A Bad Combination: Lethal Aircraft Carriers and Windows XP

By Photo: HMS Gannet/MOD, OGL v1.0, https://commons.wikimedia.org/w/index.php?curid=37242960
May 11, 2019 Topic: Security Region: Europe Blog Brand: The Buzz Tags: Royal NavyCarriersWindows XPOperating SystemsUnited Kingdom

A Bad Combination: Lethal Aircraft Carriers and Windows XP

And yet, at least for a time, it might have been so.

At the height of the British empire in the 19th century, the Royal Navy was renowned for its military might, a global force that imbued its sailors with a special form of geopolitical pride. A British tar was “a soaring soul, as free as a mountain bird,” according to Victorian rap duo Gilbert and Sullivan. “His energetic fist should be ready to resist a dictatorial word.”

(This article by Jared Keller originally appeared at Task & Purpose. Follow Task & Purpose on Twitter. This article first appeared in 2017.)

Oh, how the mighty have fallen: While Britain continues to expand its naval power — most recently with the addition of the massive HMS Queen Elizabeth aircraft carrier that got underway for sea trials on June 26 — the empire’s sailors nowadays find their power-projection is hobbled by a simple, depressing vulnerability: Microsoft Windows.

The Royal Navy’s brand new $4.5 billion warship is currently running an egregiously outdated 2001 version of Windows XP, the same garbage operating system that left more than 90% of the UK’s National Health Service crippled by a ‘WannaCry’ ransomware attack back in May, according to an eagle-eyed Guardian reporter on a tour of the new carrier.

Queen Elizabeth Cmdr. Mark Deller refuted the Guardian’s claim, insisting that the next-generation carrier “is well designed and there has been a very, very stringent procurement train that has ensured we are less susceptible to cyber than most” — but since Microsoft discontinued Windows XP support in 2014, it’s unclear who the Royal Navy plans on calling when their systems go down on the open ocean.

“The MoD can confirm that Windows XP will not be used by any onboard system when the ship becomes operational,” the Ministry of Defense said in a June 28 statement. “While we don’t comment on the specific systems used by our ships and submarines, we have absolute confidence in the security we have in place to keep the Royal Navy’s largest and most powerful ship safe and secure.”

Ironically, this is the second time the Royal Navy’s been caught running garbageware on its ostensibly “next-generation” vessels by the Guardian. In January 2016, another reporter observed that Britain’s four Vanguard-class ballistic missile “doomsday” submarines, which play a major role in the UK’s nuclear deterrent, also run on Windows XP.

BUT WHY?!?! Because the so-called “Windows for Submarines” — submarines commissioned in the early 1990s, it’s worth noting — was “cheaper than the alternatives.” This is pretty grim when you consider that any machine running the OS after April 2014, in Windows’ own words, “should not be considered protected as there will be no security updates for the Windows XP operating system."

To be fair, there are Windows XP holdouts in every branch of the armed services. U.S. Navy’s Space and Naval Warfare Systems Command (SPAWAR) was still running XP as of 2015, but at least the Pentagon shelled out $9 million to Windows to keep the command’s systems updated against cyber attacks and various intrusive forms of malware. As Fortune points out, the U.S. Army initiated a similar contract with the company to cover “over 8,000 devices.”

"The Navy relies on a number of legacy applications and programs that are reliant on legacy Windows products," SPAWAR spokesman Steven Davis said at the time. "Until those applications and programs are modernized or phased out, this continuity of services is required to maintain operational effectiveness."

Yes, it’s ridiculous that the strongest militaries in the world are paying millions of dollars to stay with a vulnerable and outmoded operating system. But paying an extra buck to keep networks even relatively secure is way better than the Royal Navy’s “screw it” approach to their deadliest vessels. A British tar may never bow down to a domineering frown or the tang of a tyrant tongue, but even he can be humbled by a call to tech support.

More Articles from Task & Purpose:

- 7 Veteran-Friendly Manufacturers That Are Hiring

- The 6 Types Of Contractors You Encounter Overseas

- Here’s How Marines Fared On The New Physical Fitness Test

Image: Wikimedia