News that a WannaCry attack has allegedly hit a South Carolina facility owned by Boeing is now downplayed by the aerospace company on Twitter. According to their statement, “articles on a malware disruption are overstated and inaccurate,” and aircraft production and delivery were not affected.
The information that Boeing was hit by ransomware on Wednesday was released by the Seattle Times after they got hold of an internal memo written by Boeing’s production engineering chief Mike VanderWel. VanderWel wrote that an infection “is metastasizing rapidly out of North Charleston and I just heard 777 (automated spar assembly tools) may have gone down.” He mentioned WannaCry and that it may have “spread to airplane software,” but there’s no clear confirmation that it was indeed a WannaCry infection.
Last year’s WannaCry outbreak, largely blamed on hackers sponsored by the North Korean government as part of a major cyberespionage operation, manipulated a critical vulnerability in Windows that enabled it to spread across devices in over 150 countries. Hackers locked the devices and demanded ransom in bitcoin in exchange for the decryption key.
Since Microsoft immediately released patches to protect devices against the EternalBlue exploit, a new massive WannaCry infection would be suspicious, and would hint that either the patching measures taken so far have been unsuccessful, or Boeing forgot to patch some critical systems and is now paying for it.