BASIC consideration of Trident subs' vulnerability to cyber-attacks
The report is co-authored by Paul Ingram, Executive Director, BASIC and Stanislav Abaimov, PhD researcher in Cyber Security and Electronic Engineering in the University of Rome, Tor Vergata. It considers the growing potential for a cyber-attack on the UK’s operational Vanguard submarines, which are armed with nuclear-tipped Trident II D-5 ballistic missiles, whilst highlighting some of the implications for strategic stability.
The report summary states that: 'A successful attack could neutralise operations, lead to loss of life, defeat or perhaps even the catastrophic exchange of nuclear warheads (directly or indirectly). But the very possibility of cyber-attack and the growing capability to launch them against SSBNs, could have a severe impact upon the confidence of maintaining an assured second-strike capability and therefore on strategic stability between states. Recent suggestions that the fleet is vulnerable have sometimes been met with complacency and claims that the isolated ‘air-gapped’ systems cannot be penetrated. Whilst we recognise that it is important not to be alarmist, these claims are false.
'The challenge of maintaining covert and secure patrols under reliable operational control is of utmost importance to an effective nuclear deterrence posture based upon submarines. The continuous and rapid development of new cyber technologies will inevitably result in some loss of confidence in future patrols, with negative results on strategic stability. It is crystal clear that the highest level of priority must be given to cyber protection at every stage in the construction of the UK’s Dreadnought class, across the whole supply chain, if the UK is to contain this hit on confidence. This will inevitably have major implications for the programme budget, with uncertain success.'
Earlier this year, there were reports that a missile test conducted off the coast of Florida malfunctioned. Britain's Trident submarines may also be susceptible to the WannaCry worm, which attacked and affected 300,000 computers worldwide last month, including those within the NHS services, as it uses the same Windows XP software relied upon by the NHS. The report's authors believe it would cost the government several billions of pounds over the next 15 years to improve Trident cyber security.
Lord Browne of Ladyton, former Secretary of State for Defence (2006-8) and Vice-Chairman of the Nuclear Threat Initiative in Washington DC said: “The WannaCry worm attack earlier this month affecting 300,000 computers worldwide, including vital NHS services, was just a taste of what is possible when cyber-weapons are stolen.
"To imagine that critical digital systems at the heart of nuclear weapon systems are somehow immune or can be confidently protected by dedicated teams of network managers is to be irresponsibly complacent. When states invest hundreds of billions of dollars in offensive nuclear weapon systems, the incentives are there amongst adversaries to develop capabilities that could neutralise that threat. Leading states are now investing billions of dollars in their offensive cyber capabilities, degrading confidence in the effect of those nuclear weapon systems, in the strategic balance and crisis management. This report assesses those vulnerabilities.”
