A new aircraft carrier built for the Royal Navy appears to be running the outdated 2001 Windows XP operating system on at least some of its machines. During a tour of the £3.5 billion HMS Queen Elizabeth, someone reportedly spotted a screen inside the aircraft carrier's control room running Windows XP. Microsoft hasn't supported this operating system since April 2014. Even so, ESET researchers found approximately 10 percent of machines worldwide were still running Windows XP two years into the platform's end-of-life. As Microsoft no longer issues security updates for Windows XP, all computers running the operating system are at greater risk of suffering a security incident. WannaCry's abuse of a SMB vulnerability to infect more than 300,000 organizations in over 150 countries beginning on 12 May 2017 comes to mind. Some research indicates Windows XP didn't contribute much to the global ransomware outbreak. But the operating system is still susceptible to other digital threats, which include the WannaCry binary executing locally on a vulnerable host. Needless to say, some security experts are troubled by the news of Windows XP running aboard the HMS Queen Elizabeth. Among them is Alan Woodward, professor of computing at the University of Surrey. As quoted by The Telegraph:
"If XP is for operational use, it is extremely risky. Why would you put an obsolete system in a new vessel that has a lifetime of decades?"
Senior naval officers don't share Professor Woodward's concern. Mark Deller, commander air on the Queen Elizabeth, says the aircraft carrier's "very, very stringent procurement train... has ensured we are less susceptible to cyber than most." He also explains the carrier is surrounded by destroyers and an escort that can ward off attempts to jam Queen Elizabeth's radio signals. UK Defense Secretary Michael Fallon is similarly confident the naval vessel is safe from attack. He voiced as much to BBC Radio 4's Today program:
"It's not the system itself, of course, that's vulnerable, it's the security that surrounds it. I want to reassure you about Queen Elizabeth, the security around its computer system is properly protected and we don't have any vulnerability on that particular score."
Many on Twitter didn't buy into Secretary Fallon's assurances, however. https://twitter.com/dudekiller/status/879599138752667649 https://twitter.com/TippingsTipples/status/879609801545854976 The 65,000 ton HMS Queen Elizabeth, which appears to have been running Windows XP on-board since at least the end of 2015, has left the Rosyth dockyard and is heading to the North Sea for the summer.
