Boeing production plant hit by malware, apparently WannaCry ransomware

The world’s largest aerospace company Boeing has been hit by a malware attack and reportedly it led to the infection of infamous WannaCry ransomware.

According to Seattle Times, who broke the news, the impacted department belonged to Boeing’s 777 airliners production plant in North Charleston, S.C. facility.

Although Seattle Times is certain that the malware attack caused WannaCry ransomware infection there was no confirmation from Boeing. However, in a statement, the company acknowledged there was a limited intrusion of malware that affected a small number of systems and it was not a production or delivery issue.

The head of communications for Boeing Commercial Airplanes Linda Mills said in a statement that “We’ve done a final assessment. The vulnerability was limited to a few machines. We deployed software patches. There was no interruption to the 777 jet program or any of our programs.”

Remember, Boeing has two divisions including Boeing Commercial Airplanes and Boeing Defense, Space & Security (BDS) making it a high-profile and lucrative target for state-sponsored hackers and lone cybercriminals.

Related: How To Prevent Growing Issue of Encryption Based Malware (Ransomware)

Remember, on May 12th, 2017 WannaCry ransomware hit the computer networks at National Health Service (NHS) in the United Kingdom. The attack used leaked NSA tools EternalBlue and DoublePulsar and exploited a now fixed SMB vulnerability (MS17-010) in old and updated Windows devices. The ransomware attack spread to 150 countries and targeted over 200,000 computers.

“Many security experts published WannaCry prevention and remediation suggestions when the outbreak first appeared. These strategies are still valid but can be difficult and risky to deploy in complex manufacturing environments such as Boeing’s. Healthcare environments are also particularly susceptible to malware worm infestations for similar reasons,” said Dan Mathews, director at malware protection provider, Lastline.

Boeing production plant hit by malware, apparently WannaCry ransomware
How WannaCry ransomware decrypt files

WannaCry’s comeback should not be a surprise since there has been a massive increase in malware attacks causing service outage and blocking users from accessing computers. Just last month, 2,000 Colorado DOT computers were hit by SamSam ransomware attack while IT security giant Avast blocked 1.7m WannaCry attacks on their users in Indonesia, 1.2m in India and 1.1m in Brazil.

According to Avast’s Threat Lab Team Lead Jakub Kroustek “There’s a lingering impression within organizations that the WannaCry ransomware strain is dead. It’s not. It remains active and it continues to spread at a slow rate compared to its initial outbreak speed. It’s to be confirmed whether the attack on Boeing is linked to WannaCry in any way, shape or form.”

“This month, we blocked 1.7m WannaCry attacks on our users in Indonesia, 1.2m in India and 1.1m in Brazil. These were the top three markets. In the U.S., for example, we saw almost 70,000 attacks. Some markets are currently more affected than others, however, both businesses and consumers around the world need to be alert and urgently patch their vulnerabilities.”

It is advised that users should refrain from clicking on links and downloading files from unknown emails. The easiest way for cybercriminals to spread attacks like WannaCry ransomware is to send convincing phishing emails. Here are 5 quick tips to keep yourself safe from phishing scams.

Image credit: Depositphotos

Waqas

Waqas Amir is a Milan-based cybersecurity journalist with a passion for covering latest happenings in cyber security and tech world. In addition to being the founder of this website, Waqas is also into gaming, reading and investigative journalism.