Username/Email:  Password: 
TwitterFacebookFlickrRSS
Home

Newstradamus Reports: Navy Nailed By Virus

Jan 19, 2009  By Justin Ryan

A few weeks ago, Breaking News brought LinuxJournal.com readers an unusual story, entitled "The Blue Screen of Megadeath," which we described as "scar[ing] the living daylights out of us." The story revealed that, in an effort to cut costs, all submarines of the UK's Royal Navy — including her four Vanguard-class subs armed with some 4,800 kilotons of nuclear weapons each — had been fitted with a stripped-down version of Windows XP. Now, just weeks later, fresh news out of the Admiralty suggests we were more on target — no pun intended — than even we knew.

We would be fibbing if we denied that we here at Breaking News are prone to a bit of hyperbole — quite a lot, even — but the story of the blue-screen-boom-boom-boats drew more than a few chuckles from our readers. We were prepared to admit that perhaps our crystal ball had a crack or two in it, until this morning, when we ran across an item out of Portsmouth, Hampshire (UK) — a traditional stronghold for the Senior Service and home to such distinguished naval relics as HMS Victory, Lord Nelson's flagship. According to Portsmouth's The News, the Royal Navy — the same one we were assured was safe with Windows — has come down with a virus, leaving up to 75% of the Navy's ships with crippled communications.

Admiralty officials are remaining tight-lipped on the exact details, with spokesmen confirming that the NavyStar network — which provides internet and email not only for the personal use of seamen, but for ships systems as well — has been infected, but insisting that weapons and navigation are unaffected. Sailors on board affected ships have been allowed to use their mobile phones to stay in contact with friends and family, and have used the opportunity to report on the status onboard. One described the situation as "utter chaos," and noted that due to the lack of email, when the ship stopped to pick up cadets en-route to Liverpool, the crew had no way of determining how many were to come aboard.

Mike Hancock, a Member of Parliament for Portsmouth South and Commons Defense Select Committee member, told The News "It is truly frightening to think that a virus can spread this far and this fast through the network. It was an expensive system to build for what is supposed to be one of the most secure sectors." He also noted the effect on sailor morale, as email and internet access has become crucial for contact with families and obtaining information about happenings off-board. Adding insult to injury, the glitch came just as a report critical of the Ministry of Defence was released by the Public Accounts Committee, chastising the Ministry for breakdowns in data security, saying in part "The Department currently has an undesirable record on data security when it should be amongst the best in government."

If the affected system is, as Mr. Hancock suggests, supposed to be "one of the most secure" onboard the Navy's ships, then one has to wonder how far off the predictions of disaster and doom associated with Windows for Warships really were. We, more than anyone, want to be wrong in predicting the end of the world, but with 75% of ships unable to phone home, we're left wondering if a name change — to Newstradamus — might be in order.

______________________

Justin Ryan is a Contributing Editor for Linux Journal.

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

it is height of ignorance.

wesker's picture
Submitted by wesker (not verified) on Wed, 02/04/2009 - 02:43.

it is height of ignorance. Follow the crowd, herd-mentality. High time the powers that be used their Brains.
blueoo.com

NavyStar network navy EMAIL

Anonymous's picture
Submitted by Anonymous (not verified) on Sat, 01/31/2009 - 00:26.

NavyStar network navy EMAIL and INTERNET to allow sailors to keep in contact with friends and family

**** IS NOT ****

Submarine Command System Next Generation (SMCS NG)

""On January 23rd, 2009 Anonymous (not verified) says:
Now you mention it...
According to this link http://www.baesystems.com/Newsroom/NewsReleases/autoGen_108111514515.html (news from the company who actually performed the installation) the software sollution handles very crucial systems - including tactical!
"SMCS NG is designed to handle the growing volume of information available in modern nuclear submarines and to control the sophisticated underwater weapons carried now and in the future. Its core capability is the assimilation of sensor data and the compilation and display of a real time tactical picture to the Submarine Command Team."
So DO read a little background before getting nasty - the laugh is really on you :-P

BTW: They brag about having implemented the system ahead af time - Nice going, but perhaps they should have spend some time implementing propper security too?""

Perhaps you need to go back and redo your own homework..

2/10 Epic Fail.

Get a grip

Anonymous's picture
Submitted by Anonymous (not verified) on Wed, 01/21/2009 - 20:55.

"up to 75%" is what you see on those commercials late at night it means somewhere between 0% and 75%.

"but this product and you will receive up to 75% improvement in your looks, or some other rubbish"

Email and internet is not the way the military communicate, its not secure and there are com centers, crypto, radio, satellite comms (they even have their own satellites).

So they got an email bug, so what its email its to enable the jack tar's to talk to their mommies and daddies.

Nothing operational, no stores, no logistics, no security related information would be used.

So you ask a sailor what they thought and because he could not send an email to his mommy the world is going to end. !!!

What a joke, this is pure and complete FUD and LJ should hang their head in shame.

At least do your homework,

or they could use Ubuntu and try to get it to work with its 47,000 bugs !!.

speaking of not doing your homework

Anonymous's picture
Submitted by Anonymous (not verified) on Fri, 01/23/2009 - 12:33.

Now you mention it...
According to this link http://www.baesystems.com/Newsroom/NewsReleases/autoGen_108111514515.html (news from the company who actually performed the installation) the software sollution handles very crucial systems - including tactical!
"SMCS NG is designed to handle the growing volume of information available in modern nuclear submarines and to control the sophisticated underwater weapons carried now and in the future. Its core capability is the assimilation of sensor data and the compilation and display of a real time tactical picture to the Submarine Command Team."
So DO read a little background before getting nasty - the laugh is really on you :-P

BTW: They brag about having implemented the system ahead af time - Nice going, but perhaps they should have spend some time implementing propper security too?

alternatives

adri's picture
Submitted by adri (not verified) on Wed, 01/21/2009 - 04:49.

Let them try "Portholes" or upgrade to Fishta ...

It is height of ignorance.

Anonymous's picture
Submitted by Anonymous (not verified) on Tue, 01/20/2009 - 23:56.

It is height of ignorance. Follow the crowd, herd-mentality. High time the powers that be used their Brains. "Windows" of all the OSes in the world for Security? for Cost? God Help Us! We ordinary Mortals.

Windows was used to cut costs

SwiftNet's picture
Submitted by SwiftNet (not verified) on Tue, 01/20/2009 - 09:17.

I find it amazing that Windows was used to cut costs. Ask any IT person who works in mixed OS environments and they will tell you that Windows needs more maintenance and resources. If the Navy wanted to cut costs, a *nix environment with a few good sysadmin's would do the trick.

Will they ever learn?

Your answer would be...

Anonymous's picture
Submitted by Anonymous (not verified) on Wed, 01/28/2009 - 01:38.

Your answer would be... total cost of ownership. Ask yourself a question. What is cheaper a couple of hundreds in the operating system + the money you have to pay to a normal admin or 0 in operating system + a huge load of thousands in a "good admin"? Remember operating systems are to be used. They are not just deployed and I mean all OS including linux, *BSD or whatever require all those maintenance and resources. Add to that, that microsoft puts easier all those maintenance to the point that many non high end users can do them on their own. Why do you think that Linux is such a failure? Simple, because fanbois understimate that. And by telling you this I'm not backing microsoft, on the contrary. There is on the other side the virality of the linux license. That's the reason i prefer a thousand times windows to linux. I mean that license can leak to my systems and then is when I could start to have problems. With microsoft is only a matter of "not stealing their work". Is not that I'm a microsoft user either since *BSD is a whole lot better and i can actually reuse their components to build part of my systems without even requiring an unafforadable(in a practical way) lawyer. With linux you probably need a lawyer to be sure if somebody can steal your technology (and some want it heavily) or not because even linking with it can be problematic and could be potentially considered a derivative work. Ok is only for redisistribution but what if I need to do that somewhere in the future. Sorry I don't want artificial limits if I can avoid them.

System Administrator

Grabur's picture
Submitted by Grabur (not verified) on Tue, 01/20/2009 - 09:10.

They really need the funds, to pay for a couple of good system administrators, I thought their computer system's were too old to run Windows. Should be using a secure distro. Maybe a BSD, or a Linux. This is pretty shocking.

Haven't they seen Battlestar Galactica, no networks are permitted on that ship.

United States

mikesd's picture
Submitted by mikesd on Mon, 01/19/2009 - 20:32.

navy tried this before with NT before and the computers crashed. I'm not saying at all that it couldn't work with Windows, but extra time has to be taken into considering all areas of vulnerabilities. What amazes me is that no anti virus program apparently was installed at all? That's engineering incompetence.

--
That which does not kill me only postpones the inevitable.

I was on the the referenced boat with NT 4 (USS Yorktown CG-48)

Meko Suka's picture
Submitted by Meko Suka (not verified) on Sat, 01/31/2009 - 21:17.

In a nutshell an engineer (that's gas turbine engineer)entered a 0 into a db field which rendered the ship w/o propulsion and forced it to be towed in. You can google around for an article on this. The program itself was called --- Smart Ship ---

The original installation of NT (which btw was h installed on dual pentium PRO's across the board) was to automate many of the ships functions from navigation to propulsion etc...in an effort to reduce overall crue size. While this DID work, you can see it needed some work and hence this is why it was installed as a bit of a beta program. No combat ready systems were altered and once the program failed, it was gutted and analyzed.

The ship during this period of time was only used in the Caribbean for counter narcotics operations and was never placed into areas where perhaps an international incident with other than a 3rd world country would perhaps occur. Basically precautions were used.

When reading this article I would have to say that I wish similar steps would have been taken.

"What amazes me is that no

Anonymous's picture
Submitted by Anonymous (not verified) on Tue, 01/20/2009 - 16:10.

"What amazes me is that no anti virus program apparently was installed at all?"

Give them a break, they hear all this talk about Linux doesn't need anti-virus, they figured that Windows doesn't either. Little they know!

Linux doesn't needs an

Anonymous's picture
Submitted by Anonymous (not verified) on Wed, 01/28/2009 - 04:26.

Linux doesn't needs an ativirus? Jej, you are all a great target. Let me remind you Winux (The one who infects both OS), adore and those Loadable Kernel Modules that hide processes, files or network servers. Windows is more infected because is usually handled by more ignorant people that knows little about computer security and also because it's superior market share wich is a piece of cake that attracts malware writers. If linux had such a position you would see the coin flipped. And it would be disastrous (at least in current stage of development) since windows provides more aid to secure a computer (or exists more software that does the job) than linux or other OS does. Jej most of the time the problems of computer security are not the operating systems by itself but improper configuration. I tell you since I have seen OpenBSDs cracked in a halve even being so secure just by the false sense of security of the administrator and improper configuration. Jej the idiot even granted shell access wide open :P. You know what else? Thinking like that is what can make you put in risk not only yourself but users information or private data stored in your computers.

Oh Dearie Me...

waparmley's picture
Submitted by waparmley on Mon, 01/19/2009 - 15:46.

I'm afraid I don't know what is to become of the human spirit!

From a great seafaring nation we now read this:

"Sailors on board affected ships have been allowed to use their mobile phones to stay in contact with friends and family..."

Decades ago if you wore anything on your belt, it was a knife (Buck Folding Hunter Model 110 was the favorite) -- not a telephone, and you didn't have contact with your family for weeks or months at at time. Everybody managed to survive.

As far as comms go, maybe it's time to dust off Morse radiotelegraphy, semaphore, and Nancy (flashing light) again.

I'm gonna go watch a few episodes of "Victory at Sea".

(Harumph!)