IT software for UK nuclear submarine engineers outsourced to Belarus, the Telegraph reports
The news that the development of an IT system used by British nuclear submarine engineers was outsourced to Belarusian developers has led to calls that the U.K. must carry out an urgent review of defense supply chains, the Telegraph reported on Aug. 3.
View article
View summary
#^IT software for UK nuclear submarine engineers outsourced to Belarus, the Telegraph reports
The news that the development of an IT system used by British nuclear submarine engineers was outsourced to Belarusian developers has led to calls that the U.K. must carry out an urgent review of defense supply chains, the Telegraph reported on Aug. 3.
The Telegraph
first reported on Aug. 2 that part of the IT software used by British nuclear submarine engineers had been outsourced to Belarusian developers, one of whom was working from Russia.
The software was supposed to have been developed solely by U.K.-based IT workers with security clearance. The incident took before Russia's full-scale invasion of
Ukraine.
Belarus has long been a key ally to Moscow and supported Russian aggression against Ukraine, though it has not committed its own forces directly to hostilities.
A digital consultancy firm, WM Reply, was subcontracted by Rolls-Royce Submarines, the company responsible for powering the British Navy's nuclear submarine fleet, to upgrade its staff intranet system.
The Telegraph reported that WM Reply subcontracted the work to IT developers based in Belarus, "one of whom was actually working from home in Tomsk in
Russia, according to documents submitted to the MoD's inquiry."
Subscribe to the Newsletter Belarus Weekly Join us
Employees of WM Reply "began to sound the alarm over the security implications of using Belarusian staff for the project" in the summer of 2020, the Telegraph said.
The employees were reportedly told not to panic by their superiors and the company initially kept the fact that the work had been outsourced to
Belarus secret.
The staff intranet system contained the personal data of all employees working for Rolls-Royce Submarines and the organizational structure of the wider workforce of the U.K.'s submarine fleet, leaving staff at risk of being targeted or blackmailed.
According to the Telegraph, "Rolls-Royce said it had carried out full IT security checks on any coding before it was introduced to its network" and is confident that outsourced developers "did not have access to information on secure servers."
"We can categorically state that at no point was there any risk of data, classified or otherwise, being accessed or made available to non-security cleared individuals," Rolls-Royce said.
The company stopped working with WM Reply after a "rigorous internal investigation" that was completed in 2021.
Ben Wallace, the Defense Secretary at the time, was
quoted by the Telegraph as saying the breach left the U.K. potentially "vulnerable to the undermining of our national security."
Former Navy Admiral Alan West has also urged the U.K. Defense Ministry to conduct a further review of its supply chains.
In another case of IT systems leaving British nuclear infrastructure open to potential attack, the Guardian reported in December 2023 that
lax security protocols at the Sellafield nuclear waste site had left it open to hacking from Russian and Chinese-linked cyber groups.
Sellafield's insecure servers resulted in foreign hackers gaining access to high-level confidential material, which could include radioactive waste movements, leak monitoring, and fire checks.
Emergency planning documents, used in case the U.K. comes under foreign attack, could have also been compromised, according to the Guardian.
EU slaps new sanctions on Belarus over internal repressionsThe announcement came a few days ahead of the fourth anniversary of the 2020 Belarusian presidential election when dictator Alexander Lukashenko cemented his hold on power through electoral fraud and mass repressions.
The Kyiv IndependentMartin Fornusek
