Thursday, March 29, 2018

Boeing Says WannaCry Intrusion Had Limited Impact

Law360 (March 28, 2018, 9:49 PM EDT) -- Boeing Co. revealed Wednesday that the company sustained a limited malware intrusion, but called press reports about a metastasizing WannaCry attack “overstated and inaccurate,” dialing back initial concerns the virus would affect jet production.

The company was hit with what it characterized as a limited attack, according to a statement Wednesday partially confirming a report in The Seattle Times that cited an internal Boeing memo calling for “all hands on deck” and describing the company’s chief engineer’s concerns the malware could potentially spread to plane software.

But Boeing said initial reports about the malware disruption were “overstated and inaccurate,” according to a statement the company posted on Twitter on Wednesday evening.

“Our cybersecurity operations center detected a limited intrusion of malware that affected a small number of systems,” the company said. “Remediations were applied and this is not a production or delivery issue.”

A representative for the company didn’t immediately respond to a request for comment late Wednesday.

The Seattle Times reported that Boeing Chief Engineer Mike VanderWel had sent out a memo indicating the attack was “metastasizing rapidly out of North Charleston” and that some automated spar assembly tools may have gone down. He called for a quick response from the company, according to the Times.

The WannaCry virus is a type of ransomware that lets its operators gain access to a network and attack the computers’ software with a design that locks users out of their computers until they pay a fee.

The attack on Boeing comes less than a week after the city of Atlanta was hit with a disruptive ransomware attack that may have compromised municipal customers' and employees' data.

Atlanta information management officials discovered early on March 22 that various internal and external customer-facing applications, including those that enable customers to pay bills and access court-related information, were inaccessible, Atlanta Chief Operating Officer Richard Cox said at a news conference.

He confirmed that the outage was the result of a ransomware attack that encrypted some of the city's data and that "several departments" were affected, although the Department of Public Safety, water services operation and the Hartsfield-Jackson airport — which on March 23 shut down its Wi-Fi service and limited the availability of some travel information on its website "out of an abundance of caution" — were operating "without incident."

The city was working with the FBI, U.S. Department of Homeland Security and incident response teams at Microsoft and Cisco to further evaluate the incident and understand the extent of the compromise, Cox added.

WannaCry wreaked havoc last May on Britain’s health system, FedEx, the Russian Interior Ministry and scores of others worldwide, and researchers eventually concluded the virus exploits a known vulnerability in Microsoft Inc.’s Windows file-sharing mechanism.

The following month, multinational law firm DLA Piper, British advertising group WPP PLC and Danish conglomerate A.P. Moller-Maersk were among the victims of the separate "NotPetya" ransomware attack. The U.S. and U.K. governments later blamed Russia for that attack.

Original article can be found here ➤

No comments:

Post a Comment