As posted on Windows XP left open to cyber-attack on HMS Queen Elizabeth as well as in NHS? | Letters
Ministers should seek reparations from the US government and Microsoft, and invest to protect civilian infrastructure, says J Robin Hughes
Among HMS Queen Elizabeth’s vital statistics, Ian Jack mentions the use of Windows XP (Britain’s new aircraft carrier may be a vast folly – but it still provokes awe, 1 July). The Ministry of Defence denied in December 2015 that it would be used once the vessel is operational, but appears not to have informed defence secretary Michael Fallon, who during his 27 June interview on BBC Radio 4’s Today programme seemed unable to confirm or deny its use. He also asserted – wrongly – that the system is not vulnerable, and then blamed NHS staff for enabling the WannaCry attack in May this year through “the sloppy use of passwords”.
This obscures the fact that, apart from the criminals, others bear heavy responsibility. The US National Security Agency concealed the security problem for years, and only warned Microsoft months after it was stolen. Microsoft held back the fix for non-paying Windows XP users until after the attack. Health secretary Jeremy Hunt cancelled the support contract which could have protected the NHS. Ministers should seek reparations from the US government and Microsoft, and invest to protect civilian infrastructure.
J Robin Hughes