WannaCry is alive and well, apparently. After crippling outdated Windows machines all over the world last May, the dreaded cryptoworm is back. A Boeing production in Charleston, South Carolina in the US was hit by WannaCry cyberattack on Wednesday as reported by The Seattle Times.
News of the attack triggered widespread alarm within the company during the day. Company executives called for calm in the afternoon after discovering the attack had been quashed with minimal damage.
“We’ve done a final assessment,” said Linda Mills, the head of communications for Boeing Commercial Airplanes. “The vulnerability was limited to a few machines. We deployed software patches. There was no interruption to the 777 jet program or any of our programs.”
Initially, Mike VanderWel, chief engineer at Boeing Commercial Airplane production engineering, sent out an alarming alert. VanderWell was concerned that the virus could hit equipment used in functional tests of airplanes ready to roll out. He added that it could potentially “spread to airplane software.”
Boeing later said its cybersecurity operations centre detected limited intrusion of malware that affected on small number of systems. Remediations were subsequently applied.
Linda Mills, head of communications for Boeing added that the attack was limited to computers in the Commercial Airplanes division. Military and services units were not affected.
WannaCry or also known as Wana Decrypt0r, WanaCrypt0r, WanaCrypt, Wcry or Wanna is a ransomware cryptoworm that targets Windows systems. It encrypts user data and demands ransom payments in Bitcoin cryptocurrency. Demands can range from USD300-600.
It propagates through EternalBlue, an exploit in old Windows Systems released by the hacker group The Shadow Brokers. EternalBlue exploits a vulnerability in Microsoft’s implementation of the Server Message Block (SMB) protocol.
It’s considered a network worm as it includes a “transport” mechanism to automatically spread itself.
The initial outbreak happened in 12 May 2017 and lasted till 15 May 2017. The attack, however, was mitigated through emergency patches from Microsoft. The discovery of a kill switch in the malware also prevented further spread.
WannaCry was estimated to have affected over 200,000 computers across 150 countries. Security experts believe the attack originated from North Korea or agencies working for the country.
Header pic: Stephen Brashear/Getty Images