HMS Queen Elizabeth 'runs on vulnerable Windows XP'
Britain's largest ever warship could be at risk of cyber attacks

Britain's newest aircraft carrier, the 3.5 billion HMS Queen Elizabeth, appears to be running the outdated Windows XP operating system, and is likely vulnerable to the same style of cyber attack that hit the NHS.
The HMS Queen Elizabeth, which is Britain's largest ever vessel, left its dockyard in Rosyth earlier today to begin its first trials at sea, marking the culmination of a nearly decade-long project to build two brand new aircraft carriers.
However, an extraordinary discovery was made during a tour of the warship, as photos published by The Telegraphtaken inside a control room onboard seemed to show computer screens displaying a Windows XP login screen.
The same OS was targeted by the WannaCry ransomware attack in May, which paralysed 300,000 computer systems across 150 countries, including some of the NHS's machines.
Officers on board the aircraft carrier said that there are teams of cyber specialists onboard to deal with any security threats against its systems. Mark Deller, commander on the Queen Elizabeth told the Guardian: "I would say compared to the NHS buying computers off the shelf, I would think we are probably better than that. If you think more Nasa and less NHS you are probably in the right place."
"When you buy a ship, you don't buy it today, you bought it 20 years ago. So what we put on the shelf and in the spec is probably what was good then," added Deller. "The reality is, we are always designed with spare capacity, so we will always have the ability to modify and upgrade. So whatever you see in the pictures, I think you will probably find we will be upgrading to whatever we want to have in due course. It might have already happened but I can't tell you."
The initial order for a new aircraft carrier came in 2007, at a time when Windows XP was still Microsoft's flagship operating system. However construction did not begin until 2009, more than two years after the release of Windows Vista, while Microsoft retired Windows XP in 2014.
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
Defence Secretary Sir Michael Fallon told BBC Radio 4's Today programme: "I want to reassure you about Queen Elizabeth, the security around its computer system is properly protected and we don't have any vulnerability on that particular score."
However, with the operating system out of date and vulnerable to hackers, questions remain as to whether the warship is fit to operate at a time when nation state cyber attacks are on the rise.
David Emm, principal security researcher at Kaspersky, said that a naval warship running an outdated Windows XP OS is a "scary prospect".
"There is no such thing as 100% security. Software, written by humans, will invariably contain vulnerabilities - code that can be manipulated in ways that the writers didn't realise," he said.
Main image: Bigstock
Dale Walker is a contributor specializing in cybersecurity, data protection, and IT regulations. He was the former managing editor at ITPro, as well as its sibling sites CloudPro and ChannelPro. He spent a number of years reporting for ITPro from numerous domestic and international events, including IBM, Red Hat, Google, and has been a regular reporter for Microsoft's various yearly showcases, including Ignite.
-
Using WinRAR? Update now to avoid falling victim to this file path flaw
News WinRAR users have been urged to update after a patch was issued for a serious vulnerability.
-
Amazon CEO Andy Jassy doubles down on the company's AI focus
News Amazon CEO Andy Jassy thinks companies need to "lean into" AI and embrace the technology despite concerns over job losses.
-
Swiss government data published following supply chain attack – here’s what we know about the culprits
News Radix, a non-profit organization in the health promotion sector, supplies a number of federal offices, whose data has apparently been accessed.
-
Ransomware victims are getting better at haggling with hackers
News While nearly half of companies paid a ransom to get their data back last year, victims are taking an increasingly hard line with hackers to strike fair deals.
-
LockBit data dump reveals a treasure trove of intel on the notorious hacker group
News An analysis of May's SQL database dump shows how much LockBit was really making
-
‘I take pleasure in thinking I can rid society of at least some of them’: A cyber vigilante is dumping information on notorious ransomware criminals – and security experts say police will be keeping close tabs
News An anonymous whistleblower has released large amounts of data allegedly linked to the ransomware gangs
-
It's been a bad week for ransomware operators
News A host of ransomware strains have been neutralized, servers seized, and key players indicted
-
Everything we know about the Peter Green Chilled cyber attack
News A ransomware attack on the chilled food distributor highlights the supply chain risks within the retail sector
-
Scattered Spider: Who are the alleged hackers behind the M&S cyber attack?
News The Scattered Spider group has been highly active in recent years
-
Ransomware attacks are rising — but quiet payouts could mean there's more than actually reported
News Ransomware attacks continue to climb, but they may be even higher than official figures show as companies choose to quietly pay to make such incidents go away.