Nuclear Weapons Subs Could Be Vulnerable to Cyber-attack

Uploaded on 2015-11-27 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, INTELLIGENCE--Europe, GOVERNMENT-Defence, FREE TO VIEW

Britain’s Trident nuclear weapons system may turn out to be obsolete unless David Cameron can offer assurances that it is wholly protected from cyber-attacks by a hostile state, the former defence secretary Des Browne has said.

As Cameron put the replacement of Trident at the heart of the defence review, Browne told the Guardian there could be no guarantee of a reliable deterrent without an “end-to-end” assessment of the cyber-threat to the system.

Lord Browne of Ladyton, who served as defence secretary between 2006 and 2008, highlighted a report by the defense science board of the US Department of Defense, which warned that the US and its allies “cannot be confident” that their defence systems would be able to survive an “attack from a sophisticated and well-resourced opponent utilising cyber-capabilities in combination with all of their military and intelligence capabilities”.

The report, published in January 2013, asked for assurances that the US nuclear deterrent would be “survivable against the full-spectrum” Tier V-VI cyber attacks, code for Russia and China.

The former defence secretary, who now serves as vice-chair of the Nuclear Threat Initiative, which campaigns for disarmament, said: “The government ... have an obligation to assure parliament that all of the systems of the nuclear deterrent have been assessed end-to-end against cyber attacks to understand possible weak spots and that those weak spots are protected against a high-tier cyber threat. If they are unable to do that then there is no guarantee that we will have a reliable deterrent or the prime minister will be able to use this system when he needs to reach for it.”

Browne spoke out as the prime minister confirmed in the strategic defence and security review that the government would ask parliament to approve the successor to the Trident programme in a “main-gate decision”, which was originally scheduled for next year.

Labour divisions will be highlighted when a non-binding vote on Trident is held in the Commons at the end of a debate called by the SNP, which opposes the programme. Jeremy Corbyn, who shares the SNP view, is asking his MPs to abstain in the vote because Labour’s policy on Trident is under review.

Ken Livingstone, the co-convener of Labour’s defence review, said that Browne’s remarks and the US report shows that the prime minister should abandon plans to replace Trident unless Cameron can offer assurances that the system is protected from cyber-attacks.

Livingstone said: “Those questions need to be answered by the prime minister in the House of Commons before we commit to spending £20bn on another generation of this stuff. Spending £20bn on something is bad enough but spending £20bn on something that won’t be able to work is a bit of a problem.”

George Osborne, the chancellor, used a speech at the headquarters of GCHQ last week to announce that the government would allocate more than £3.2bn to cybersecurity over the next five years. But Browne said that this did not go far enough to protect Trident.

He said: “My instinct is to think that £3.2bn over five years, comes nowhere near the scale of the cyber-threat challenge, if it includes ensuring cybersecurity for the command and control of our nuclear weapons. Also, this is the environment to which Moore’s law applies. Consequently, we can expect cyber-capacity to have doubled and doubled again since the report was published and to continue to increase.”

Franklin Miller, a former White House defence policy official under President George W Bush who oversaw the US nuclear deterrent between 1981-2001, said that Browne’s analysis was flawed.

Miller said: “It is no surprise that Des Browne would be coming up with arguments against the successor to Vanguard and to be grasping at straws. If our nuclear command and control system depended upon the Internet or went through the Internet then the report by the defense science board would be quite an important warning. However, for those reasons it is a standalone system. It is air-gapped. It does not go through the Internet.”

The former White House official said that the report cited by Browne was written in 2013 as a “shot across the bow” to elements in the US defence community who were thinking that the next generation of the command and control system of the US nuclear deterrent should have elements connected to the Internet.

Miller added: “I am very comfortable saying that right now our command and control system is insulated from cyber-attack because it doesn’t go into any place that cyber would intrude.”

Livingstone, who was appointed last week by Labour’s national executive committee to co-chair the party’s defence review alongside the shadow defence secretary, Maria Eagle, made clear that he would use the US report to raise further questions about Trident and its successor. He said: “Certainly the policy review will want to see this report because it clearly is a major step.”
Guardian: http://bit.ly/1I7V4SJ

« CIA Say Edward Snowden 'taught ISIS to avoid detection'
ISIS Video Threatens US Capital »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Cyber Security National Lab (CINI)

Cyber Security National Lab (CINI)

The Cyber Security National Lab brings together Italian academic excellence in Cyber Security research.

EIT Digital

EIT Digital

EIT Digital is a leading digital innovation and entrepreneurial education organisation driving Europe’s digital transformation. Areas of focus include digital infrastructure and cyber security.

Hacker House

Hacker House

Hacker House teaches you what hackers can learn about your business and systems so that preventative solutions to protect your assets can be applied through active measures.

Inspirria Cloudtech

Inspirria Cloudtech

Inspirria Cloudtech is a specialized Cloud Technologies Services provider and Cloud Aggregator focused on executing cloud models for clients.

Paladin Capital Group

Paladin Capital Group

Paladin is a leading global investor that supports and grows the world’s most innovative cyber companies.

Accel

Accel

Accel is a leading venture capital firm that invests in people and their companies from the earliest days through all phases of private company growth. Areas of focus include cybersecurity.

MSPAlliance

MSPAlliance

MSPAlliance is the world’s largest industry association and certification body for cloud computing and managed service professionals.

Optimum Speciality Risks

Optimum Speciality Risks

Optimum Speciality Risks are an experienced team of cyber insurance experts, backed by Lloyds of London.

GuardSight

GuardSight

GuardSight is a provider of specialized cybersecurity services to safeguard businesses, government, and remote workers against sophisticated cyber threats.

Zeva

Zeva

Zeva solves complex identity and encryption challenges for the federal government and corporations around the globe.

Material Security

Material Security

Material is solving one of the most fundamental problems in security: protecting the data sitting in mailboxes.

Babble

Babble

Babble is a Unified Comms, Contact Centre and Cyber Solutions provider. We believe in making next-generation technology simple to use, deploy and manage.

Techmentum

Techmentum

At Techmentum, our mission is to utilize technology to help companies succeed. Our expertise includes fully managed IT services, cybersecurity, cloud, and custom technology solutions.

Early Game Ventures (EGV)

Early Game Ventures (EGV)

Early Game Ventures invests in startups that jumpstart new industries in the emerging markets of Europe.

3DOT Solutions

3DOT Solutions

3DOT Solutions is an established UK cybersecurity consultancy focused on delivering end-to-end cyber security solutions for private and public sector customers.

Clumio

Clumio

Clumio provides autonomous backup and recovery for critical cloud data.