Cyber attack fears against Britain's newest warship ... (still using Windows XP)

Mail Online ^ | 27 June 2017 | Larisa Brown

[sukhoi-30mki]

Fears were raised last night that Britain's new aircraft carrier could be vulnerable to a cyber-attack after it emerged the ship was still using the outdated computer software used by the NHS.

Navy chiefs boasted the defence system on the UK's biggest ever warship, the HMS Queen Elizabeth, will be NASA standard - rather than like the NHS system that was hacked into several months ago.

But computers in the flying control room on the £3.1billion state-of-the-art carrier showed the system was still running on Windows XP.

The vast majority of NHS computers hit by a global cyber-attack in May this year were running Windows XP, which can have serious security flaws.

The operating system was released in 2001, and Microsoft cut support for it in 2014. Microsoft no longer distributes security updates for XP, leaving it vulnerable to viruses and cyber-criminals.

Experts have warned those still running the software after 2014 – and not receiving extended security support after the cut-off date – are at risk of getting hacked.

Amid heightened concerns that states could launch cyber-attacks against the UK in a new type of warfare, cyber warfare experts will be deployed with the carrier when it becomes operational in 2020.

Read more: http://www.dailymail.co.uk/news/article-4641756/Cyber-attack-fears-against-Britain-s-newest-warship.html#ixzz4lAVnL7bW Follow us: @MailOnline on Twitter | DailyMail on Facebook

[sukhoi-30mki]

Fears were raised last night that Britain's new aircraft carrier (pictured) could be vulnerable to a cyber-attack

Just before midnight on Monday it eventually went under the famous Forth Bridge as the captain had to wait for the right tide

Read more: http://www.dailymail.co.uk/news/article-4641756/Cyber-attack-fears-against-Britain-s-newest-warship.html#ixzz4lAW6HFbr Follow us: @MailOnline on Twitter | DailyMail on Facebook

[fso301]

Why does it have two islands?

[2ndDivisionVet]

Okay, but did that whole Y2K thing figured out?

[Secret Agent Man]

Ship command, and flight ops.

[bigbob]

Assume the ITGeniuses at the Mail have verified that these computers are connected to the public internet as well. Or have the Russians now got the ability to hack by ESP?

[Noamie]

Because windows XP can’t run one, big island. So they partitioned the ship. Freakin brilliant move, I might say.

/wtf?????

[Molon Labbie]

That is an ugly ship, IMO. What’s the point of two islands?

[Vendome]

One is for helos, the other is for fixed wing...

[Henchster]

"Why does it have two islands?"

One for takeoff, one for landings. Because in England, they still have separate hot and cold water faucets:

[Leaning Right]

> Why does it have two islands? <

One island is running windows XP. The other is running Windows ME. That way, if one system gets hacked, the other system will still be up and running.

Just my guess, of course.

[smokingfrog]

So planes can take off or land in either direction?

[Enchante]

Inside the 2nd island is where they do the “rum, sodomy, and the lash” kind of thing....

[smokingfrog]

Windows XP or Windows XP Embedded?

[Garth Tater]

XP is wide open to anyone with physical access - unlike up-to-date operating systems. And once one XP system on the ship's network has been compromised all the rest are easy pickings. This is an unbelievable level of idiocy.

[HiTech RedNeck]

They might have the physical hardware configured to keep it from happening.

[SecondAmendment]

Someone in the Royal Navy needs to watch the pilot episode of the “Battlestar Galactica” reboot ...

[Garth Tater]

Even without physical access to the computer the operating system is insecure.

1. No support for smart cards making keyboard logins necessary which can be picked up locally via rf radiation without actual physical access.

2. Pagefile.sys is left unencrypted when using EFS (XP's file system encryption.) Meaning EVERY XP computer has to be tracked and secured ALL the time for its entire life span or else there is the risk of someone grabbing passwords or unencrypted file data out of the page file.

3. EFS was slower than molasses on XP making it ripe for quick fixes and work-arounds to speed up essential applications - this is a warship after all and response time is critical.

4. Group Policies can't be used to enforce file encryption.

5. NTLM passwords are easily cracked. So any access to the netwire would allow a hacker to pick up passwords with ease. They have an NTLMv2 out now but I'd be surprised if that isn't also crackable as the defects with NTLM were pretty much structural - don't know for sure though since I've been out of the business for quite awhile now and don't keep up like I should.

6. The AT (task scheduler) command does not check the Administrator password when running tasks with Administrator rights giving a hacker a wide open door to Admin rights once he does gain access to the XP computer under any account with almost any low-level permissions granted.

7. No support for per-client permission checking of off-line files - making all sorts of file naming and bit swapping inside of files possible.

There were plenty of other ways into XP which was one of the reasons Microsoft quit patching the old lady - it simply couldn't be made secure.

I'm sure the navy IT guys are doing a lot to close these holes, but putting a 16 year old operating system on a $3 billion warship manned by something like 600 men is criminally insane. One mistake, one time is all it takes to cripple the computing infrastructure and kill the ship. They must be even more broke than I had thought.

[Savrola]

“Ship command, and flight ops”

Is the correct answer.

There will always be a fair bit of nonsense popping up in tabloid newspapers about massive projects such as this.

HMS Queen Elizabeth is a beauty in my eyes, and I look forward to her being joined by HMS Prince of Wales.

[Eric in the Ozarks]

One hopes the ghost of Joe Lucas is not aboard...