Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security Transportation United States Hardware

Boeing Hit By WannaCry Virus, Fears It Could Cripple Some Jet Production (seattletimes.com) 122

An anonymous reader quotes a report from The Seattle Times: Boeing was hit Wednesday by the WannaCry computer virus, raising fears within the company that it could cripple some vital airplane production equipment. Mike VanderWel, chief engineer at Boeing Commercial Airplane production engineering, sent out an alarming memo calling for "All hands on deck." "It is metastasizing rapidly out of North Charleston and I just heard 777 (automated spar assembly tools) may have gone down," VanderWel wrote, adding that he's concerned the virus will hit equipment used in functional tests of airplanes ready to roll out and potentially "spread to airplane software." Indicating widespread alarm within the company at the potential impact, VanderWel said the attack required "a battery-like response," a reference to the 787 in-flight battery fires in 2013 that grounded the world's fleet of Dreamliners and led to an extraordinary three-month-long engineering effort to find a fix.
This discussion has been archived. No new comments can be posted.

Boeing Hit By WannaCry Virus, Fears It Could Cripple Some Jet Production

Comments Filter:
  • Computer virus? (Score:5, Insightful)

    by Anonymous Coward on Wednesday March 28, 2018 @07:28PM (#56344521)

    No sir. It is not a computer virus.
    It is -once again, a Microsoft Windows virus.

    Call things by their names.

    • by Anonymous Coward

      No sir. It is not a computer virus.
      It is -once again, a Microsoft Windows virus.

      Call things by their names.

      Boeing got hit by Wanna Cry

      Would that make their planes Wanna Fall Down From The Sky ??

  • NSA (Score:3, Insightful)

    by Anonymous Coward on Wednesday March 28, 2018 @07:29PM (#56344523)

    Thanks again, NSA! Glad you had our backs...

    • by AHuxley ( 892839 )
      Collect it all has to be able to collect it all. No consumer system can be allowed to be secure from the NSA.
    • Re:NSA (Score:5, Interesting)

      by guruevi ( 827432 ) on Wednesday March 28, 2018 @08:22PM (#56344741)

      NSA isn't the only one to blame, Microsoft knew about the exploits that were going to be released when the NSA lost their data and chose to only patch some of the malware that the NSA had held onto, only after ShadowBrokers released WannaCry in the wild did they release the emergency fixes. They released a patch for XP about 2 months after WannaCry went public.

      Microsoft deliberately held back patches and fixes for Windows for god knows how long because it benefited the NSA.

    • NSA is not the ones to blame. You can and should blame companies for no longer taking security serious. Boeing has had ages to update their computers, yet have done nothing. Likewise, even now, they are pouring money into places like Russia to make titanium, and vietnam, China, and India are doing software for Boeing ( India works closely with Russia on military projects ). Boeing and other companies are to blame.
  • Not Enough Time (Score:5, Insightful)

    by Bigbutt ( 65939 ) on Wednesday March 28, 2018 @07:37PM (#56344569) Homepage Journal

    Hey you business types who moan about not enough time to test updates and that it takes away from software projects that will generate income?

    Pay attention.

    [John]

    • Re: (Score:3, Informative)

      by Anonymous Coward

      Until it becomes less profitable to outsource risk, don't expect much to change.

      Still waiting for those equifax execs to be thrown in jail.

    • I didn't see anything in the article that said this was because of an untested update. All I saw was a bunch of speculation from "experts" who don't actually have first hand knowledge of the situation.
    • by tero ( 39203 )

      To continue in the same style - also maybe us IT-types could actually disable SMBv1 one day in our networks so this crap wouldn't happen. It's been deprecated for couple of decades now.

    • who moan about not enough time to test updates

      There's not enough time, and then there's this. It was over 6 months already.

  • Should have used (Score:5, Insightful)

    by AHuxley ( 892839 ) on Wednesday March 28, 2018 @07:39PM (#56344573) Journal
    Microsoft to sell computer games about flying.
    Use a real OS that has real security for real work.
    • by AmiMoJo ( 196126 ) on Thursday March 29, 2018 @06:38AM (#56345921) Homepage Journal

      What makes you think any other desktop OS would be less vulnerably to ransomware? Security through obscurity perhaps.

      Let's say they were running Linux. The infection vector is usually a browser exploit or email attachment. Linux does nothing extra to prevent the user from executing code that Windows doesn't also do. Then the malware is running, and has access to the user's file, and any other files that the user has access to on the network. Again, Linux does nothing extra to prevent this.

      The virus spreads via exploits stolen from the NSA. Even assuming they are not zero-day and a patch is available, it's up to the organization to install that patch. If they were not installing Windows patches, why would they be installing Linux patches?

      No, the problem is not the OS. The problem is the IT staff not locking the system down properly. Just switching OS would not help them.

      • by kyrsjo ( 2420192 ) on Thursday March 29, 2018 @08:17AM (#56346211)

        I doubt they are reading emails on a machine controlling a piece of machinery - these things are generally on a special "technical network" that cannot reach the internet directly. AFAIK these are true remote exploits, not user intervention needed. So yes, it is the OS's fault, and you are off target by blaming the user.

        • by AmiMoJo ( 196126 )

          Okay, it's a remote exploit through a network connection. Again, how would a different OS help other than security through obscurity? Other operating systems are not magically bug-free.

          In fact, we say ransomware on MacOS. And that industrial control software they are using, why would the Linux version be any more secure than the Windows version? We have seen infections via application updates before, including people infiltrating open source repos and replacing packages with trojaned ones.

          The way to secure

          • by kyrsjo ( 2420192 )

            > At the very least, put them on a separate secure network

            Aka. "Technical network". At least that's what it is called where I work. And yes, we do run (mainly) Linux for our controls stuff.

            > Again, how would a different OS help other than security through obscurity? Other operating systems are not magically bug-free.

            Sure, they are not, but putting them on a separate network, and avoiding using the operating system that has holes so large that you can fly a 747 through them generally helps.

            > We ha

      • by Archon ( 13753 )

        First: Qubes OS. https://www.qubes-os.org/ [qubes-os.org]

        Second: Regardless of IT staffs' intention, management makes the final decision to let the systems be locked down. In many cases, they don't.

  • by Anonymous Coward on Wednesday March 28, 2018 @07:43PM (#56344589)

    This is why my back-up drives aren't connected to my computer 24-7. When I finish backing up stuff, I disconnect the drive(s).

    Come on people, you gotta be smarter than this by now.

    • by rtb61 ( 674572 )

      Also if it doesn't need to be connected, do not connect it. If scanned sneaker net from one secured location to another secured location is good enough because it only happens once a week, not every second, that use scanned sneaker net, a lot more expensive per transaction maybe like an extra $10,000 over a year but the alternative hundreds of millions of dollars lost, makes that $10,000 look like nothing. Wireless quick easy, stupidly insecure. Wired not so quick not so easy but a lot more secure. Sneaker

    • This is why my back-up drives aren't connected to my computer 24-7. When I finish backing up stuff, I disconnect the drive(s).

      Come on people, you gotta be smarter than this by now.

      No where do they say they lost data. Just that they were worried about being crippled. You're crippled too while you're slowly recovering your backups rather than getting actual work done.

    • by antdude ( 79039 )

      Also, they last longer. :)

  • by Flexagon ( 740643 ) on Wednesday March 28, 2018 @08:31PM (#56344759)

    I'm very interested to hear what Boeing vice president Phil Musser has to say about this event given his reported comment just 2 days ago [seattletimes.com] in response to the closure of the Russian consulate in Seattle 'that the company has “rigorous IT and security protocols.”'.

  • by PPH ( 736903 ) on Wednesday March 28, 2018 @11:42PM (#56345201)

    ... to update their Kaspersky AV software.

  • by Anonymous Coward on Thursday March 29, 2018 @12:29AM (#56345281)

    Boeing used to be one of the world's most competent corporations.

    Then they merged with McDonnellDouglas. They absorbed the McD defense products, and then the morons in the board room replaced a bunch of Boeing's old management structures with the McD people. The McD teams used to outsource more stuff, whereas the old Boeing people used to do stuff more in-house. This came to a head with the 787 program which ended up over budget and behind schedule in large part because Boeing, which used to do everything inhouse, was under the new management oursourcing parts all over the planet and bringing the parts into the Boeing facilities for final assy - a tactic the McD guys were used to but the boeing people and systems were not. The results were entirely predictable to anybody without an MBA degree.

    The idea that the new & reckless Boeing management was running their internal systems on the super-crappy Windows operating system is both predictable and sad. These clowns should not be trusted with national security projects - they probably store all their stuff unencrypted in the cloud and run their Windows machines unpatched and without antivirus protections and hardware firewalls.

    This is the company that has been charging billions of dollars per year for nearly a decade to convert a shuttle external tank into a 1st stage booster - which they MIGHT be able to fly manned 20 years after the design started. Incidentally, the SLS design was specifically chosen to re-use shuttle heritage hardware, including engines and engine plumbing stripped directly from working orbiters, in order to accellerate development time and save money [sigh]. While Musk at SpaceX has been moving to re-usable rockets, Boeing is actually regressing to throwing away expensive reusable shuttle engines on each SLS launch!

    Same company that has been studying blended-wing-body airframes for 20+ years without builing a single manned example. The old Boeing could design a readically new aircraft and get a test article onto a flight line in MONTHS.

    This virus incident is just the most-recent evidence that the federal government was completely incompetent when they allowed Boeing to absorb North American aviation, Rockwell International's aerospace division, Bell helicopter, McDonnellDouglas (itself a merger of McDonnell Aircraft, Douglas Aircraft, Convair and Consolidated) and others. Huge bloated incompetent defense contractors lose all interest in being efficient and competent as they become hooked on cost-plus government contracts combined with lack of competition resulting from the absorption of most or all competitors.

    • by l0n3s0m3phr34k ( 2613107 ) on Thursday March 29, 2018 @06:04AM (#56345841)
      I work as a network security analyst at a small airline, who has some DoD contracts. 800-171 compliance is my job, and our infrastructure team bases most of our decisions around it. Wannacry was patched last year; you have only 30 days to apply patches or your non-compliant. IMHO, Boeing should be brought before Congress and threatened with loosing all their DoD contracts and forced to go through a third-party audit and fined for anything found non-compliant.

      The ONLY "Saving grace" for Boeing might be that they might be able to show that the systems hit with Wannacry are not covered under any DoD contract; ie not used for anything DoD related. However, it's also my opinion that ANYTHING relating to our "national aviation infrastructure" SHOULD be, at a minimum, 800-171 compliant; as should anything relating to electrical utilities, water and sewage, and medical.

      If we actually "go to war", the USA is totally fucked on this front. I fully expect any transition to a "hot war" with, say North Korea, will immediately result in most of the electrical grid shorting out / shutting down, entire city networks being corrupted, and anything with a PC being pwned within 24 hours. We, as a country, are as about prepared for "modern warfare" as the Native Americans were to meeting the Europeans and their diseases.
      • 'Cyberwarfare' is nearly the ultimate asymmetrical warfare scenario. It takes relatively insignificant effort to inflict massive, possibly fatal, harm on an opponent.

        And it's universally true. You think the US is uniquely unable to attack foes in this manner? Or to mask such an attack, deflecting blame?

        Truth is, MAD worked to mitigate the threat of nuclear war for decades. A similar protocol will be needed to prevent all-out cyberwar, which would be nearly as damaging the nuclear war, for everyone.

        It's a s

      • by PPH ( 736903 )

        immediately result in most of the electrical grid shorting out / shutting down

        I'm not worried. Our local power company put their first power plant on line in 1898. And they haven't changed much since then.

    • How come Airbus manages the distributed manufacturing just fine then? Boeing simply grew fat and lazy on defence contracts and reiterating the 707, that's all.

  • by Chrisq ( 894406 ) on Thursday March 29, 2018 @04:13AM (#56345643)
    Since the NHS were admonished [computing.co.uk] for not installing patches which would have prevented Wanacry in May 2017 [slashdot.org], Boeing really should have patched their systems by now.
  • by Anonymous Coward

    Unlike so many the succumb to ransomware, I expect that Boeing had good defenses - practices and systems - in place to defend against ransomware and intrusion. It's possible or even probable that they had the best systems in place

    Ransomware has been my biggest security fear for the last couple of years and defending against ransomware and the possibility of infection has been my biggest spend as well as time-sink for the past couple of years. The idea of a department or the entire company being infected sc

    • by PPH ( 736903 )

      I expect that Boeing had good defenses

      You owe me a new keyboard. And a coffee refill.

  • What happened to the "kill switch"? Was it removed or something? I thought WannaCry was a non-issue now because of that.
    • by PPH ( 736903 )

      There are (at least) two parts to WannaCry: The transport mechanism, based on the NSA's EternalBlue [wikipedia.org] exploit. And the payload, which does the privilege escalation and file encryption stuff. The 'kill switch' was a domain name that, when resolved by the transport mechanism, would stop it from spreading or deploying its payload on the current host.

      Several different domain names appeared in the WannaCry virus, probably as its creators tried to circumvent the kill switch fix. It's possible that someone got hold

  • First thing that comes to mind; the multiple layers of backups and images needed to assure recovery from these events. In a dynamic manufacturing environment, I would want stackable images, possibly hourly delta backups, maybe even run things in VMs with on-and off-line redundancy. I would be diving my VMware rep insane with demands to port the images into KVM or virtualbox, and always at the lowest possible version to permit restoration despite underlying OS or environmental changes... Data separation to a

This is now. Later is later.

Working...