A recent report has suggested that Trident carrying submarines could be hacked, leading to a nuclear war. However, the report fails to give much detail and appears to gloss over key details.

The report was produced by the British American Security Information Council (BASIC), a think tank based in London which aims to promote nuclear disarmament. Their paper reviews the ‘growing potential for cyber-attack’ on the UK’s operational fleet of Vanguard class submarines armed with Trident II D-5 ballistic missiles.

The paper warns that “A successful attack could neutralise operations, lead to loss of life, defeat or perhaps even the catastrophic exchange of nuclear warheads”. However, this would appear to be based on the fact that the submarines use ‘SMCS NG’ which they argue is similar to Windows XP.

The ‘Submarine Command System New Generation’, was created for the Vanguard class submarines as a tactical information system and a weapon control system and is often nicknamed ‘Windows for Submarines’. It does however not control Trident.

They also make claims that malicious software could be uploaded while the vessel is in port for maintenance:

“Every electronic system inevitably has a means for new code to be introduced, be it by USB memory stick or some more sophisticated method, particularly at more vulnerable times.”

The report however does not go into detail regarding how this would be done, nor does it discuss any of the countermeasures in place to prevent this from happening.

The report also claims that being ‘air gapped’ doesn’t make an impact on their security:

“Submarines on patrol are clearly air gapped, not being connected to the internet or other networks, except when receiving (very simple) data from outside. As a consequence, it has sometimes been claimed by officials that Trident is safe from hacking. But this is patently false, and complacent.”

When deployed and when it port, the computers on a submarine function as a standalone system. They are air-gapped, that means that they’re not connected to an external network or the internet, there is a physical gap between them and any external network.

Sean Sullivan, a security adviser at F-secure, told Infosecurity magazine in 2015 that while some hackers have been able to “jump” air-gaps, this would cause “interference” at most. It should be noted that attacking a submarine far out at sea in this way is not really feasible at all.

Some have also claimed that the Vanguard class submarines which carry Trident are vulnerable to cyber-attacks in the same way the recently hit NHS is, that is not the case.

Critics again point to the Royal Navy’s decision to install a heavily adapted operating system, based off the same framework as Windows XP, as the operating system on its missile-carrying Vanguard class submarines. While some versions of Windows have long been criticised for unreliability, the variant installed on the submarine fleet is about as robust and reliable as they come, having no real practical similarity with Windows XP.

So reliable is the system that the operating system and its variants are widely used in commercial operations including manufacturing plants, labs and commercial ships. The Royal Navy has already installed similar systems in other ships and submarines.

Some have taken to using the recent attacks on the NHS as part of a campaign against Trident, albeit they’ve used the wrong information. While we have no position on renewing Trident, we do have a very strong position on facts being important.

Even claims that because the operating system is based on an older Windows product means that it would not be supported are incorrect. The UK government negotiated a Custom Support Agreement in April 2014 so the departments and agencies could using it or software based on it without worrying about criticial patches being written.

The worry over security, in our view, isn’t really something to be concerned about. The biggest threat is experienced when submarines are in port to receive software updates as unpatched vulnerabilities in the operating system could in theory be used by attackers to break into their systems if they were connected to the internet.

However, they’re not connected to the internet and are in no way vulnerable to the type of attacks that crippled the NHS, as we reported here.

The Ministry of Defence claim it isn’t worried that hackers could exploit any potential vulnerabilities found in the system and in a statement, explain they pay particular attention to keeping submarines protected against this kind of threats.

“Submarines operate in isolation by design, and this contributes to their cyber resilience. We take our responsibility to maintain a credible nuclear deterrent extremely seriously and continually assess the capability of our submarines to ensure their operational effectiveness, including against threats from cyber and unmanned vehicles.”

Peter Roberts, a former Royal Navy officer now at Royal United Services Institute, told the Guardian that British technicians are well aware of the potential software vulnerabilities and have instituted special safeguards.

“None of this anti-submarine technology has been perfected and what you are not able to do with drones is get them to work together, because of the problems of communications underwater.

I can’t see a breakthrough in the next 15 years, and you are never going to see the whole ocean. We are talking about a water space that covers two-thirds of the world’s surface. This is not a needle in haystack. It’s way beyond that.”

It is understood that the Trident missile system itself has also been given increased protection from cyber-security threats.

The Ministry of Defence is planning to spend nearly £2 billion on cyber security over the coming five years, including a scheme to improve the safety of Britain’s nuclear deterrent in partnership with the US Navy. The US military is reported to be poised to award a contract to British defence contractor BAE Systems to develop Trident’s cyber-security protection.

In statements made by Ministry of Defence officials to The Telegraph, both countries have scheduled upgrades to Trident missile software in order to fend off the threat of cyber-attacks. Since Trident missiles aren’t connected to the Internet, the security features planned are likely aimed at making it harder for attackers to leverage techniques used in targeting air-gapped systems.

John Daniels, a spokesman for the US Navy’s Strategic Systems Programme, told the media:

“Now that cyber has become even more important in our national security, there will be even more requirements. In our modern era, cyber-security threats are a legitimate concern.”

US and UK officials have announced future upgrades to their Trident missiles program, and more specifically, to the missile’s software, in order to prevent cyber-attacks.

A Ministry of Defence spokesman said:

“The deterrent remains safe and secure.We take our responsibility to maintain a credible nuclear deterrent extremely seriously and continually assess the security of the whole deterrent programme and its operational effectiveness, including against threats from cyber.”

Currently, the US and UK are using the same type of submarine-launched missiles with their fleets, which is the Trident Class II D5 model. Britain has 58 of these missiles, deployable on four submarines.

All of the UK’s missiles regularly undergo scheduled maintenance work, during which they also receive upgrades. This work is done by BAE Systems, the company contracted by both the US and the UK for this job. BAE company declined to comment on the work.

The UK deterrent is completely operationally independent and UK does not need permission of the US (or anyone else) to launch its Trident missiles.

11 COMMENTS

  1. Whilst this may be the case – it really does have to be understood that every system can be hacked either physically or by social engineering (also known as forcing someone to do something they either don’t know they are doing or against their will).

    The MOD and UKAF are no exception to this rule and the missile system is very complex. It also wouldn’t surprise me if the US had a kill code in our system that we know nothing about (but that is me speculating).

    Hacking can occur if strong physical and virtual security is not maintained.

    • How would such a “kill code” be received by the missile? What would broadcast it? What stops your enemies potentially using such a system to neutralise the American deterrent which uses the exact same missiles from a common pool.

      What would the code interfere with? Not the warhead, seeing as that’s UK-made. So it’d have to be the missile itself. So either it diverts it somewhere, or it explodes raining nuclear material all over the place, likely high in the atmosphere. Which is bad news bears all around.

      Seriously, the “kill switch” idea really is some A grade nonsense. You think the UK maintainers of the missiles would’ve missed such a device for the last, oh, 30 years?

      • ‘You think the UK maintainers of the missiles would’ve missed such a device for the last, oh, 30 years?’

        Spot on – it couldn’t be kept secret over that time and nations that would like to fracture the US/UK alliance would surely make it public.

        • I agree that the issue of someone being likely to have found a kill switch is the most compelling reason why I suspect such a thing doesn’t exists. Having said that though, I can see some technological ways whereby such a meant-to-be-secret kill switch could be implemented (in the missiles themselves) and it would all be in the software as opposed to a physical device which makes detection more challenging.

          Ideally the USA would provide us with the source code for the guidance software so that we could compile it ourselves to know that we have clean code. UK software engineers would still need to vet all that source code line by line but that is still a whole lot easier than decompiling and analysing pre-compiled guidance code which is a distinctly non-trivial task.

  2. Whilst unlikely, the system is built on the windows xp core and so can in theory be hacked. The question is whether someone can get enough time on the system to do such a hack is questionable, since off the shelf hacks won’t work and I assume the OS is not in the public domain.

    In regards to the air gap, do we know enough about it to be sure it is fully in place between the comms system and the launch system. Is it a real air gap, on separate cables, or just a firewall.

    As we know no computer system can not be hacked and so in theory it could happen and the nukes could be launched.

    I’m sure the MOD is actively working on defensive options, but as we know the Pentagon was hacked, and so don’t write it off.

    If a enemy nation had hacked the system, the first we would know about it is in the event of war, since as soon as any problem is identified the hole will be filled.

  3. Gents

    I am not stating that my comments are factual – but look the US took out the Iranian nuclear programme with a day 1 exploit that had been kept secure for nearly 20 years. These things do exist, its whether anyone believes they exist in this system.

    Having worked in IT for over 20 years I can tell you that every system can be exploited when the stars align and that we should not be complacent in the security of this critical system.

    I am fairly confident it is well protected (and hope it is) but the number of people who are truly great at IT is more limited than you would believe and given MOD pay I am sceptical about whether we have enough of them.

    The missile itself has various safeguards to abort built in as standard and it would not be beyond a stretch of logic to target these sub systems.

    Remember there are 5 key components to any system: hardware, infrastructure, code, processes and people and ensuring all of these are 100% is very difficult.

    Food for thought – nothing else…. (and I haven’t all of a sudden become a nutter).

  4. I do wonder how any researcher without security clearance can really know what sort of protections are in place when in port. A big concern in the report seems to be that the at-sea air gap is somehow compromised when in port. I see no reason why the air gap should be compromised in port. So that bored maintenance technicians can check their Facebook accounts?

    I would hope that there are a minimum number of removable media ports and no accessible open network access points for the critical on-board systems so that all software and mission data updates are carried on via a secure and carefully analysed removable media device and a port (USB or similar) unlocked by an approved person to plug in the device and upload the data.

    Even the above isn’t foolproof of course, I believe that they think the Iranian nuclear hack that Pacman27 mentions came in via a USB thumb drive, but they probably didn’t have all the removable media ports in their environment removed or secured behind locked armoured doors (for instance) but the concept of someone getting access over the internet to hack into the subs is, I would hope, entirely laughable as is the concept of somehow infecting a land-side operatives PC via an infected USB drive or malicious email link. (The PC that creates the data package to be transmitted to the sub would also be air-gapped I would hope.)

    The one secure project that I worked on extensively (as opposed to being on the edge of) did security by air gap and then physically securing and vetting the media. If systems had to leave a secure area for maintenance they were accompanied by soldiers with guns to protect the hard drive and if the hard drive had to be swapped out they took it away with them for destruction elsewhere. I would hope that is the sort of thing going on to protect any data exchange on or off the subs.

  5. The system is as secure as it possibly can be. As already stated the xp based operating system is not known outside of the MOD and any hack would need access to the physical sub. The subs are under armed guard and so are any bits that get taken off for servicing. The people who have access to the subs like crew and maintenance staff all hold the highest security clearance and have had to be fully vetted to get it. Realistically the only possible danger is from within the RN or MOD itself. Not impossible but more likely to occur in a Bond script than real life. I suppose nothing is impossible but this as close as I can imagine to it.

  6. You wish sex shopping, you descend to fantastic nymphs. These small fishes are capable to humour the consumer entirely.

    http://londonescortzone.men/luiza
    http://adultescortlondon.date/damia
    http://toplondonescorts.date/anisa
    http://adultescortlondon.date/cassy
    http://cheapescortinlondon.date/cassy

    Nenasytne and active prostitutes for a bachelor party
    The big range of prostitutes in this area
    The sexual and checked prostitutes for entertainments

    gEo$385ndeW

  7. Подбирайте собственную спутницу для секса. В объятиях дам вы сможете совсем забыть про какие-либо ограничения и насладиться близостью в полной мере

    Странички свободных девицпо вызову с жгучей внешностью
    Странички необычных проституток с удобными фильтрами
    Выбирай безотказных проституток с хорошей фильтрацией

    Смотри свободных проституток с расширенным поиском
    Подбирай лучших индивидуалок с детальными фильтрами
    Анкеты свободных индивидуалок с расширенным поиском

    pG99!udpq7T

LEAVE A REPLY

Please enter your comment!
Please enter your name here