Boeing Computers Hit by WannaCry

Boeing Computers Hit by WannaCry

Aerospace giant Boeing was struck with the notorious WannaCry ransomware this week, but initial fears it had infected a production facility have since been dismissed as speculation.

Chief engineer, Mike VanderWel, sent an “all hands on deck” email round internally on Wednesday, according to the Seattle Times.

“It is metastasizing rapidly out of North Charleston and I just heard 777 [automated spar assembly tools] may have gone down,” he’s reported to have said. “We are on a call with just about every VP in Boeing.”

Once the dust had settled, an official statement indicated that the incident was limited to a “few machines” which were subsequently patched and remediated. However, head of communications, Linda Mills admitted that it had taken time to assess the scale of the problem at Boeing’s South Carolina facility.

“Our cybersecurity operations center detected a limited intrusion of malware that affected a small number of systems. Remediations were applied and this is not a production and delivery issue,” the statement noted.

The incident is a timely reminder of the latent risk posed even by cyber-threats for which there are security updates available.

The Windows SMB vulnerability exploited by WannaCry was actually patched by Microsoft a couple of months before the ransomware struck in May 2017, causing catastrophic damage around the world on hundreds of thousands of endpoints.

The NHS was perhaps most notably affected, with an estimated 19,000 operations and appointments cancelled and a third of the health service hit.

Sporadic outbreaks have appeared ever since, with Honda forced to temporarily close a plant in June last year, weeks after the first attack struck.

Still, it appears as if ransomware is increasingly being eschewed by the black hats in favor of crypto-currency mining malware.

Trend Micro claimed the number of ransomware-related threats it blocked last year stood at 631 million, down from over one billion in 2016.

Source: Information Security Magazine