Introduction
AGW is a primary challenge for the world, over the coming centuries (
Intergovernmental Panel on Climate Change, 2013). Major financial expense will be needed to deal with the previously-unaddressed social cost of carbon (
Yang et al., 2018), and to address resulting physical, geopolitical and social issues (
Stern, 2006). Already, great international and domestic negotiation efforts have been made to make the political deals (
United Nations Framework Convention on Climate Change, 2014) necessary to restrict expected global temperature rises. Ongoing difficulties experienced in completing a rapid transformation of world energy systems (to break links between energy production and CO
2 emissions) have resulted in a revisiting of discussions of geoengineering—as an alternative or complement to the more traditional interventions of mitigation and adaptation. Geoengineering, in its current usage, is ordinarily interpreted as meaning deliberate modification of the climate system.
There are two principal types of proposed geoengineering:
(1)
CDR: a group of techniques described either as Carbon Dioxide Removal, or (more generally) Greenhouse Gas Removal (GGR) (Lomax, 2015). GGR includes removal of secondary Greenhouse Gases (GHGs) (methane, etc.), as well as carbon dioxide. CDR offers a theoretically-complete solution to CO
2 emissions – but only if conducted rapidly. Delays in conducting CDR leads to interim temperature increases, which can cause permanent harm (e.g. extinctions). Cost is the major barrier to CDR deployment at scale (a figure of 50 EUR/ton CO
2 is suggested by IEAGHG (
Kornneef et al., 2011),.
(2) SRM: Solar Radiation Management works via modification of the Earth’s radiation balance, i.e. by reflecting sunlight. Example SRM proposals include local measures, such as crop albedo modification and white roofs. However, our concern is security – and the more global SRM measures are therefore of much more relevance, as their direct transboundary effect is likely to be far more controversial. Two are seen broadly as plausible: Marine Cloud Brightening (MCB), which would be delivered from a flotilla of small ships; and Stratospheric Aerosol Injection (SAI – replicating the cooling following volcanic eruptions), which is delivered from one or more tethered balloons, or from a number of free-flying aircraft. SRM does not constitute a complete solution to emissions. First, it is temporary—excepting far-fetched technologies, such as space mirrors. Secondly, SAI also is imperfect in its climatic corrections. SAI would, for example, lead to a global climate drier than a pre-industrial climate with the same global average temperature. Plausible methods of SRM are comparatively inexpensive: It is climate and ecosystem risks, and political controversy, that underpins the reluctance to deploy. N.B. SAI is the most widely-discussed form of SRM, and comments within this paper relate principally to SAI.
Large-scale geoengineering deployments have not yet occurred, save for various afforestation (tree-planting) programmes, and suchlike. However, various anthropogenic processes (e.g. particulate air pollution) have inadvertent effects on climate – although lack the relevant intent to qualify as geoengineering. In addition, many necessary technologies exist only in theory – but deployment is not generally regarded as posing insurmountable challenges (although some high-tech implementations are potentially problematic, e.g. space mirrors).
Geoengineering, therefore, exerts an increasing influence on climate discourse and policy. More formally, CDR is becoming deeply embedded in international agreements. The recent Paris agreement relies on large-scale CDR in the second half of the 21st century (
Lewis, 2016). SRM, by contrast, is not widely accepted as a policy instrument and is not given prominence in the recent IPCC 1.5°C report (
Intergovernmental Panel on Climate Change, 2018).
SRM geoengineering can be regarded as having an ongoing annual cost. This is due principally to its impermanence – and to dominance in the cost calculations of chemicals, labor, and short-life or leasable equipment (
McClellan et al., 2012).
McClellan et al. (2012) estimate total SRM costs for global climate management at as little as $2 billion per year. To give an idea of scale, this potentially involves as few as 14 aircraft or as few as 4 bases (trade-offs exist). Notably, cost estimates and cooling assumed may differ widely between different studies. However, in all deployment scenarios, the costs remain trivial when compared to the size of the fossil-fuel economy. Notably McClellan’s costings do not consider potential savings from drone deliveries—an obvious possibility, considering widespread current deployment of military drones. As GHG levels in the atmosphere rise, more aggressive interventions may be needed. Nevertheless, SRM’s total direct costs remain a negligible proportion of global GDP.
Future deployment of geoengineering technologies may be by commercial firms (
Lockley, 2016a), or by states. Likewise, two models for the future commercial purchase of geoengineering exist—depending on whether states or private actors, are the customers.
The rapid cooling effect of SRM geoengineering is reversible. Therefore, SRM by aerosol manipulation risks ‘termination shock’ if deployment suddenly ceases (
McCusker et al., 2014) – due to the relatively short lifetime of SRM aerosols (
Irvine, 2015). The more sudden the termination of SRM, the greater the risks – as rapid climate change is a direct risk factor for the biosphere (
MacMartin et al., 2014). Such a situation is potentially far more damaging than would be the case if geoengineering had not been commenced. Any security threats to SRM operations may therefore risk dangerous termination shock. The effects of termination shock differ over land and ocean, due to mass transfer in the mixed layer of the surface ocean.
Discussion of SRM in the literature primarily focuses on two scenarios: state provision or regulation (
Ricke et al., 2013); and the rogue philanthropist (
Victor, 2008) (aka ‘Greenfinger’). Some limited discussion of alternative funding models can be found (
Lockley, 2016b) (including the use of SRM for the creation of Voluntary Carbon Offsets (VCOs) (
Lockley, 2016a). Our discussions below are applicable broadly – although we make specific comment on different potential providers, where relevant.
A considerable literature exists, concerning the role of climate change in conflict. This sub-discipline already benefits from broad-reaching systematic reviews (
Hsiang et al., 2013), quantitative historical studies (
Zhang et al., 2007), and analyses which drill down into individual risks (e.g. terrorism) (The CNA Corporation, 2007). The canon encompasses retrospective analysis of conflicts (e.g. Darfur (
United Nations Environment Programme, 2007), Syria (
Gleick, 2014;
Selby et al., 2017), Nigeria (
Sayne, 2011), Somalia (
Maystadt and Ecker, 2014)), and discu-ssion of potential future flashpoints – including consideration of nuclear war (
Scheffran et al., 2016;
Mian, 2016). However, much of the literature is focused on the role of a changing climate on the frequency, likelihood or preconditions for conflict (
Scheffran and Cannaday, 2013;
Scheffran, 2015;
Christiansen, 2016;). Conversely, there has been comparatively little attention given to the risk of direct action (kinetic or otherwise) against climate-relevant infrastructure (save some research on the occasional direct-action civil society protests) (
Schlembach, 2011). Paradoxically, conflict over fossil fuels (
Caselli et al., 2015) is, of course, debated
ad nauseum.
The study of geoengineering is a relatively nascent discipline, and formal reviews have identified significant weaknesses in the scope of extant analysis of the international relations aspects (
Horton and Reynolds, 2016). Nevertheless, links between geoengineering and geopolitics (
Yusoff, 2013;
Dalby, 2015), and between geoengineering and conflict (
Fleming, 2012;
Maas and Scheffran, 2012;
Link et al., 2013), have received attention (notably, this again includes a claimed potential role in triggering nuclear war) (
Robock, 2015). Nevertheless, the specific risk of action (kinetic or otherwise) against geoengineering control systems and institutions; infrastructure; and hardware appears to have been given little, if any, academic attention. That potential flashpoint is the subject of this paper.
Discussion
Below, we extensively discuss hostile actors, threat types and defensive strategies, as relevant to SRM security.
We generally consider only aircraft-delivered SRM operations, while noting that other SRM technologies (Shepherd et al., 2009) and injections methods (
McClellan et al., 2012) are available. However, we make brief mention of some other technologies, where these are particularly relevant. Furthermore, we consider only direct threats to operations – while noting that SRM may trigger wider hostilities, or even counter-geoengineering (the deliberate release of GHGs, in response to an SRM program) (
Nightingale and Cairns, 2014). Issues of wider international relations are beyond the scope of our paper.
To constrain discussions, we consider only security issues relevant specifically to geoengineering. All normal organisations and operations face a range of non-specific threats (petty theft, fraud, hacking, etc.). Airports and airbases additionally have a well-understood range of security issues. Where these are not related to SRM operations, we do not discuss them in depth. Because of the highly heterogeneous combinations of deployment loci, actor identities and geopolitical backgrounds, we eschew formal analysis tools (threat matrices, etc.) which would be cumbersome to generalize so extensively. Instead, we take a discursive approach to the subject.
Threat actors and objectives
We consider a range of actors, with a potential interest in disruption of operations: Civil society protests (including social instability); terrorist groups; and states.
Civil society protests and social instability
Civil society protests are to be expected at the inception of an SRM program – due to the controversial nature of the technology. The extent and nature of these protests are entirely undetermined, with a wide envelope of potential scale and scope. Violence may occur, causing damage with high economic impact (Lancaster and Mulaudzai, 2016). Geoengineering activities have already attracted significant, often site-specific protests – which may have been a causal factor in shutting some down (e.g. SPICE (
Stratospheric Particle Injection for Climate Engineering, 2018)) (
Geoengineering Monitor, 2017). Bases are a natural location to concentrate protests (
Kidron, 2013), but civil society groups often rely on numbers for effective protest. Isolated airbases may be not only difficult to reach, but may also be in locations incapable of practically supporting a sustained protest population: e.g. deserts, etc. Generally, consideration must be given to the political and social stability of countries of operation. A history of successfully managing any locally-common forms of civil protest, without resorting to brittle authoritarianism, is a desirable indicator for location selection.
A threat comparable to direct protest is social instability – considered here as a general disruption to law and order, continuously-functioning government, and the wider economy. This threat is distinct, in that it does not need to be directed at SRM operations to have an effect.
The local political environment is, therefore, a key consideration, in managing both types of threat. Japan, Switzerland, and Canada offer ready examples of major countries with high political stability (
The World Bank, 2015). Nevertheless, none are located well for geophysical purposes (Australia is an obvious alternative, here). Many stable states are better located, but these are typically much smaller geographically and economically, and thus more vulnerable to external influence: Tonga, Mauritius, Kiribati, Macao, etc. Additionally, many are geographically-isolated, which may increase operational costs. The World Bank Index is not a solid proxy for suitability – with e.g. Israel scoring low, despite having an intuitively-capable situation and institutions for enduring strategic operations. The Marsh Country Risk Index (Marsh LLC, 2018) is another useful measure, which offers French Guiana (technically part of France – although in S. America, and notably home to a major spaceport), Chile and Malaysia as countries which combine relatively good location, with relatively low risk. A useful heuristic is to search for countries which (when adjusted for their economy and population) rarely make the global news – a bias to the boring. Notably, political stability indices are likely protective against both capricious governments and restive populations – each of which offers its own profile of threat to SRM operations.
Specific to SRM, it is not unrealistic to expect that protesters may direct their attentions to more accessible targets – such as the political hierarchy, or potentially to supply chain elements (
BBC, 2008). Protests should, therefore, be expected at a variety of locations. However, these are much less likely to become an insurmountable major security issue than they are to remain a political risk. Serious disorder from environmentalists is rare, and organized terrorist violence is virtually unheard of. Nevertheless, the cost of security operations can be high (
Highways England, 1998).
Cyberattacks may be expected as a part of a modern and sustained civil society protest (
Raza, 2016) – although these are likely to lack sophistication. Doxing attacks (i.e. publishing confidential information on personnel, to compromise their privacy or security) (
Quodling, 2015), Distributed Denial of Service (DDoS) (
Kiruthika Devi and Subbulakshmi, 2016), etc. are likely to be the ‘weapon of choice’ – rather than the committed and sophisticated sabotage attempts necessary to materially directly disrupt operations (such as that seen in the Stuxnet attack on Iran) (
Singer, 2015).
Terrorist groups
Terrorism (and, by association, counter-terrorism (
Ugorji, 2017)) lacks precise, agreed definition (
Greene, 2017) – but may include actions by both groups and lone actors (
Pantucci et al., 2015). Terrorists certainly have the means to attack SRM operations. However, it is uncertain whether they possess the will. With exceptions (e.g. animal rights extremists (
ADL, 2016)), modern terrorist groups often seek to act ‘on behalf’ of a race, religious group, or other populace. As a likely prerequisite for such terrorism, SRM would have to be seen (perhaps incorrectly) (
CGG, 2016) as imposing a specific cost on a specific population that is sufficient to prompt such an attack. Of course, a terrorist group seeking to harm a country carrying out SRM operations for reasons unrelated to SRM could elect to attack its geoengineering facilities – but there is no obvious reason why this would be the chosen approach, particularly bearing in mind that the risk of termination shock is borne globally. Furthermore, other targets are far easier to hit – notably concentrations of people in urban landmarks and using public transport infrastructure. As time goes on (and the risk of termination shock thus increases) the likelihood of SRM being selected as a target of opportunity further diminishes – as there becomes an increasing likelihood that whichever group the terrorists claim to ‘represent’ will be harmed in equal measure to the population of the country operating or sponsoring the SRM operations.
However, should SRM be applied in such a way that a particular group could be identified (rightly or wrongly) as significant losers, attack risk may be elevated. Terrorists may be emboldened by the perceived injustice, and perhaps supported (or not actively opposed) by a wider group than may otherwise be the case. One might postulate, for example, a scenario in which North African Arab countries are perceived to be disadvantaged by a US SRM program. This resentment could inflame existing perceived discrimination, leading to disgruntled Arab sympathisers or established terrorist groups selecting SRM infrastructure or operations as a focus for attacks – perhaps as one facet of a wider campaign of hostilities.
Two inevitable facts serve to increase the likelihood of such attacks. First, while there may be a net global benefit from SRM, there will be relative winners and losers – both perceived and real. Secondly, these losses (real or imagined) will not exist in a political vacuum, and thus have the potential to inflame existing tensions (
Nightingale and Cairns, 2014). Accordingly, a comprehensive defense against terrorism may include diplomatic efforts to ensure an equitable global settlement for SRM – including compensating relative or absolute losers.
Finally, it merits note that an extortionist or lone-wolf terrorist may launch or threaten a ‘Dr. Evil’ (New Line Cinema, 1997–2002) style attack on SRM operations – i.e. one conducted with no rational regard to the global negative consequences. Nevertheless, we regard such a scenario as inherently unlikely – the necessary combination of single-point vulnerability and concentrated personal power is almost certain not to exist. However, the above is not true for balloon-and-hose systems, which are particularly vulnerable.
States
In common with terrorist groups, states represent nations and peoples – albeit with acknowledged legitimacy, in most cases (
Thomas, 1999). Accordingly, the same forces that may motivate terrorists to act to redress perceived inequities may also motivate states. However, states differ from terrorists in three obvious ways: They are more identifiable as coherent organisations; ordinarily more accountable to their peoples; and they are generally both more technologically sophisticated and economically capable. States are thus generally more able to muster the means for an effective attack; and yet they are generally more constrained in their practical ability to launch one (militarily, diplomatically, and politically) – as a result of their ability to suffer consequences in a backlash (sanctions, retaliatory strikes, etc.). This leads to a bifurcation into two potential types of state threat. First, an overtly-attacking state must be in a position of great strength (or great desperation). Secondly, even a weak state may be capable of mounting a covert operation, disguised as terrorism. Indeed, there is generally a fairly blurred line between state action and terrorism – with recent examples including Iran’s Hezbollah (
US Department of State, 2016) proxy and Russian ‘volunteers’ or ‘little green men’ (
Shevchenko, 2014) in Ukraine. Multiple branches of a state may be capable of engaging in such actions (
Kibbe, 2007), which may be carried out in contravention of the aggressor’s domestic law prohibiting such actions (
Kibbe, 2012).
Threat timings
The nature of an SRM program is such that, once incepted, it is difficult and disruptive to unwind quickly. This is largely due to the real risk of termination shock, but also because of the increasing operational and organisational robustness that comes from full establishment. Additionally, ongoing acquiescence to any given program tends to ultimately morph into tacit permission – which constitutes one form of social licensing process (as opposed to e.g. an explicit treaty). These issues make the start point of the program an obvious time for a threat to manifest itself. After a decade or so, the risk of termination shock is likely to outweigh any benefit to an opponent – even a disadvantaged one. However, it is not sufficient to assume rational behavior in this regard – and ongoing vigilance would be required. If the perception took hold (falsely or otherwise) that SRM was not a public good (
Morrow, 2014), then it may be seen simply as a high-profile and relatively soft target. In such circumstances, an opportunistic attack could result in significant environmental and economic damage, and a major public victory for the attackers (albeit perhaps a Pyric one). If, for example, a full-scale SRM program was deployed by balloon (
Robock et al., 2009), its total destruction could be relatively easily achieved (by any moderately competent attacker able to gain access to the tether ground point). N.B. Security is one strong counter-argument against balloon-and-hose systems, unless they are built with significant overcapacity and redundancy.
Weather events blamed on SRM, or unrelated geopolitical matters, may similarly serve to trigger tensions to erupt. One later-stage attack scenario would involve geoengineering as a flashpoint to an existing geopolitical crisis. The idea that SRM is ‘being done to us’ could offer a lightning rod to existing concerns – as it may well be perceived as a violation of sovereignty, particularly to a state perceiving itself as a ‘loser’ (correctly or otherwise) (
Whyte, 2012).
Furthermore, there is always a residual long-term risk of an isolated individual launching a cyberattack or terrorist operation – despite the risk of termination shock, and a lack of support from a wider community. Anders Breivik (Biography.com Editors, 2014) and the Unabomber (Biography.com Editors, 2017) are examples of such threats, which came largely as a surprise. Due to the potential irrationality or deliberate destructiveness of such attacks, there is no time horizon after which the threat from such individuals can be entirely discounted.
Threat loci
SRM has, by its nature, an extended supply chain. Unless carried out in an end-to-end secure environment (e.g. by the military), unsophisticated attacks are possible at a range of locations in the supply chain. Such attacks potentially include vulnerable, unconventional and highly-personal targets (
Ward and Morris, 2006) – including worker’s families. While militarisation of SRM has been discussed (
Nightingale and Cairns, 2014), civilian models for operation have also been considered (
Lockley, 2016). It should be noted that modern state functions are frequently outsourced to private firms, which may be far less secure than equivalent military-led counterpart operations. Pilots and staff (or their families); ground facilities and airstrips; aircraft; and logistics for fuel, spares, and the chemicals supply chain are all possible targets.
Airports and airbases tend to be reasonably secure locations, but the extended nature of the supply chain means that security is often difficult outside of the base. Personnel can, in extremis, be housed in secure acco-mmodation – leading to a quasi-military environment. Supply chains are difficult to secure generally, unless logistics are exclusively by air, sea, or by protected road convoys. The cost of securing supply chains can be disproportionate to the cost of launching attacks. For example, occasional small arms fire can be enough to mandate permanent use of armoured vehicles and armed escorts. Even unarmed protestors can easily damage or obstruct vehicles, leading to severe disruption (
Smith, 2015). Likewise, most suppliers will not have the preparations to enable any serious defense against targeted physical or cyber threats, and particularly those directed against staff. In extremis, a long-term pattern of attacks could mandate the construction of a secure supply chain – raising costs enormously.
Non-military aircraft in flight are, in principle, vulnerable. However, the range of threats is limited. Aircraft are generally reasonably well-protected against cyber attack (although successful attacks are not unknown (
Norman, 2011)), and the range of possible actors capable of launching a kinetic attack on airborne aircraft is limited by the technological sophistication required (even man-portable guided air-defense systems are not commonly available to non-state actors). Furthermore, this technological sophistication makes tracing the hostile actor inherently easier than tracing a ground attack – thus tending to force any attack ‘into the open’. This makes missile attacks on flying aircraft an option open only to desperate or powerful states. Nevertheless, even a one-off attack of this nature would be a clear act of escalation, which may serve an important political signaling purpose. Such a scenario could perhaps be most easily be envisaged were a less powerful state (e.g. Bangladesh) to attempt to geoengineer in defiance of a superpower.
There is, nevertheless, a potential threat to airborne aircraft from readily-available (and hence untraceable) simple weapons – but only when fired from close to the airbase. Commonly-available man-portable weapons, such as machine guns and RPGs, are only effective at very short range. Accordingly, keeping a significant secure zone beyond the runway is helpful in ensuring such attacks cannot be mounted. More sophisticated weapon systems, such as the SA-18 Igla, are much less widely available – and run a high risk of being traced to an attacking state.
Threat types
We consider a range of threat types: Kinetic attack; cyber attack; and civil protest. We consider (where appropriate) effectiveness, cost, likelihood, actors, and other criteria. The degree to which these threats are likely, or effective, will change according to the precise nature of the program’s engineering choices – e.g. aerostats vs. planes, or MCB boats vs. SAI. Therefore, our analysis should not be seen as binding or definitive.
Before discussing individual threat types in detail, it is worth considering the purpose of any attack. This may range from a simple protest – without serious attempts at disruption. Examples could include firing warning shots, or the symbolic destruction of non-critical assets (e.g. flagpoles). The next escalation would be an attack designed to cause temporary or symbolic loss of capability, so as to fully demonstrate destructive power – e.g. downing a single aircraft. Finally, an attack may involve the complete destruction of capacity, necessitating a comprehensive rebuild. This could include a simultaneous cyber-hijack of all aircraft (forcing them to crash), or simultaneous intensive bombing of all airbases and factories.
In all likelihood, any tactical attack would likely be backed up by a diplomatic strategy. Save for a willingness to engage in either repeated military action or an enduring military occupation, it would be unlikely that any determined geoengineering program could be permanently halted by hostile action. A country facing annihilation from rising seas would potentially be very determined in its efforts – and would likely garner considerable external support against an aggressor. Any attack is therefore likely to have the threefold aims of temporary interruption; an increase to cost and risk for the geoengineering country; and an attempt to force negotiations (either directly, or via a ‘good cop’ proxy nation).
Kinetic attack
The most obvious form of attack is kinetic – from bullets, bombs, missiles, etc. In principle, this threat type is serious – but a swift analysis of the likely behavior of potential hostile actors suggests that it is perhaps less probably than may be intuitively expected. Nevertheless, it is worth exploring the range of options open to a potential attacker. Airbases can potentially be directly attacked. However, they are likely to be located in friendly territory – typically beyond the range of naval guns. Accordingly, airstrikes (from planes or cruise missiles), or a clandestine/special forces attack are likely to be the only options. An airstrike would be such a provocative act that it would be likely only as an option for the most powerful actors (e.g. a superpower), or a desperate state facing a perceived existential threat.
A clandestine attack could be used against an airbase, and indeed terrorist/special forces (
Winterman, 2011) attacks are typically considered a significant risk to airbases – which have long perimeters, low occupancy levels, and distributed assets within. However, there are other options for such an attack, which incur far less risk to the attacker – albeit lacking the spectacular nature of an airbase attack. The supply chain is the most obvious place to launch a kinetic attack – with road transport and civilian suppliers being particularly vulnerable.
Airborne aircraft are in principle vulnerable– particularly considering that practical flight plans will likely cross national borders or international waters, as injection patterns must straddle the equator (
Kravitz et al., 2017), or be close to it (
Kleinschmitt et al., 2018). It is unlikely that the tanker-type aircraft needed would be able to conduct any credible defense against kinetic attack, save for anti-missile systems (
Staff, 2015). However, any attack may have to be carried out relatively close to the airbase – as the planes would be extremely high-flying (
McClellan et al., 2012) (albeit perhaps for only part of their flight). Only the most capable ground-to-air or air-to-air systems would be capable of hitting them at operational altitude. Nevertheless, the regular flight locations and plans make airbase locations relatively vulnerable to shoulder-launched missiles (
Millar, 2003). However, as discussed before capable missiles are likely to be traceable, as they are not widely available (
Crile, 2007) – although attack attribution may not be without some degree of wriggle-room (
Miller, 2016). The potentially limited geographic range needed for distribution means that air operations could be carried out entirely within ‘friendly’ territory – thus making a kinetic operation against aircraft essentially limited to an overt and risky military attack. The only exception to this near-invulnerability within friendly territory is a potential low-tech attack on or near the ground (which is predicated on close access, and therefore on poor base security).
Cyberattack
Cyberwarfare has been defined as “actions by a nation-state to penetrate another nation’s computers or networks for the purposes of causing damage or disruption” (
Clarke, 2010). However, alternative definitions exist – which may be broader in scope (
Arquilla, 1999). A range of different potential cyberattacks may be conducted. Examples include hijacking industrial controls, to execute the physical destruction of a system (
Kelley, 2013); or less direct forms of attack, such as deletion of data or leaking of sensitive information. Personnel can also be attacked by means of doxing, if identification poses a risk to them.
Cyberattacks are a threat type available to a wide range of actors. Potentially all parties have access to cyberattack capabilities – from a lone-wolf activist or blackmailer, right up to a nation state (
BBC News, 2007). The advantages of a cyberattack are myriad. Often inexpensive, they can be assembled and conducted in a clandestine fashion. The identity of the actors may be unknown – even after the event (
Kelley, 2013). Furthermore, cyberwarfare even offers the opportunity to disguise the fact of the attack. For example, a plane can potentially be forced to crash (
AFB, 2015) – but with the cause of the crash potentially disguised to look like an unrelated problem. This gives an attacker a substantial advantage when it comes to prolonging their capability to launch attacks.
Civil protest
Civil protest is multifaceted. It can manifest itself as lawful political and media campaigning; through disruptive but lawful public protests; up to significant or violent civil unrest (
Schock, 2013;
BBC News, 2000). The extent of this spectrum, and the range of possible actors and targets, are at the core of the difficulty of tackling this challenge. While it is not within the scope of this paper to address the ‘threat’ from political campaigning, we seek to address other aspects. Physical methods typical of civil protest include pickets, blockades, and (in some cases) rioting. This can raise security costs (
Serck, 2016), disrupt operations, trigger the withdrawal of suppliers, and severely intimidate personnel. One possible solution to the risks of civil protest is to move facilities to remote locations, but that may simply divert the threat further up the supply chain. As with other physical threats, the road transport supply lines to airbases are a key vulnerability (
Wilson, 2010). Unlike with kinetic threats, civil protests are likely to be concentrated at the gate – this being a prominent focus for pickets, protests and demonstrations. Civil protest typically aims to be as open and confrontational as possible, and the gate (or headquarters) provides the most obvious focus for this. The boundaries between civil environmental protest and criminality/terrorism are sometimes blurred (
Maas et al., 2013). Additionally, the most capable civil protest groups are potentially able to launch sophisticated cyberattacks on operations, and others can deploy more basic cyberattacks on personnel (
Quodling, 2015). Such supplementary attacks can be expected to be both synchronous and asynchronous with protests.
State vs private contractors
The use of private contractors is common as a way of discharging the responsibilities of a modern state. In such a situation, applied to SRM, it is to be expected that a contractor (if overtly employed) would have the full blessing and protection of the commissioning state. Indeed, a full operational and legal model exists from the military: Contractors on Deployed Operations (CONDO) (
Moore and Antill, 2011). However, an alternative model exists – where private firms are fully responsible for the SRM process, and the state is uninvolved. The result of the latter relationship may be that the state’s protection is supplied reluctantly, or not at all. For example, the responses of states to the threat of piracy on the high seas differ markedly – with the US offering an entirely uncompromising approach (
Sheikh and Guled, 2009), as distinct from that of other flags. The degree to which a private SRM operator can expect security protection from the state depends on a range of factors, such as legality, personal connections to power brokers, physical location, etc. A detailed case-by-case evaluation would be needed, before conclusions could be drawn.
Legal protection
As a novel activity, it is possible that SRM may be subject to a range of legal challenges and uncertainties. While not a security threat as such, any doubts regarding the lawfulness of SRM offers an opportunity for cover for attacks – whether legitimate or otherwise. Similar doubts about the lawfulness of operations have been used by opponents of conventional (
O’Shaughnessy, 1996) and nuclear weapons (
Schlosser, 2015) to mount kinetic attacks on these systems. Furthermore, legal uncertainty may result in dithering by the state– under whose protection the SRM operation supposedly lies.
Ocean operation
One option for SRM operations is to host them at sea. Indeed, there is a precedent for controversial processes being conducted in international waters (
Organisation for the Prohibition of Chemical Weapons, 2016). This approach renders the operation far more secure against civil protest or terrorism than would a land-based operation. However, unless conducted from a fully-protected military aircraft carrier (at great expense), the ability of states to move military assets freely into the theater of operations means that providing military security potentially becomes much more difficult – with submarine threats particularly difficult to anticipate, prevent or react to. Furthermore, the range of aircraft available for carrier-borne operations are greatly restricted – and special aircraft types may need to be developed to support this approach. A compromise strategy may be the conduct of operations from isolated island airbases (which are akin to large, moored aircraft carriers) – such as Diego Garcia or Ascension Island. The former offers a convenient, near-equatorial location (7 degrees south) – allowing access to both Northern and Southern hemispheres. An additional benefit of islands is that they have exclusive littoral rights – as distinct from carriers, which lack such a legal perimeter. They are also generally invulnerable to deniable submarine attacks; any submarine-launched cruise missiles are likely to leave identifiable fragments. Overall, ocean islands are therefore very attractive places to locate SRM operations.
One advantage of ocean operations is that location can be precisely controlled – set purely by scientific means, rather than working around the political and logistical considerations necessary when locating airbases. This has the potential to reduce flight times, and potentially chemical usage – thus controlling operating costs and (by reducing aircraft numbers) also capital costs. Accordingly, this offers a trade-off with the increased costs associated with ocean operations.
A brief mention is merited here of Marine Cloud Brightening (MCB) – although this is not generally the subject of this paper, it is taken seriously as an SRM technique. This may be carried out by autonomous drone ships, which can operate using renewable energy for extended periods of time (
Shepherd, 2009). This approach gives a range of inherent security advantages. The use of a large fleet of small ships means that a very comprehensive operation would be needed to destroy or disable them using kinetic operation, once they were deployed. Even finding and accessing them in a large ocean theater of operations would be very challenging. This strategy therefore, appears to offer inherent security advantages. However, there are also inherent disadvantages. The ships themselves are highly vulnerable to kinetic attack – unless designed with armour, a suite of sensors, and perhaps defensive weaponry that would dramatically increase their cost. Additionally, the use of a fully-autonomous system leaves a degree of vulnerability to cyberattack inherent– unless the ships were not subject to any direct remote control, or other remote systems access (an unlikely scenario). A variety of strategies are available to a potential cyber-attacker. Vessels could be programmed to ram each other; reverse their bilge pumps, causing them to sink; maneuver into storms or ice floes; shut down; falsely report activity and position; etc. One downside of marine cloud brightening is that termination shock would onset in a matter of days, should the system be interrupted – although this would be buffered by the ocean’s heat capacity and mixing.
Defensive strategies
We consider the following defensive strategies: Redundancy; heterogeneity; overcapacity; inventory depth; logistics hardening; operation shrinkage; covert operations; cyber security; (counter) intelligence; physical security; and multilateralism.
Redundancy
Redundancy through replication is key to ensuring resilience – removing single points of failure. Balloon-and-hose systems are particularly vulnerable, in this regard – inherently being singular or few in number, and being of a highly-specialized type (i.e. one with replicated vulnerabilities). Even the provision of multiple entrance gates to an airbase is an important strategy to improve resistance to a variety of attacks (ambush; civil protest; sniping; etc.). The location of airbases in a globally distributed manner is likely to make good sense from an operational point of view, regardless of any security risk. Floods, storms, and civil disruption are a potential issue regardless of location – and a more distributed strategy engenders resilience (a doctrine known as ‘Force Dispersal’ (
Dunnigan, 2003)). When added to this mix, security concerns add an additional reason to remove any single points of failure. Moreover, the benefit of having distributed airbases adds more security value than might perhaps be assumed – as air assets can potentially be redistributed at short notice.
Heterogeneity
An aspect of redundancy that can be regarded as a separate defensive strategy is heterogeneity. A distribution system that relies on any one technology, item of equipment, etc. has an inherent vulnerability. Security threats affecting one necessarily affect all – and this extends to more mundane issues, such as safety recalls.
Overcapacity
Beyond the strategy of reducing the presence of single points of failure, there is an additional need for a generalized overcapacity and/or redundancy (
Liu et al., 2013) at most or all points in the system. Each system stage should ideally be operating at well below capacity. This helps to guarantee operational integrity in the face of a wide variety of issues – including security threats. There is both a direct and indirect (deterrent) effect in this regard. Any single points of failure are inherently vulnerable to an attack – risking the whole program. Furthermore, the presence of obvious redundant overcapacity makes hostile operations much less appealing – as even a successful attack may have little or no operational impact. For optimal results, a redundancy strategy should consider a variety of macroscopic geo-political threats. For example, locating airbases in countries with a range of political affiliations and economic situations may be helpful. For example, it is unlikely that South Korea, Cuba and Saudi Arabia will all experience closely-aligned economic, social and political shocks at the same time. Nevertheless, the selection of unstable countries is unlikely to be beneficial.
Inventory depth and resilience
The attractiveness of any attack tends to be influenced by the ability of such an attack to cause disruption and disablement of operations. Conducting an attack, especially on a long and poorly-defended supply chain, is likely to be relatively easy. However, sustaining any such an attack is likely to be difficult – as defenders can readily adapt to repetitious attacks. Accordingly, inventory depth (
Lyons, 2014) and site resilience are key to sustaining operations. Strategies for achieving this are relatively simple. The most basic is keeping adequate supplies of fuel, spares and chemicals on deployment sites to ‘ride out’ an extended period of supply disruption – possibly of the order of years, for less readily-available inventory. Likewise, utility resources can be made resilient by the use of renewable site power, water boreholes, etc. Furthermore, the ability to house pilots and other essential personnel on site for extended periods of time not only adds resilience generally but also particularly reduces vulnerability to unsophisticated attacks. In addition, further resilience can be added in more imaginative ways: Simplifying inventories, to reduce the range of items needing to be held; and having the capacity to improvise repairs using a machine shop or 3D printer, rather than waiting for deliveries. A tension exists between the benefits of reduced inventory complexity and the need to avoid homogeneity of equipment (for both type-approval and security reasons).
Logistics hardening
Extended or convoluted supply lines are vulnerable to a wide range of attacks from diverse actors (
Bichou et al., 2013;
Bichou et al., 2014). Additionally, they may experience an associated multitude of non-adversarial threats – resistance to which may be classed as resilience (
Lam and Dai, 2015), as opposed to security. Accordingly, minimising the use of road transport offers both a strategic and tactical advantage. The main bulk supplies to an airbase, other than utilities, are fuel and chemicals. Major airports already benefit from pipelined fuel supplies, and similar facilities can be developed for importing chemicals (although sulfur needs to be melted for pipeline transport, or transported as a powder or compound). Buried pipelines are hard to trace and attack, and multiple filling points give redundancy. In extremis, supplies can be airlifted in. Notably, MCB does not rely on continual supplies of materials or (potentially) even fuel.
Operational shrinkage
Smaller operations give a smaller attack surface (
Manadhata and Wing, 2004). For example, the use of drones will remove risks posed to and by aircrew. (Paradoxically, however, the freedom to attack without casualties may greatly reduce the political, legal and ethical hurdle for an attacker.) Likewise, the use of pre-programmed or artificial-intelligence-controlled flight routes will reduce the risks posed by communications jamming or hacking. Development of technologies that require lower chemical fluxes, fewer flights, etc. all give opportunities to further reduce the attack surface.
Covert or confidential operations
Covert operations (
Daugherty, 2010;
Downes and Lilley, 2010) are an established tool of warfare. There is no need for SRM operations to be overt. Aircraft used can be mingled with conventional traffic, and can use markings and flightpaths that do not serve to distinguish them. Furthermore, supply chains can be mixed up with a range of unrelated logistics flows – especially for non-bulk inventory, such as parts. This makes it not only more difficult to launch an attack, but also less fruitful. For example, destruction of a mixed load of road cargo would only result in a small amount of damage to an SRM operation. Any lack of dedication in operations greatly raises the risks of collateral damage – potentially alienating otherwise supportive or neutral factions, in the event of an attack. Consider, for example, the (flawed) suggestion of attaching SRM equipment to airliners (
Laakso et al., 2012) (not in itself covert). Such a policy would greatly raise the stakes for any attacker – as can be seen from the tremendous difficulties that accidental ‘shoot downs’ cause for even the greatest powers (
Kuypers et al., 1994).
One approach to making operations covert is to adapt the military principle of ‘shoot and scoot’ (US
Army, 2014). In principle, an SRM aircraft can land at any ordinary airport. It can quickly be resupplied and relaunched, with a new crew if needed. In such a model, there is no ‘base’ of operations to attack. This style of operations may have a range of operational advantages, as well as reducing vulnerabilities to certain types of attack. For example, the ability to adapt flight plans to use inexpensive landing slots; and the potential cost savings available from avoiding the need for a permanent base. However, civilian airports are unlikely to accept any significantly increased security threat – which SRM operations may bring.
It is notable that covert operations can feed mistrust and conspiracy theories – as is abundantly evident from the persistent “chemtrails” conspiracy theory (
Bakalaki, 2016;
Cairns, 2016). There remains a significant difference between a program which is fully secret in nature, and one that is simply restricted in terms of operational detail. The latter is good practice, the former is unlikely to be sustainable in the long run. Governments are not good at keeping large-scale operations secret for long periods (
Fenster, 2014).
Cybersecurity
Inevitably, providing a proper program of cybersecurity management (
Kohnke et al., 2016) a necessary, but not sufficient, security response. Most cybersecurity comes down to simple good practice: ensuring mission-critical systems (e.g. avionics, process control (
Macaulay and Singer, 2011;
Instrumentation.co.za, 2007)) are kept separate from peripheral IT assets (e.g. website hosting); ensuring software is patched properly; firewall and anti-virus implementation; training staff on good security discipline; and (in extremis) air-gapping (
Zetter, 2014) (completely disconnecting mission-critical IT from the wider internet). Nevertheless, it must be recognized that cybersecurity does not exist in isolation from other threats. A cyberattack (e.g. a leak of personnel files) may be the precursor to another attack type (e.g. kinetic attack, such as an assassination). In the case of more sophisticated cyberattacks (e.g. those with state sponsorship, or similar resourcing), a more sophisticated response is potentially required (e.g. a counterattack). Such interventions are outside the scope of this paper. Again, it must be recognized that the supply chain must be considered as carefully as the core operation.
Intelligence and counter intelligence
The major classes of intelligence (
Keegan, 2003) are HUMINT (human sources – e.g. spies), IMINT (imaging intelligence – e.g. photography) and SIGINT (signals – e.g. phone taps). These are supplemented by other sources, such as OSINT (open source intelligence – e.g. websites), MASINT (measurement and signature intelligence – e.g. passive infrared detectors) and TECHINT (technical intelligence, e.g. weapon ranges). As should be obvious from the above, intelligence is a broad field – and generally beyond the scope of this paper. Nevertheless, briefly listing a few techniques is helpful in guiding further consideration of the subject.
Counter-intelligence (
Prunckun, 2012) measures are an important way to deny an enemy the opportunity to mount an attack. Examples include:
a.Hide-from-view screens (IMINT). Simply obscuring bases from direct view helps prevent enemy imaging. This can, for example, prevent identification of personnel and targeting of weapons. The use of camouflage and decoys is a related technique.
b.Pseudo-random timetables (various). Regular operations allow predictability for an attacker. Preventing this prediction using randomness can help disrupt attack plans.
c.Concealing countermeasures (TECHINT, others as applicable). For example, keeping secret the existence of anti-missile Electronic Countermeasures (ECM) systems on aircraft.
d.Screening (HUMINT). Carefully screening operational personnel to ensure they do not pose a risk, either to operations (
Sawer, 2015) or to security (
Evans, 2015) is critical. Elimination of unnecessary job roles may be a superior approach to improved screening. Even designing-out the need for support staff (caterers, cleaners, etc.) can improve security, by reducing the attack surface.
e.Non-disclosure (OSINT). Placing unnecessary information into the public domain may result in an increased risk of attack. For example, listing staff names, building addresses, etc. leaves a trail of evidence that can be used to inform an attack.
Active intelligence operations may be incorporated into all SRM operations, as an essential part of security. In the case of civil protest, intelligence examples (provided for illustration, not as recommendation) include:
a.Infiltration of protest groups (HUMINT). This can be as simple as turning up to public meetings, or befriending/bribing sources.
b.Monitoring base perimeter (MASINT). For example, tracking the presence of mobile phones outside the base; using passive infrared detectors to detect intrusion attempts.
c.Photographing demonstrators (IMINT).
d.Perimeter-setting (TECHINT). Setting base perimeters to ensure that aircraft are clear of locally-available weapons.
e.Monitoring protestor communications (SIGINT/OSINT).
f.Monitoring protest group websites and general press activity (OSINT).
It should be borne in mind that, while passive counter-intelligence is routine, the same cannot be said for active intelligence gathering. Intelligence gathering on civil society is especially controversial – and the more invasive types are especially seen as being problematic. For example, CCTV on a base perimeter would widely be seen as reasonable – whereas trailing or bugging demonstrators is likely to be seen as far more controversial. General recommendations on intelligence gathering cannot realistically be made in the absence of an understanding of the particular threat landscape faced by an operator. As a final note, there is also the issue of public relations. If overt or suspected intelligence and counter-intelligence activities are seen as being a sign of imperiousness, then they may galvanise protest. Comparably, the arguable militarisation of policing is not without controversy and detraction (
Hall and Coyne, 2013).
Physical defense
Physical defense must match the threat type. The less sophisticated the threat, the simpler the defenses capable of providing resistance. The simplest passive defenses (fences, walls etc.) are among the most effective, offering good protection against a range of intelligence and kinetic threats. While operations may be conducted from civil airports (which have their own security literature and processes (
Sweet, 2009)), the use of military airfields or dedicated geoengineering airbases offer a general step up in security (at least in peacetime, in the case of military airfields). It is sensible to locate bases in areas that are both military secure (e.g. out of the range of naval guns), and sufficiently remote to be able to be easily screened from disruptive civil protest. As discussed earlier, the lower-sophistication attacks are the larger risk, and therefore a basic but robust defensive strategy is sensible. In general, the larger the area controlled around the airbase’s operational core, the harder it is to effectively attack. A larger area means concentric fences can be used to increase security. Additionally, targeting basic weapons becomes far more difficult at increasing range. The need for physical defense may extend up the supply chain – which can be vastly more complex and expensive than securing a single site.
Depending on the degree of threat, and the degree of militarisation deemed acceptable, a range of active defenses may be used. These could conceivably include both ECM systems (e.g. communication jammers) and kinetic systems. Surface kinetic defenses may include anti-missile missile systems, such as Iron Dome; and gun systems, such as Goalkeeper and Phalanx (guns ordinarily cannot be deployed near civilians, due to the risk of collateral damage). Operation from existing military bases makes such defenses available, without additional expense or policy concerns. Aircraft themselves can potentially carry jammers and flares, to confound inbound missiles. It is even conceivable that aircraft could be armed with air-to-air missiles, but this would serve to militarise the program. Any ship-borne operations may additionally have to monitor and defend against the threat from submarines – the existence of which would make operating within a military battle group essential.
A comment on multilateralism
Multilateralism’s central principle is the “opposition [of] bilateral discriminatory arrangements that were believed to enhance the leverage of the powerful over the weak and to increase international conflict” (
Kahler, 1992). Perhaps the most effective defense to a range of threats is a consensual, multilateral process. The more individuals, countries and groups feel that they are represented within the decision-making process (analogous both to procedural justice (
Hough et al., 2013) and representative government (
Barker, 2013)), the more that they are likely to feel they are best served by working with the decision-making system, rather than against it – they will tend to see provision of SRM as a public good, even if benefits are not homogeneous or even universal (as opposed to disruption of rogue SRM itself being seen as a public good). The distribution of operations, and of decision-making, across a range of actor countries may be the best way to demonstrate that communities around the world feel that they are ‘part of the process’ – be that through political or economic involvement. This bears comparison to a ‘coalition of the willing’ (
Baum, M A, 2013;
Johns and Davies, 2014). This may not be the least-cost option; and may increase the theoretical attack surface, albeit while generally improving redundancy. Nevertheless, the effect in defusing opposition may yield disproportionate benefits. Furthermore, the broader the coalition, the more powerful their collective military forces. Nevertheless, this approach is not without potential pitfalls, and a power bloc may emerge that can impose its will on others (
Ricke et al., 2010). Appropriate institutional architectures for controlling the issues arising from this ‘free driver’ problem have been considered by other authors (
Weitzman, 2015). While noting the importance of effective governance mechanisms, we note the broad scope of such investigation, and its active investigation by other authors. Accordingly, it falls generally outside the scope of this work.
Conclusions
We discuss a range of threat types, actors and vulnerabilities. While it is impossible to predict with certainty the security threats to SRM operations, we nevertheless make the following broad-brush observations:
We consider the threat type risks as follows:
a.Civil protest is almost inevitable – but is unlikely to pose any lasting material threat to SRM operations. It may, however, greatly increase operational difficulties and costs – especially around logistics. Furthermore, it opens operations to additional political pressure. Societal unrest is an overlapping, but indirect threat – which invites simultaneous scrutiny.
b.Overt military attacks on airbases or aircraft are possible, although unlikely. While the airbases and aircraft themselves may be vulnerable in principle, they are protected by the envelope of security offered by the state. The doctrine on non-aggression offers significant protection – and even powerful states are generally unwilling to carry out overt military attacks, especially on other capable states. Even private companies conducting SRM would reasonably expect to operate within the general envelope of a state’s military security. The only likely attack scenario is a superpower aiming to ‘teach a lesson’ to a far less powerful state, which is permitting or conducting operations in ongoing defiance of the more powerful state’s wishes.
c.Cyber attacks are highly likely, to the point of being inevitable. The key uncertainty is the degree of sophistication. While DDoS attacks, website hacking, etc. are to be expected, they are largely inconsequential. By contrast, process attacks (causing aircraft to crash, chemicals to leak, etc.) are far more serious. A lone wolf hacker, or protest group, may be capable of mounting such an attack. However, it is far more likely that such a sophisticated attack will come covertly from a state – or a party with similar resources. A robust program of cyber defense is therefore necessary throughout the supply chain.
d.Covert kinetic attacks – whether from quasi-terrorist groups, or from states – are a serious risk. The less sophisticated the attack, the better the cover offered by a wide range of potential culprits – making simpler attacks far more likely. Accordingly, physical and intelligence defenses should be concentrated on the simplest threats: small arms fire, arson, etc.
We consider the threat locus risks as follows:
a.Aircraft in flight have the least risk, in totality. They are, however, highly vulnerable to a determined military attack – should one occur. Good base security, and a large perimeter area will help prevent unsophisticated attacks on aircraft that are on or near the ground.
b.Bases and ground operations are somewhat vulnerable to kinetic attack; but are far more likely to experience low-grade attacks from civil protestors, such as blockades. Military bases have existing general defenses.
c.By far the greatest weakness is the supply chain, which necessarily includes chemicals, fuel, personnel and spares. This chain can be hit at any point by civil protestors, clandestine kinetic attackers, or cyberattacks. While supply chain attacks may not cause a lasting service outage, they are nevertheless likely to cause very large cost increases and operational disruption. However, such attacks may lack the aesthetics and newsworthy nature of a direct attack on SRM-specific bases, aircraft, etc.
We analyze threat timings, concluding that the vulnerability is greatly elevated in the early stages of operation. Accordingly, an uneventful launch bodes well for a future free of attacks.
Nevertheless, we recommend the following defensive measures for SRM operations generally:
a.Basic physical security – ensuring bases and overt supply chain elements are given at least a minimum level of physical security. Relative remoteness (e.g. in deserts or on islands) and a politically-stable environment of operation offer significant advantages. An alternative strategy is to distribute operations widely throughout existing civilian infrastructure – diluting the value of any one target (this relies on the acquiescence of civil airport operators).
b.Redundant operations – replicating capacity in a number of locations, and with excess resources. This redundancy should be designed to ensure that similar threats do not tend to impact multiple assets at the same time. For this reason, we caution against the use of balloon-and-hose systems, particularly those with limited redundancy.
c.Heterogeneous operations – a heterogeneous supply chain should be used, ensuring that destruction or unavailability of materials, spares, etc. (or non-hostile safety and manufacturing issues) impact only a portion of operations. Combined with redundancy, this will prevent even a catastrophic loss of capability in one division, firm or system from reducing total capacity below a threshold level.
d.Resilient operations – for example: ensuring operations are sited in low-risk countries; that airbases are well stocked and capable of operating with disrupted logistics or access for extended periods of time; using well-proven equipment; selecting easily-defensible bases.
e.Cybersecurity – a generally vigilant approach to cybersecurity; in particular, ensuring that operational systems are appropriately separated (air-gapped) from publicly-accessible or peripheral systems.
f.Attack surface reduction – minimising the complexity of the operational program, to reduce the extent of the attack surface (e.g. using fewer flights) and the potential range of attacks that can be mounted (e.g. by switching pilots for drones).
g.Confidential, flexible operations – limiting the dissemination or predictability of information concerning operation greatly reduces the attack surface. Releasing flight times, supply schedules and personnel information (or allowing them to be observed or predicted) will greatly aid potential attackers.
Notwithstanding the above, we note that the best defense to all attacks is likely to be an inclusive, just, transparent and fair decision-making process. This reduces or removes incentives to attack.
The Author(s) 2019. This article is published with open access at link.springer.com and journal.hep.com.cn
PDF
(205KB)
