A recent WannaCry attack on Boeing was not that devastating

Boeing chief engineers inform about the WannaCry attack

The aerospace giant Boeing was deemed to be hit by a WannaCry^[1] ransomware attack this Wednesday. The same crypto-virus affected multiple high profile organizations and governmental institutions in 70 countries around the globe last year.

Mike VanderWelm, the chief engineer at Boeing production engineering, was worried that the ransomware attack could damage production lines and called for “All hands on deck” regarding this issue:

“It is metastasizing rapidly out of North Charleston and I just heard 777 (automated spar assembly tools) may have gone down”

He raised a concern regarding the virus disturbing test equipment that is used for airplanes. Furthermore, there is a chance that the software used on aircraft might be affected as well, which might lead to disastrous consequences.

Mike VanderWelm also noted that this situation requires a “battery-like response,” referring to an in-flight battery problem leading to onboard fires.^[2] This consequently led to the grounding of whole 787 fleets which lasted three months while engineers were trying to resolve the issue.

Senior executives of Boeing explained that the virus attack was exaggerated

Boeing executives reacted quite calmly after some research, despite the initial panic on Wednesday. The head of communications Linda Mill assured that the cybersecurity experts of Boeing had tackled the attack and it was not as severe as first portrayed in social media.

She also noted that WannaCry virus only affected few machines and that the software patches^[3] are on the way to deal with the problem. Linda Mill confirmed that there were no interruptions on production lines and VanderWel’s statement that some 777 might be affected was proven to be wrong.

WannaCry affected multiple businesses and organizations last year

WannaCry ransomware is a crypto-virus that locks up computer files and makes them absolutely unusable. Cybercriminals store the encryption key on a remote server and demand ransom to be paid in a digital currency Bitcoin for data release.

The malware exploits a flaw in Windows systems, discovered by NSA’s IT professionals. The EternalBlue exploit was leaked in 2016 by a group of cybercrooks called “Shadow Brokers.”^[4] Microsoft reacted quickly and released the patch, correcting the vulnerability. However, not many users applied the fix, even after dangerous ransomware-spree.

Because the WannaCry attack was exploiting a vulnerability, it targeted most influential companies around the world. Britain’s health service NHS suffered a great deal of damage in May 2017,^[5] resulting in significant disruptions in public health care, including directing patients in emergency rooms to other hospitals.

In December the US government officials blamed North Korea for WannaCry attacks. In particular, a hacker group called Lazarus Group was targeted as it performed various attacks against South Korean governmental institutions since 2009. However, it is not yet confirmed that North Korean hackers are at fault, mainly because multiple groups copy the virtual code.

WannaCry might come back even stronger

Even though Windows patched the vulnerability, not many companies have applied the fix as they don’t want to mess with the custom-built systems. Additionally, the patch only works if the computer is connected to the internet. Otherwise, the virus can start its reinfection process as soon as the computer is rebooted while connected to the network

Security experts concluded other hackers developed a more advanced version of WannaCry, the one that can defeat the Windows fix. Thus, it is believed to be the variant of malware that struck Boeing this Wednesday.