When senior Boeing engineer Mike VanderWel reportedly sent an “all hands on deck” internal memo yesterday warning that the dreaded WannaCry malware was on the loose inside the company’s networks, alarm quickly spread.
According to excerpts leaked to the media, his anxiety is palpable:
[The malware] is metastasizing rapidly out of North Charleston and I just heard 777 [production] may have gone down. We are on a call with just about every VP in Boeing.
To many in the company and beyond, this must have sounded worryingly reminiscent of the way WannaCry attacks unfolded across numerous large organisations during its first appearance last May.
Now, as then, WannaCry carries with it a feeling of helplessness, as if what is happening is unstoppable and therefore disruption is inevitable.
A few hours later, however, Boeing felt able to downplay the incident in various statements, including the following tweet:
Statement: A number of articles on a malware disruption are overstated and inaccurate. Our cybersecurity operations center detected a limited intrusion of malware that affected a small number of systems. Remediations were applied and this is not a production or delivery issue.— Boeing Airplanes (@BoeingAirplanes) March 28, 2018
Statement: A number of articles on a malware disruption are overstated and inaccurate. Our cybersecurity operations center detected a limited intrusion of malware that affected a small number of systems. Remediations were applied and this is not a production or delivery issue.
Some in the media have talked up this up as WannaCry’s ‘return’, even though it never went away entirely.
One reason for this persistence is that WannaCry doesn’t just affect regular desktops, laptops and servers, but also spreads to and from unpatched Windows 7 systems of the sort widely used in manufacturing as Windows Embedded.
Applying patches for vulnerabilities on this platform isn’t always straightforward, which helps to explain why WannaCry was so devastating in the first place, despite Microsoft having offered a patch three months earlier for the vulnerabilities exploited by the malware.
The Boeing incident echoes the other big vulnerability story this week in which an entire US city, Atlanta, found itself driven back to paper systems after a major ransomware outbreak. This too, it has been suggested, was aided by known but unpatched vulnerabilities.
Far from being behind us, the Boeing outbreak is a woeful reminder that a fair part of the WannaCry story lies ahead and has yet to unfold.
Image of Boeing 777 from Wikimedia.