UK nuclear weapons cannot be made completely safe from cyber attack, an expert has told an international security think tank.

In a paper for the European Leadership Network (ELN), Dr Andrew Futter of Leicester University cited evidence of attempts to compromise “extremely low-frequency radio communications used to send launch approval messages to US nuclear-armed submarines in the past”, adding: “It must be assumed that the same is true for the communications hub for British SSBN’s based at Northwood in the Chiltern Hills.”

He went on: “It will never be possible to say that the UK nuclear deterrent is entirely safe from cyber attack or that it cannot be compromised or undermined in some other way in the future.“The potential for an adversary of the UK to discover the patrol area of British submarines or the specifics of the boat, missile or warhead through cyberespionage, the possibility of interfering with key systems in the procurement or maintenance phase, or the prospect of lacing targeting or fire-control software with malware, combined with better ASW and BMD capabilities, is clearly a serious issue.”

Loading article content

The think tank’s advisory board includes one-time Labour Defence Secretary Des Browne, former Tory Defence Secretary Sir Malcolm Rifkind, ex-LibDem leader Menzies Campbell and former Lib Dem leader in the Lords Shirley Williams.It also includes former senior ministers from a variety of European countries including Italy and Spain.Last year Browne warned UK nuclear weapons could “be rendered obsolete by hackers” and called for risk assessment.

Yesterday Futter told The National the most likely threat would not be an attempt to launch a missile, but to cut off or disrupt communications, or even sabotage on-sub systems like sanitation to force a patrolling vessel back to port.He said: “It’s not just about a teenager sitting in their room, it’s a lot more nuanced than that.

“This is a big issue.”Turning to potential Trident renewal, he said: “Assuming this vote goes ahead, then you’ve got to think about, over the next 10 years, somebody is going to build them, somebody is going to write the coding, somebody is going to install all the systems.“These products won’t be bought off the open market but there is a risk that if somebody really wants to get in and make mischief, that could happen.

Writing for the ELN, he said: “UK submarines receive regular radio transmissions from ashore that could theoretically be attacked, such as weather updates needed for targeting and the regular FamilyGram.

“This will almost certainly involve malware introduced during the procurement phase while the submarine/missiles/warheads are being built, or when the submarine is in port for maintenance, refurbishment and software updates.

“Rigorous testing, security practices, and professionalism should help mitigate the worse-case cyber scenarios described above while many of the other challenges will simply have to be managed as we move into a more complex future nuclear deterrent environment.”


Trident just a symbol, says former Clinton aide

The National View: Fraudulent case for Trident