British Royal Navy’s New HMS Queen Elizabeth Warship Runs Windows XP, What Could Go Wrong?
Windows XP was first released to the public in 2001, and commercial support for the operating system ended in 2014. However, many businesses and militaries around the globe still use Windows XP to this day even though newer operating systems like Windows 7, Windows 8.1 and Windows 10 have been released as replacements. More proactive institutions have long-term contracts with Microsoft to provide continued software support (including security patches) for Windows XP even though extended support has ended, which helps shore up their defenses against attacks.
So, while we might think of Windows XP as being as much of relic today as people thought of DOS when Window XP was introduced, there are provisions available today to make sure that the operating system is not completely defenseless against modern malware threats.
Defence Secretary Michael Fallon told BBC Radio 4 that the Windows XP systems are isolated from the outside world and are “properly protected”.
"It's not the system itself, of course, that's vulnerable, it's the security that surrounds it,” said Fallon. "I want to reassure you about Queen Elizabeth, the security around its computer system is properly protected and we don't have any vulnerability on that particular score."
Cybersecurity experts, however, warn that Windows XP could leave Britain’s warships at risk in this new age of malware and ransomware attacks. WannaCry hit the UK’s National Health Service hard last month and a new strain of the Petya ransomware software began making its way around the globe yesterday.
Great @RoyalNavy photos of @HMSQnlz sailing from Rosyth today. Fantastic 🇬🇧 naval design, engineering & innovation. #GlobalBritain. pic.twitter.com/MMGYeuY2U5
— Kevin McGurgan (@KevMcGurganFCO) June 26, 2017
There’s also the question of how wise it is to launch a brand-new warship with such woefully outdated software — especially when the HMS Queen Elizabeth could have a service life of many decades. One defense source says that the HMS Queen Elizabeth is slated to receive a full computer systems upgrade sometime in the next decade, which should help alleviate at leats some cybersecurity fears.
As one redditor puts it, it mostly comes down to timing, the military’s often languid pace when it comes to updating its equipment, and complacency with products that “just work” that leads to situations like this. smokingpen writes:
The reality of the military and military used software is, first, it doesn't get updated often or for no reason. Literally, if it ain't broke, don't fix it. Since there are multi-million-dollar maintenance and support documentation contracts for all systems, the cost is more than just a software patch or upgrade as it includes entirely new, step-by-step documentation and testing before anything can be rolled out. Even then, all updates are rolled out on a schedule and only after (often) years of testing, updates, training, and approval across many different groups.
We are in no position to give the British Royal Navy any advice on how it handles its IT operations, so we won’t judge it too harshly on its choice of Windows XP. However, it is a rather curious operational decision to say the least.
For our HotHardware readers out there that have experience with military computer networks, what’s your take on Windows XP on the battlefield high seas?
