A London-based think tank known as the British American Security Information Council (BASIC) has warned of the increasing probability of cyber attack on the British Royal Navy's Vanguard-class submarines, which are equipped with nuclear-tipped Trident II D-5 ballistic missiles.
The report stated that the electronic network and communication systems installed on-board the ballistic missile submarines (SSBNs) are vulnerable to malware injection.
It also claims that the vessel’s critical systems can be exposed to malware injections during production, mid-life maintenance and software upgrade procedures.
The think tank said that previous claims that the submarine fleet is invulnerable due to the isolated ‘air-gapped’ systems being impenetrable are ‘false', noting that several investigations are have been carried out over the years to develop methods to penetrate these air-gapped networks.
ProjectSauron malware demonstrated how an infected USB device can be used to remotely leak data from an air-gapped computer last year.
A successful cyber attack would not only neutralise operations and result in loss of life, but could also lead to the catastrophic exchange of nuclear warheads.
Data transmission interception enables potential adversaries to conduct long-term cyber operations, while the development of underwater drones can lead to close proximity kinetic and cyber attacks on the ballistic missile vessels.
In addition, advanced nano and bionic technologies such as implantable and subdermal data storage and communication devices can be easily smuggled into the SSBNs and activated autonomously, either manually or remotely.
The BASIC report concluded that regular updates of software and hardware, along with their continuous testing and inspection, can allow the Royal Navy to prevent its Trident system from being attacked in this manner.