Research by Chatham House, a famed UK think-tank, highlighted vulnerabilities in the systems used to maintain nuclear arsenals worldwide.

It said the risks from cyber attacks have not been fully appreciated.

Systems being compromised could lead to accidental launches, it said.

Britain's GCHQ agency said it has been investing hard in offensive cyber capabilities.



Cyber attacks could compromise the nuclear arsenals of countries like Britain and the US, and ultimately trigger nuclear war, according to a paper by a respected think-tank.

Chatham House, a policy discussion group based in London, warned that "inadvertent launches" were a possible consequence of new technology being employed by hostile states and criminals.

In a research paper published on Thursday, two policy experts said that new technology could allow hostile actors to manipulate data feeds to components involved in nuclear launches.

This could have consequences including turning them off, giving them false information, or, in an extreme situation, accidentally firing them, the report warns.

It listed 13 types of data which were open to manipulation, stressing the scale of efforts necessary to protect nuclear systems:

The paper highlighted specific methods of vulnerability, including those related to at-sea nuclear deterrents like the UK's Trident missile system.

While these vessels are generally "air-gapped," meaning their systems are closed to outside input, the report pointed out that they are vulnerable while in port between missions, and could be compromised there.

They also highlighted research by Israeli researchers, who claimed to be able to read information from a computer without being connected to it by listening to the sound of its cooling fans, arguing that keeping systems 100% offline is no longer a feasible strategy.

Security risks to nuclear infrastructure are not new, the report acknowledges, and factors like human error, intelligence breaches and mechanical failure have been concerns since the beginning of the nuclear age.

But it warns that the expansion of cyber warfare programs by militaries and external groups introduces new risks which have yet to be fully appreciated.

A Royal navy Trident nuclear submarine in Faslane, Scotland. Reuters/Russell Cheyne

Details on any capability to meddle in nuclear programs would, inevitably, be kept out of the public domain. But it is certainly plausible that states have cyber weapons specifically designed to interfere with nuclear weapons systems.

Chatham House highlighted reports from spring 2017 that the US infiltrated parts of North Korea's nuclear test infrastructure.

Separately, Britain's GCHQ security agency has confirmed in a report to Parliament that it has a large array of "offensive cyber" capabilities, which are so powerful it would be hesitant to use them.

In comments made to the Intelligence and Security Committee, a GCHQ spokesman described the arsenal included "counter state offensive cyber capabilities which might never be used but are the sort [of] high-end deterrents."

It did not specify their particular capabilities, but the language leaves open the possibility that these could affect nuclear systems.

In conclusion, Chatham House's report called for more thorough testing of cyber resilience in nuclear systems, more failsafes, and a slowing-down of the process involved in launching attacks, which could increase the time available to assess the situation and spot compromised systems.

Business Insider contacted the British Ministry of Defence, and the Pentagon for comment.

The MoD did not respond, but US officials sent over a robust description of security measures around their nuclear arsenal.

The statement, from Air Force Major Brian L. Maguire of US Strategic Command, described the nuclear infrastructure as "cyber secure" thanks to a host of defence mechanisms.

It said:

"To protect operational security and not provide potential adversaries information on our networks, I can’t discuss vulnerabilities to our systems.

"However, our nuclear command, control and communications are comprised of interdependent systems, facilities and platforms operating through space, air and terrestrial domains.

"Protecting the nuclear command, control and communication capabilities is fundamental to strategic deterrence.

"U.S. Strategic Command has assigned cyber mission forces to protect and defend key cyber terrain of the command, to include nuclear command, control and communication systems.

"Our current systems are cyber secure through a combination of the dedicated cyber forces and the built-in cybersecurity of our nuclear command, control and communication systems."