The Latest of WannaCry Victim: Boeing Production Plant Under Siege!

Today’s technology is leading us to a more connected future through the Internet. Many businesses are taking this opportunity to offer more services that make use of this new environment. However, with this ease of connectivity comes a constant threat of malicious attacks that aims to steal, destroy, or disrupt.

As new forms of threats appear, cybersecurity researchers are hard at work in facing these attacks. But once in a while, some still manage to deliver attacks that affect millions, worldwide.

WannaCry Hits Boeing

Michael Vi / Shutterstock

Boeing was hit by WannaCry Wednesday last week according to The Seattle Times report. Mike VanderWel, the chief engineer of Boeing Commercial, said in a memo that the virus was “metastasizing rapidly” and fears this might spread to its testing facilities. The memo also calls for “all hands on deck.”

The infection, VanderWel says, started from North Charleston. He stated that he heard 777 (an automated spar assembly tools) had gone down. North Charleston is Boeing’s assembling facility for its Commercial Airplanes division.

The WannaCry Threat

WannaCry is a type of ransomware crypto worm designed to encrypt data on the computers it infects and replicates itself to infect others connected on the same network. It exploits a vulnerability in Microsoft Windows OS allowing it to enter vulnerable systems. Ransomware is a kind of malware that encrypts data and files within a system rendering it unusable.

A message then shows that the files will be decrypted if a “ransom” is paid. This ransom is usually made through cryptocurrencies, such as Bitcoin. Just last year, WannaCry crippled over 200,000 systems, Europol estimates, with Kaspersky Lab claiming Russia, Ukraine, India, and Taiwan being the four most affected countries. The Trump Administration has publicly stated that the attack came from North Korea saying they were “directly responsible.”

2YouStockPhoto / Shutterstock

The worm uses a combination of two processes to carry out its attack. EternalBlue to gain access and DoublePulsar, a backdoor, to replicate itself. EternalBlue and DoublePulsar were previously released to the public by The Shadow Brokers on April 2017.

The National Security Agency (NSA) received flak as it was reported that they had known of the exploit but did not disclose it to Microsoft. It was only later discovered when EternalBlue got leaked during a massive security breach at NSA. Others accused them of stockpiling vulnerabilities for their own offensive use instead of disclosing them for defensive work.

Microsoft eventually released a patch on May last year to counter EternalBlue on systems running Windows 7, Windows 8.1, Windows 10, and several of their server OS’s as well as the older Windows Vista. Security researchers have since found a “kill switch” that prevents unaffected computers from being infected. Since then, other cybersecurity firms have released various tools to combat the malware.

Crisis under control

Boeing’s executives say the damage was minimal, and the attack has now been contained. No vital equipment was reportedly affected, and the attack was limited to its Commercial Airplanes division. Boeing’s Military and Services were unaffected.

In a statement, the head of communications for Boeing Commercial Airplanes said that “final assessments” have been made. She added that they limit the vulnerability to few machines. They’d already deployed software patches to ensure there’s no interruption in 777 or any of our programs. Mills assures everyone that the crisis is now over and that there was no significant damage.

Protect Your Systems

Experts urge everyone to install security patches marked as “Important” by Microsoft. These purported “Windows Updates” contain security patches that fix vulnerabilities found by the company. Regular backing up of files is also good practice as it assures that you have multiple copies.

Wright Studio / Shutterstock

External storage devices such as thumb drives or external hard disks are usually inexpensive. They would come in handy when the virus does manage to infect your files. Having multiple backups will also decrease the damage if your computer gets infected.

Having an up to date antivirus software also helps in preventing most viruses from getting in. Most antivirus software also has active prevention features which stop malicious programs from doing suspicious tasks. Frequent virus scans also help to detect unwanted software on your computer. At the end of the day, due diligence and preparation are vital in keeping the data safe from external threats.