Report Claims UK’s Nuclear Submarines at Risk From Hackers

Ray Walsh

Ray Walsh

June 2, 2017

Not long ago, news emerged that the US may have the power to use cyberattacks to negatively affect North Korean missiles tests. Now it has been revealed that the UK’s nuclear submarines could suffer a similar fate and could be disabled during times of war – or worse.

The revelation has come courtesy of a 38-page report called Hacking UK Trident: A Growing Threat. The report has been published by a London think tank called the British American Security Information Council (BASIC). Authors of the paper include Paul Ingram, Basic’s executive director and Stanislav Abaimov, a cybersecurity researcher and electronic engineering who is a graduate of the Moscow State Institute of Electronics and Mathematics.

In the document, BASIC heavily criticizes the UK Ministry of Defence’s claims that the submarines are safe from hacking when at sea because they are not attached to the Internet,

“Submarines on patrol are clearly air-gapped, not being connected to the internet or other networks, except when receiving (very simple) data from outside. As a consequence, it has sometimes been claimed by officials that Trident is safe from hacking. But this is patently false and complacent.”

In fact, according to the report a successful cyberattack on one of the UK’s nuclear subs could “neutralise operations, lead to loss of life, defeat or perhaps even the catastrophic exchange of nuclear warheads (directly or indirectly)”.

Get a VPN service today

A VPN is the best personal cybersecurity product on the market

Unblock any website with a VPN today
” bottom=”Unblock any website with a VPN today”]

Not Always at Sea

In addition, the report draws attention to the fact that even if the submarines were safe when at sea, the reality remains that the submarines still spend periods of time in the docks. The report points out that it is during those times that malware could theoretically be introduced onto a submarine’s operating system. From the report:

“Trident’s sensitive cyber systems are not connected to the internet or any other civilian network. Nevertheless, the vessel, missiles, warheads and all the various support systems rely on networked computers, devices and software, and each of these have to be designed and programmed. All of them incorporate unique data and must be regularly upgraded, reconfigured and patched.”

This is hugely concerning because the UK has four Trident nuclear submarines, which aren’t due to be replaced until the early 2030s. In addition, it is highly worrying that nowadays it is becoming very difficult to confidently attribute cyberattacks.

Who’s to Blame?

Recently, for example, Wikileaks’ Vault 7 revealed that the US’ CIA has the capabilities to make attacks appear to have come from elsewhere. In an era when dictatorships like those of Kim Jong Un spend vast amounts of money on cyber warfare it is becoming clear that the biggest threat to civilians living in the West may come from attacks on vital infrastructure – and now perhaps even their own weapons.

Using proxies and other obfuscation methods to conceal their true identity and location is just one method employed by cybercriminals. However, North Korean hackers are also known to travel overseas – stationing themselves not only in China – but further afield in Russia, and Europe.

What’s more, in the past couple of years exploits belonging to criminal hacking gangs – stolen from firms like Hacking Team, and taken from intelligence agencies like the NSA – have all appeared online.

With these elite hacking tools now being leaked to the internet on a regular basis, one can’t help wondering what the future might have in store. How hard it would be, for example, for a North Korean hacker with a Russian keyboard (well educated in the Russian language) to use hacking tools and methods that imitate those of a well known Russian hackers?

Would it be possible to mount a catastrophic attack of this magnitude that successfully frames another nation? And what would be the circumstances?

Vital Infrastructure at Risk

It is not only nuclear submarines that could be turned into a devastating attack either. Only last month, Donald Trump signed an executive order that prioritized the strengthening not only of Federal networks, but also of critical infrastructure. This demonstrates how seriously the US administration as taking the threat, and last year it was reported that hackers could theoretically blow up a nuclear power station.

In the UK, the recent WannaCry ransomware attack proved that cyberattacks can very seriously affect vital services. During the attack, many people were turned away from hospitals and medical centers due to the chaos. Others had to have planned surgery rescheduled.

Fortunately, it is not believed that anybody died as a direct result of the cyberattacks. However, the sad truth is that it seems inevitable that it will only be a matter of time before cyberattacks do cause a loss of life.

In Ukraine, last year a cyber attack caused a power station blackout that left many people without electricity. In the UK, it has been repeatedly reported that old and infirm people struggling to pay bills is a cause of death in the winter. They simply can’t survive the cold in their homes and the winter always brings with it a horrific rise in the amount of deaths.

The fact that the cold kills is unquestionable, and there can be no doubt that hacks causing blackouts like those ones experienced in Ukraine could result in death for the most vulnerable.

Clear and Present Danger

Those threats are very real, and are a huge concern. They are vastly eclipsed, however, by the notion that hackers could use our own nukes against us. Imagine the scenario: a British nuke has hit London – or worse the capital of an allied nation – and the Brits are responsible for the most atrocious loss of life the West has ever seen.

Despite the fact that hackers are responsible, how would citizens feel about the UK’s slack cybersecurity? Where would retaliation be aimed? Especially if it were hard to pinpoint the perpetrators identity? This scenario might seem highly unlikely, but Abiamov says that:

“There are numerous cyber vulnerabilities in the Trident system at each stage of operation, from design to decommissioning. An effective approach to reducing the risk would involve a massive and inevitably expensive operation to strengthen the resilience of subcontractors, maintenance systems, components design and even software updates. If the UK is to continue deploying nuclear weapon systems this is an essential and urgent task in the era of cyberwarfare.”

As such it would seem of dire importance to take heed and fix all possible holes in these critical systems before technology (like Artificial Intelligence, for example) starts being used by hackers to mount even more sophisticated cyberattacks.

Opinions are the writer’s own.

Title image credit: iurii/

Image credits:Ruslan Guzov/

Ray Walsh

I am a freelance journalist and blogger from England. I am highly interested in politics and in particular the subject of IR. I am an advocate for freedom of speech, equality, and personal privacy. On a more personal level I like to stay active, love snowboarding, swimming and cycling, enjoy seafood, and love to listen to trap music.

One response to “Report Claims UK’s Nuclear Submarines at Risk From Hackers

  1. _ why do you not stop the race of nuclear weapon ?
    _ do you not need all this money wasted for … nothing … ?
    _ vanity & hidden agreement have replaced by an obsolete & corrupted connection , a real vision (new challenge opened for only strong, great & modern countries) of the future.
    _ a vulnerability or hole happens when the ground is yet rotten since a long time … an abandoned area and a hacker is at home … btw take a look at codecrypt … that is not a virtual hypothesis !

    Maybe it is the end of the idea about an identity forged by a genuine people or territory : maybe the fate of england is another population for another life , very far of the hate, slavery, vice, crime, that this ‘old unknown zone aka u.k’ abuse too much often.

    In short, you can’t afford it so why do not take another direction : do not participate as looser at a war where all the benefice will go abroad , to an undefined_bitcoin bank … chaos may ensue otherwise …

Leave a Reply

Your email address will not be published. Required fields are marked *

Exclusive Offer
Get NordVPN for only