longer-range missiles, or feeding false data into warning computer networks, could sophisticated terrorists generate false indications of an enemy attack that results in a mistaken launch of nuclear rockets in “retaliation?” False alarms have been frequent enough on both sides under the best of conditions. False warning poses an acute danger as long as Russian and U.S. nuclear commanders are given, as they still are today, only several pressure-packed minutes to determine whether an enemy attack is underway and to decide whether to retaliate. Russia’s deteriorating early-warning network, coupled with terrorist plotting against it, only heightens the dangers.

    Russia is not the only crucible of risk. The early-warning and control problems plaguing Pakistan, India and other nuclear proliferators are even more acute. As these nations move toward hair-trigger stances for their nuclear missiles, the terrorist threat to them will grow in parallel.

    Even the U.S. nuclear control apparatus is far from fool-proof. For example, a Pentagon investigation of nuclear safeguards conducted several years ago made a startling discovery — terrorist hackers might be able to gain back-door electronic access to the U.S. naval communications network, seize control electronically of radio towers such as the one in Cutler, Maine, and illicitly transmit a launch order to U.S. Trident ballistic missile submarines armed with 200 nuclear warheads apiece. This exposure was deemed so serious that Trident launch crews had to be given new instructions for confirming the validity of any launch order they receive. They would now reject certain types of firing orders that previously would have been carried out immediately.

    Both countries are running terrorist risks of this sort for the sake of an obsolete deterrent strategy. The notion that either the United States or Russia would deliberately attack the other with nuclear weapons is ludicrous, while the danger that terrorists are plotting to get their hands on these arsenals is real. We need to kick our old habits and stand down our hair-trigger forces. Taking U.S. and Russian missiles off of alert would automatically reduce, if not remove, the biggest terrorist threats that stem from keeping thousands of U.S. and Russian intercontinental ballistic missiles fueled, targeted and waiting for a couple of computer signals to fire. They would fly the instant they received these signals, which can be sent with a few keystrokes on a launch console.

    To keep them from flying, we ought to reverse our priorities for nuclear security. The U.S. government should not be spending 25 times more on its deterrent posture than it spends on all of our nonproliferation assistance to Russia and other countries to help them keep their nuclear bombs and materials from falling into terrorist hands. Both the United States and Russia should be spending more on de-alerting, dismantling and securing our arsenals than on prepping them for a large-scale nuclear war with each other.

    The current deterrent practices of the two nuclear superpowers are not only anachronistic, they are thwarting our ability to protect ourselves against the real threats.

    Bruce Blair is president of the Washington-based Center for Defense Information and a former Minuteman launch officer.

    This article first appeared in The Washington Post , September 19, 2004.