The Boeing corporation admitted on Wednesday that a “small number of systems” were affected by a “limited intrusion of malware,” but denounced what it called “overstated and inaccurate” reports that the malware attack was much larger.
Statement: A number of articles on a malware disruption are overstated and inaccurate. Our cybersecurity operations center detected a limited intrusion of malware that affected a small number of systems. Remediations were applied and this is not a production or delivery issue.
— Boeing Airplanes (@BoeingAirplanes) March 28, 2018
Boeing was presumably referring to reports on Wednesday that its systems had been infected by the WannaCry ransomware virus, which touched off a global panic in May 2017.
However overstated this reporting might have been, it was based not on wild rumors but an internal memo from Boeing Commercial Airplane chief engineer Mike VanderWel, who said the malware attack was “metastasizing” like cancer and threatening to spread into more of Boeing’s systems, possibly even airline software.
VanderlWel’s memo said it was an “all hands on deck” situation and “just about every VP in Boeing” was involved in a conference call on the malware attack. He warned that the attack could be serious enough to merit a response comparable to Boeing grounding its entire fleet of Dreamliners in 2013 for several months to deal with battery fires.
Boeing officials have not yet confirmed the outbreak involved WannaCry or one of its variants. Like other ransomware programs, WannaCry is designed to lock down a computer system or hide its vital data until a ransom is paid to the hackers, generally with a cryptocurrency like Bitcoin.
What made WannaCry so dangerous is that it incorporated extremely powerful hacking tools stolen from the NSA and exploits vulnerabilities that have not yet been patched out of every Microsoft Windows computer system. Also, the portion of the viral code that handles ransom payments does not work in many variations of WannaCry so, at this point, there is no way to pay off the hackers and get them to cleanse an infected system. Security experts have warned that various iterations of WannaCry are still lurking on the Internet or lying dormant in infected systems, and some of them have been updated to resist the early techniques devised to defeat the virus.
On the bright side, InfoSecurity Magazine notes that the global ransomware craze appears to be subsiding, in part because hackers find it more profitable to infect computer systems with subtle cryptocurrency mining software whose presence can go unnoticed by users.
In December, the Trump administration formally held the North Korean government “directly responsible” for the WannaCry outbreak, describing the virus as an “indiscriminately reckless” cyber weapon.
“We’ve done a final assessment,” Boeing Commercial Airplanes communications chief Linda Mills said on Wednesday. “The vulnerability was limited to a few machines. We deployed software patches. There was no interruption to the 777 jet program or any of our programs.”
Mills specifically addressed some of the concerns raised in VanderWel’s memo and said his fears that the virus had spread into production or military systems turned out to be unfounded, while rumors that aircraft control systems could become infected were baseless hysteria.
A Boeing representative told TechCrunch on Wednesday that “the number of machines affected was in the dozens and that it has been contained with no impact to aircraft production.”