Although the UK Ministry of Defence has previously stressed that the Trident submarines are invulnerable to cyberattacks, because their operating systems are unconnected to the internet, experts at the British American Security Information Council (Basic) said that hackers could launch attacks when the vessels are not at sea.
The Basic report explained that hackers could launch malware attacks against the fleet when undergoing maintenance work while docked at the Faslane naval base in Scotland. Experts warn that a cyberattack could lead to "catastrophic exchange of nuclear warheads."
"Malware injection during manufacturing, mid-life
refurbishment or software updates and data
transmission interception allow potential adversaries
to conduct long-term cyber operations," the report stated.
"Submarines on patrol are clearly air-gapped, not being connected to the internet or other networks, except when receiving (very simple) data from outside. As a consequence, it has sometimes been claimed by officials that Trident is safe from hacking. But this is patently false and complacent," Basic's 38-page report titled Hacking UK Trident: A Growing Threat reads.
"Trident's sensitive cyber systems are not connected to the internet or any other civilian network," Basic's executive director Paul Ingram and cybersecurity researcher Stanislav Abaimov wrote in the report.
"Nevertheless, the vessel, missiles, warheads and all the various support systems rely on networked computers, devices and software, and each of these have to be designed and programmed. All of them incorporate unique data and must be regularly upgraded, reconfigured and patched."
The report said that hackers could use radio transmission from ashore in "limited bandwith" cyberattacks. This kind over covert attacks could also be customised to trigger in response to specific events. Attacks can also be designed to "disrupt or change launch coordinates to divert the original course of the missile, or to disrupt or neutralise the warheads themselves."
The think tank's report also said that such attacks have already been conducted. "This was the case in the advanced malware used in the so-called 'Stuxnet' or 'Olympic Games' attack on Iran's centrifuge systems, a cyber-physical attack that was delivered into Natanz by unsuspecting subcontractors," the report said.
The report comes amid escalating international concerns about potential nuclear threats, and rumours about the US having possibly been involved in covert cyberwarfare to disable North Korea's missiles to underscore the severity of the threat.
Britain currently operates four nuclear-powered submarines, which carry a total of 16 missiles, as part of its Trident fleet. All the vessels are in the process of being renewed. The Vanguard class of Trident submarines were first introduced in 1980 and is currently the only nuclear weapons system operated by the country.
In July 2016, the House of Commons voted to replace the older submarines with a new fleet, which is slated to be operational by early 2030.
Trident has 'numerous' vulnerabilities
"There are numerous cyber vulnerabilities in the Trident system at each stage of operation, from design to decommissioning," Abaimov said.
"An effective approach to reducing the risk would involve a massive and inevitably expensive operation to strengthen the resilience of subcontractors, maintenance systems, components design and even software updates. If the UK is to continue deploying nuclear weapon systems this is an essential and urgent task in the era of cyberwarfare."