Trident nuke subs are hackable, thunders Wikipedia-based report
Look, here's some stuff I read on the internet about infosec and it's terribly worrying isn't it?
A group of anti-nuclear campaigners have claimed Britain’s nuclear deterrent submarines are vulnerable to hackers – and their report setting out the “evidence” quotes, in part, from Wikipedia.
The British American Security Information Council (BASIC) reckoned that Blighty’s four Vanguard-class nuclear missile submarines could be hacked using one of the variety of techniques that have sprung up over the last few years.
“Recent suggestions that the fleet is vulnerable have sometimes been met with complacency and claims that the isolated ‘air-gapped’ systems cannot be penetrated,” said the report (PDF, 38 pages), which was co-authored by Russian security researcher Stanislav Abalmov and veteran British anti-nuke campaigner Paul Ingram, BASIC’s exec director.
The report sets out the usual generic attack vectors and the factors that mitigate these – chiefly, the fact that for months at a time the boat is air-gapped from the entire outside world by virtue of being hundreds of feet below the sea’s surface.
“Trident’s sensitive cyber systems are not connected to the internet or any other civilian network,” the report continues. “Nevertheless, the vessel, missiles, warheads and all the various support systems rely on networked computers, devices and software, and each of these have to be designed and programmed. All of them incorporate unique data and must be regularly upgraded, reconfigured and patched.”
It also identifies attack vectors ashore, such as subcontractors and dockyard maintenance personnel. Frankly, this is nothing new: similar approaches were being used by the Soviet Union in the 20th century. What the report promises in its broad-brush overview is, moreover, sorely lacking in detail: “Malware can be introduced and even written on board the vessel using... available data transfer capacities (USB drives, SD cards, etc.),” is one such example.
The authors also quote, more or less verbatim, part of the Wikipedia entry on British submarine command software. Compare and contrast the extracts below:
L, Wikipedia; R, the BASIC report on Trident
Of most interest is its chapter on onboard networks. All British submarines run BAE Systems’ Submarine Command System (SMCS) and have done for more than a decade. As the name implies, SMCS is used to navigate the boat and integrate tactical data from her sonar, hydrophones, radar, and so on. The report also claims that SMCS is “based upon a version of Windows XP [that is] known colloquially as ‘Windows for Warships’,” which seems to be based on a Register article written back in 2008.
A leading expert told El Reg today: “It's perfectly possible to run computer weapon systems in such a way that they are hard or impossible to hack. This becomes a lot easier when there is no requirement for network access or rapid decision-making, as in the case of Trident. Avoiding quick decisions is the whole reason for putting nuclear missiles on submarines, and water-gapping is considerably more effective than just air-gapping. It's always possible that there are discoverable vulnerabilities in Trident maintenance and refit, but there is no reason why there must be: and the authors of this report don't have any useful or relevant knowledge of Trident maintenance, so their opinion is worth nothing.”
A Ministry of Defence spokesman told El Reg: “While we don’t comment on the specific systems used by our submarines, for reasons of security, we have absolute confidence our independent nuclear deterrent remains safe and secure,” adding: “We dedicate considerable resource to assessing cyber threats and we continue to apply any necessary mitigations to combat these threats.”
On the whole, we can still sleep safely in our beds tonight regardless of this report. ®