British nuclear submarine software outsourced to Russia, Belarus
LONDON, UNITED KINGDOM — In a startling revelation, it has emerged that the software used by Britain’s nuclear submarine engineers was partially developed in Russia and Belarus, contravening Ministry of Defence (MoD) regulations.
According to a Telegraph report, the software — intended for the internal network of Rolls-Royce Submarines — was supposed to be developed exclusively by UK-based, security-cleared personnel.
However, the work was outsourced to developers in Minsk, Belarus, and Tomsk, Siberia, raising significant security concerns.
National security risks exposed
Experts have warned that the code developed by Russian and Belarusian engineers could be exploited by hostile states to target the UK’s naval capabilities. The MoD launched a full-scale investigation into the matter, treating it as a serious threat to national security.
The investigation revealed that the firm responsible for the outsourcing, WM Reply, initially kept the information secret and even considered disguising the developers’ identities by using fake names of deceased British individuals.
Expert warnings and political reactions
Ben Wallace, the former defense secretary, highlighted the potential risks, stating, “Time and time again, countries like China and Russia have targeted the supply chains of our defense contractors. This is not a new phenomenon.”
James Cartlidge, the shadow defense secretary, emphasized the need for resilience and security in sensitive defense programs, calling it an “absolute imperative.”
Rolls-Royce and WM Reply’s responses
Rolls-Royce Submarines, which powers the UK’s nuclear submarine fleet, subcontracted the work to WM Reply, a digital consultancy firm. WM Reply then used developers based in Belarus, one of whom was working from home in Tomsk, Siberia.
Rolls-Royce has stated that it carried out full IT security checks on any coding before it was introduced to its network and is confident that no sensitive data was compromised.
A Rolls-Royce spokesperson said, “We can categorically state that at no point was there any risk of data, classified or otherwise, being accessed or made available to non-security cleared individuals.”
WM Reply also denied any wrongdoing, asserting that it regularly reviews its delivery processes and respects its customers’ needs and processes.
Calls for comprehensive review
The incident led to calls for a comprehensive review of security protocols and increased oversight of defense contracts.
Dr. Marion Messmer, senior research fellow at think tank Chatham House, described the outsourcing of such critical work to Belarus and Russia as a clear “national security risk.”
She warned that any rogue actors gaining access to the personal data of those working on the UK’s submarine fleet carried a risk of “blackmail or a targeted attack.”
The MoD has concluded its investigation, affirming that the system’s integrity was not compromised. However, the incident has underscored the vulnerabilities in Britain’s defense sector’s supply chains and the need for stringent security measures to prevent similar breaches in the future.
