In a war with cyber attackers, just how vulnerable is Trident?
A report released earlier this year suggests that there are major vulnerabilities that could be exploited by hackers to render the UK’s nuclear missile equipped Trident submarines useless, or worse. Could that be true, and if so what can be done? Dr Gareth Evans reports.
“Ooops, your files have been encrypted!” With that simple message in May came untold misery for personal users, huge disruption for businesses and near chaos for the UK National Health Service. However, bad though the fall-out of the recent WannaCry ransom-ware attack undoubtedly was, the potential consequences of something similar happening aboard one of the Royal Navy’s fleet of Trident-armed submarines could be orders of magnitude worse. It is a truly chilling prospect and, according to an influential London think-tank, one that could, some day, turn into a reality.
A report from the British American Security Information Council (BASIC) released in June claims that there are major vulnerabilities that could be exploited to render the UK’s independent nuclear deterrent useless – or worse. According to ‘Hacking UK Trident: A Growing Threat’, a successful cyber intrusion could “neutralise operations, lead to loss of life, defeat or perhaps even the catastrophic exchange of nuclear warheads (directly or indirectly).”
In their study, Stanislav Abaimov, a PhD researcher in cyber security and electronic engineering at the University of Rome, and BASIC’s Executive Director, Paul Ingram, specifically set out to assess the vulnerability of the network and communication systems associated with the UK Trident system. Having first identified and then examined a number of potential scenarios and modes of cyber attack, their conclusions make shocking reading.
There are, they say, particular risks of exposure to cyber-attack throughout each of the three life stages of the submarines, during construction, on patrol and while undergoing maintenance. Exploitation of these, Abaimov and Ingram assert, could have far-reaching implications ranging from doubts over the reliability of instruments at one end of the spectrum, to wholesale loss of confidence over the maintenance of an assured second-strike capability at the other.
Nuclear-armed submarines have been held to be effectively invulnerable to first-strike attack for over half a century, and this assumption underscored the strategic stability between blocs throughout the Cold War. If subs are now open to a cyber first-strike, the report’s authors argue that their strategic value is inevitably eroded, and the longer-term consequences of that are, at best, uncertain and unpredictable and at worst, could destabilise relations between states.
On the face of it, it all sounds pretty alarming, but how serious is the threat really and just how worried should we be?
It is possible, as Abaimov and Ingram suggest, that during the development and construction phase “sensitive design, or operational secrets related to the UK nuclear weapons system, could be compromised through cyber espionage.” This presumably could also be extended to cover the new Dreadnought class of submarines set to replace the current Vanguard boats too.
As you would expect, security in and around high-profile British defence projects is reassuringly tight, but data breaches have occurred before in the sector. Niteworks, the MoD’s own business networking organisation, saw user logins compromised, information was stolen from RUAG, Switzerland’s state-owned defence contractor and even details of the F-35 – the costliest and arguably most advanced weapons system in history – have been leaked.
The loss of top-secret design details and operational intelligence from a highly classified submarine programme would certainly not be an unprecedented event, either. As The Australian reported back in August last year, a massive data grab reputedly running to around 22,400 pages has already laid bare swathes of information about the Scorpene-class submarine from French shipbuilders DCNS, exposing critically important details including its performance, combat systems and noise levels.
Could the same thing happen to Trident/Dreadnought? Yes, of course. Will it? That is a very different question, and one that is much harder to answer. The MoD are quietly confident that it will not, but they are scarcely going to tell anyone exactly how they intend to make sure of that, so for now at least, we will just have to wait and see.
Inserting security flaws
Even assuming the MoD are right and details of the submarine and missile systems avoid being compromised during construction or development, the report’s authors say that hostile actors could at this point inject rogue code or insert “predetermined security flaws” to be exploited at a later date. Alternatively, they argue the “submarine can be infiltrated with autonomous malware when undergoing maintenance or delivered via storage devices or even via remote communication channels.”
This, they suggest, is where the assumption that the view of the submarine as secure by virtue of its air gapped isolation from other networked systems and thus online interference, most crucially fails. Getting hostile code on-board a submarine on patrol, in a location known to only a handful of people on the planet, would be a gargantuan task; achieving the same when it is in dock is obviously much simpler.
Jumping that air gap and opening the backdoor into the UK’s independent nuclear deterrent could involve something as mundane as a technician – willingly, under duress or even unknowingly – plugging in a USB stick, or be altogether more sophisticated. “Advanced nano and bionic technologies such as implantable and subdermal data storage and communication devices may be smuggled into the vessel and activated autonomously, manually or remotely,” Abaimov and Ingram write.
Just five years ago, that might have seemed just a bit too James Bond; today, as some companies in the US begin implanting chips to replace employee swipe cards, it clearly does not. Does that, however, automatically mean that thinking critical digital systems can be protected by crack squads of network managers is “irresponsibly complacent” as Labour’s former Secretary of State for Defence, Lord Browne of Ladyton, says on the back cover of the report?
To slightly paraphrase Obi-Wan Kenobi, that depends greatly on your own point of view. Lord Browne made similar points in 2015, ahead of the Commons vote on renewing Trident, warning that the UK’s nuclear weapons could be “rendered obsolete” by cyber attacks, BASIC itself actively promotes global nuclear disarmament, and the position of the MoD in all of this is self-evident. Each tells the truth as they see it, but whether that leaves the proverbial glass half-empty or half-full, perhaps has more of the ‘old Jedi mind-trick’ about it than strictly objective reality.
What all sides do seem to be agreed on, however, is that there is the potential for Trident to come under some form of cyber attack.
Cyber security experts would describe that as ‘probabilistic certainty’. Rather like the old theory that an infinite number of monkeys will type out the complete works of Shakespeare given long enough, they argue that any system that potentially can be hacked, eventually will be. It is just a matter of time, and, as one cyber security consultant explains, there is the additional problem that high-profile, supposedly secure and impregnable systems provide their own incentive.
“It’s hard to imagine a bigger prize than somebody’s nukes,” she says. “That said, there are a lot of easier targets out there that could make almost as big a splash anytime you want. I’m thinking power grids or water purification – even nuclear power stations. A lot easier and quicker than infiltrating an SSBN.”
So, should we be worried?
“About those soft networked infrastructure targets – yes, certainly,” says the security expert. “About the subs, probably no – but don’t hold me to that!”