While terrorists hacking nuclear submarines may seem more like the climax of a Vin Diesel and Dwayne Johnson blockbuster, researchers say this is a serious threat that needs to be addressed.
The British American Security Information Council found the U.K.'s Trident nuclear submarine fleet is vulnerable to various cyberattacks that could neutralize operations, lead to loss of life, defeat or even lead to the exchange of nuclear warheads.
Researchers identified four fictional scenarios and potential cyberattack vectors that cover three life stages of submarines, construction, patrol and maintenance, according to the Hacking UK Trident: A Growing Threat report.
While the submarines are air gapped, vessel, missiles, warheads and all the various support systems are all on networked computers, incorporate unique data, and must be regularly updated, upgraded, reconfigured and patched. Researchers also noted various point where malware could have been uploaded onto these systems such as during maintenance while docked.
“There are numerous cyber vulnerabilities in the Trident system at each stage of operation, from design to decommissioning,” Stanislav Abaimov, a researcher in cybersecurity and electronic engineering at the University of Rome, who co-wrote the report said. “An effective approach to reducing the risk would involve a massive and inevitably expensive operation to strengthen the resilience of subcontractors, maintenance systems, components design and even software updates.”
Researchers said the principal threat arises from state hacking capabilities because they possess the necessary resources, intelligence and motivation to target nuclear weapon systems.