By Stephen Bryen
The 65,000-ton warship quietly left its berth at the Rosyth Dockyard in Scotland around midnight, sailing out under the Forth Bridge into the North Sea where the carrier is starting its first sea trials. The new British aircraft carrier is still many years away from entering service. This ship, the HMS Queen Elizabeth will one day be joined by the HMS Prince of Wales, her sister platform provided the British have the budgets to support two flat tops. Together they cost nearly $8 billion, not counting the aircraft on board which will add some billions more to the overall bill.This modern, advanced aircraft carrier is managed by commercial off the shelf software running its computers. The operating system on HMS Queen Elizabeth is Microsoft’s Windows XP.
Windows XP is very common on computers and computer systems of all kinds in American and British defense programs.
Microsoft announced in April 2014 that it would no longer support Windows XP which Microsoft considers obsolete.
To try and buy time at the Pentagon where the plan is to convert tens of thousands of XP computers to Windows 10, the Pentagon bought an extension of support for XP from Microsoft. But even with support, there are reasons why the Pentagon should not be using Windows XP or, for that matter any other commercial off the shelf operating systems for its computers and embedded systems. Neither should our allies, especially Great Britain where we share a sea-going nuclear deterrent.
Britain’s nuclear deterrent is on-board four nuclear missile-firing submarines, HMS Vanguard, HMS Victoria, HMS Vigilant and HMS Vengeance. The Vanguard, as one example, was launched in 1992 and entered service in 1993. It carries up to 8 Trident II (D-5) nuclear missiles. Each missile has between and 8 and 12 independently targeted nuclear warheads (MIRV), so the nuclear strike power of these submarines is considerable. With a Trident II flight range of 12,000 km (7,456 miles), the Vanguard and its sister submarines can target much of Russia, which Britain like the United States considers the main potential nuclear adversary.
All four of these British “boomers” depend on Windows XP.
America is not any different.
America’s Virginia-class attack submarines – our most modern nuclear powered attack submarines – use Windows XP for vital functions. Vice Admiral William Hilarides, speaking about this vulnerability in 2014 as head of the Naval Sea Systems Command, verified that key systems included processor chips running Windows XP. He worried that these systems could be infiltrated by hackers as submarine machinery control systems are analyzed in unclassified computers onshore at warfare centers. “That means a virus that gets onto the unclassified network could work its way into crucial systems on a submarine,” he said.
There are many ways viruses get into computers, but among the most common are from flash memory devices that have been infected. While the Pentagon has banned unsafe memory sticks from use in combat areas, flash memory sticks and devices are widespread and common. Today there is no known way to actually secure a flash memory, according to experts.
Even tactical systems are clearly at risk today because of commercial software and vulnerable data links.
Consider drones. Drones are increasingly used to carry out vital surveillance, follow and kill terrorists and for many other security tasks. Drones use commercial off the shelf software and hardware including Windows XP and other Windows operating systems which are equally problematic.
On December 4, 2011 a U.S. “stealth” drone known as the RQ-170 Sentinel, was captured by Iran as the RQ-170 operated overhead near the city of Kashmar in northeastern Iran. The Iranians were able to get control over the drone and guide it to a landing on their territory. According to Iran this was accomplished by a special cyber team who were were able both to jam the incoming signal coming from a satellite and replace it with their own commands.
Also in 2011 a computer virus infected the cockpits of America’s Predator and Reaper drones, which carry Hellfire missiles.
Something similar happened in Israel. In 2013 an Israeli Shoval (Heron) drone was hijacked on a mission over the sea between Tel Aviv and Netanya. The hijacking was done either by Hezbollah or Iran, with the betting being that it was an Iranian operation. In the wake of the incident, Israel had to ground the Shoval fleet until better security could be implemented. There is a good chance that the Israeli drones, like the American ones, used commercial operating systems and their own control software to manage drone missions. Presumably the Iranians had little trouble figuring this out.
While the Israelis, the British and the Pentagon know about the risks in using commercial off the shelf software, also often embedded even in customized products, all of them continue to do so. Why?
There is no official explanation. Indeed, former Secretary of Defense Ash Carter, who was a big supporter of Silicon Valley, ordered the purchase of Windows 10 to replace older Microsoft systems, including especially XP. No one, seemingly asked whether Windows 10 was any safer than Windows XP, with or without Microsoft’s support.
Anyone today who owns a computer knows they are sitting ducks for all kinds of computer viruses, malware, Trojan horses and (more recently) ransomware. Most business enterprises and individual users have no choice but to buy commercial or shareware operating systems such as Windows, Mac and Linux “flavors” such as Ubuntu. But what about the military?
The short answer is that COTS OS’s (commercial off the shelf operating systems) are used for both strategic and tactical military systems by the Pentagon. Our national security is tied to a major vulnerability across the spectrum of our defense systems.
It is not only the Pentagon that is sitting on this time bomb. Much of the critical infrastructure (that includes government, banking and finance, communications, transportation, health delivery systems, electrical power, emergency services, and energy) also uses commercial software that not only can be hacked and attacked, but is hacked and attacked every day.
The Pentagon relies on patches to systems, frequent systems checks, some encryption and firewalls as a way to try and protect critical assets. And while these techniques work to a degree, they are far from foolproof. Moreover, potential adversaries are unlikely to show their hand and really go after and attack our defense systems unless there is a real conflict worthy of them revealing their capabilities. Thus to a degree we are in a black hole and can’t objectively see what we face although intuitively we know the threat –today called by the U.S. government “the advanced persistent threat” which continues to grow.
Is Windows a national security threat? Or would it be more accurate to say that all commercial off the shelf software is highly risky in national security applications? The answer is yes to both.