Boeing Is Dealing With a Suspected WannaCry Ransomware Outbreak

Haythem Elmir

In a baffling turn of events, computers at Boeing have allegedly been infected with the WannaCry Ransomware. According to the Seattle Times, a memo was sent out by a Boeing employee that states that systems have been affected and that their were concerns the ransomware would « spread to airplane software ».

The Seattle Times reports that this memo was sent out by Mike VanderWel, chief engineer at Boeing Commercial Airplane production engineering, that states:

“It is metastasizing rapidly out of North Charleston and I just heard 777 (automated spar assembly tools) may have gone down,” VanderWel wrote, adding that he’s concerned the virus will hit equipment used in functional tests of airplanes ready to roll out and potentially “spread to airplane software.”

While WannaCry is still spotted occasionally trying to spread, for the most part this ransomware was effectively stopped by security researcher Marcus « MalwareTech » Hutchins registered a domain that acted as a kill switch for the ransomware component.

That is why it is so baffling that almost a year later, with all the patches that were released, almost all AV software detecting it, and all the media attention that WannaCry generated that Boeing would become infected with this ransomware in 2018.

At this time, the ransomware has not been 100% confirmed as WannaCry and it could very well be an imitation as we have seen those released in the past. If anyone works for Boeing and can share a screenshot or a sample, it could be readily confirmed if this was the original Wannacry.

I have reached out to Boeing for comment, but have not heard back at the time of this publication.


To read the original article:




Laisser un commentaire

Next Post

Cisco Removes Backdoor Account from IOS XE Software

isco removed today a backdoor account from its IOS XE operating system that would have allowed a remote attacker to log into Cisco routers and switches with a high-privileged account. The company says the « undocumented user account » only impacts devices running Cisco XE Software 16.x —an operating system deployed mostly […]