HMS Vanguard

Britain's Trident submarines are vulnerable to "catastrophic" cyberattacks, according to a new report.

London-based thinktank the British American Security Information Council (BASIC) has expressed scepticism over Ministry of Defence assurances that the subs' operating systems cannot be breached while at sea because they are not connected to the internet at that point. It warns:

"A successful attack could neutralise operations, lead to loss of life, defeat or perhaps even the catastrophic exchange of nuclear warheads (directly or indirectly)."

It adds: "Submarines on patrol are clearly air-gapped, not being connected to the internet or other networks, except when receiving (very simple) data from outside.

"As a consequence, it has sometimes been claimed by officials that Trident is safe from hacking. But this is patently false and complacent."

The thinktank, which calls on its website for 'a world free from the threat of nuclear weapons', also points to the time the boats do not spend at sea - like when they are docked at the Faslane naval base in Scotland for maintenance.

Its report says:

"Trident's sensitive cyber systems are not connected to the internet or any other civilian network.

"Nevertheless, the vessel, missiles, warheads and all the various support systems rely on networked computers, devices and software, and each of these have to be designed and programmed.

"All of them incorporate unique data and must be regularly upgraded, reconfigured and patched."

Report co-writer Stanislav Abaimov said: 

"There are numerous cyber vulnerabilities in the Trident system at each stage of operation, from design to decommissioning."

"An effective approach to reducing the risk would involve a massive and inevitably expensive operation to strengthen the resilience of subcontractors, maintenance systems, components design and even software updates.

"If the UK is to continue deploying nuclear weapon systems this is an essential and urgent task in the era of cyberwarfare."

Former Defence Secretary Des Browne, who steered the original decision to renew Trident through parliament in 2007, said: 

"The WannaCry worm attack earlier this month affecting 300,000 computers worldwide, including vital NHS services, was just a taste of what is possible when cyber-weapons are stolen."

"To imagine that critical digital systems at the heart of nuclear weapon systems are somehow immune or can be confidently protected by dedicated teams of network managers is to be irresponsibly complacent."

Britain's Trident submarines currently use the same Windows XP software as the majority of the NHS. The report's authors believe it would cost the government several billions of pounds over the next 15 years to improve Trident cyber security.

It comes after speculation that the US used cyberwarfare to destroy a North Korean missile test.

The Ministry of Defence was forced to defend Trident earlier this year, meanwhile, after reports emerged that a missile test had malfunctioned off the coast of Florida.