Boeing reportedly hit by WannaCry attacks
But the engineering giant claims reports are “overstated and inaccurate”


Reports that aircraft manufacturer Boeing was hit by the WannaCry malware were "overstated and inaccurate", according to a company spokeswoman.
According to the Seattle Times, Boeing was hit on Wednesday by an outbreak of the WannaCry malware affecting some manufacturing equipment. The report initially said that assembly lines potentially affected included those of Boeing's 787 Dreamliner North Charleston, South Carolina, and the 777X Composite Wing Center,
The report cited a memo sent by Boeing engineer Mike VanderWel, that said the problem was "metastasizing rapidly out of North Charleston and I just heard 777 (automated spar assembly tools) may have gone down". He added that he was concerned that the malware would hit airplane testing equipment and "spread to airplane software".
As WannaCry targets a flaw in Windows, it is extremely unlikely that it could affect critical computer systems in a plane that run non-Windows operating systems.
VanderWel added that the outbreak required "a battery-like response". This refers to an issue affecting 787 in-flight batteries in 2013, that led to the Dreamliner being grounded for three months while the problem was fixed.
However, after reports came out, Linda Mills, VP of Boeing commercial airplanes communications, said in a statement to the media that these were "overstated and inaccurate".
"Our cybersecurity operations center detected a limited intrusion of malware that affected a small number of systems," it said. "Remediations were applied and this is not a production and delivery issue."
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
Mills told the Seattle Times that the attack was limited to computers in the Commercial Airplanes division and that the military and services units were not affected. She added that the attack did "no significant damage".
Nevertheless, it does raise some questions as to why the aircraft company was hit by a WannaCry, given it has been around for a number of months and mitigations are available.
Rene Millman is a freelance writer and broadcaster who covers cybersecurity, AI, IoT, and the cloud. He also works as a contributing analyst at GigaOm and has previously worked as an analyst for Gartner covering the infrastructure market. He has made numerous television appearances to give his views and expertise on technology trends and companies that affect and shape our lives. You can follow Rene Millman on Twitter.
-
Cyber espionage group laid low in National Guard network for nearly a year
News The announcement marks the second major Salt Typhoon incident in the space of two years
-
Industry welcomes the NCSC’s new Vulnerability Research Initiative – but does it go far enough?
News The cybersecurity agency will work with external researchers to uncover potential security holes in hardware and software