back to article It's baaack – WannaCry nasty soars through Boeing's computers

WannaCry, the Windows ransomware that took off last May around the world, has landed on some computers belonging to US aircraft and weaponry manufacturer Boeing. “All hands on deck,” said Mike VanderWel, chief engineer at Boeing Commercial Airplane production engineering, in a memo seen earlier today by the Seattle Times. “It …

  1. Blofeld's Cat
    Coat

    Hmm ...

    Boeing (n) (onomatopoeia) - Sound made by email program to indicate that ransomware has been received.

    1. Lars Silver badge
      Happy

      Re: Hmm ...

      I have been wondering about that name too, it's the name of the son of a German immigrant to the USA who's name was Wilhelm Böing, whatever that name means. This information has been deleted from the English Wiki for some reason.

      Anybody out there who has come to realize that there is all sorts of "cleanups" on the Wikipedia.

      1. Anonymous Coward
        Anonymous Coward

        Re: Hmm ...

        Any relation of Steve Bong! ?

      2. DropBear Silver badge
        WTF?

        Re: Hmm ...

        Do you mean this...?

        "Boeing was born in Detroit, Michigan to Marie M. Ortmann, from Vienna, Austria, and Wilhelm Böing (1846–1890) from Hagen-Hohenlimburg, Germany"

        It's only the second line on the guy's own page, which is linked to from the first line of the "history" section of Boeing's page; and no it hasn't been edited since you posted that. Or is your problem that this isn't the first thing advertised on the company's page itself to anyone who doesn't give a shit about that particular detail / person...?

      3. hplasm Silver badge
        Happy

        Re: Hmm ...

        "a German immigrant to the USA who's name was Wilhelm Böing, whatever that name means. "

        His Father was Willie McBoingboing?

        https://www.youtube.com/watch?v=rHyhUwVhzjw&index=53&list=PLZZtN23oxcjvhkhw8y_n-5YSVXxcwAj3g

        Boing!

      4. steviebuk Silver badge

        Re: Hmm ...

        Yes, like the one member of the bank Hawkwind live a couple of doors down from me when I was young. We used to go round his house as were friends with his son. I mentioned the area he live on the Hawkwind wiki page, not the street, but it was removed. I thought it was a bit of interesting history around the band, guess not. They had a big tree in the centre of the garden which they'd turned into a sort of shelter which their son played in. Was cool.

  2. I3N
    Pint

    Still fondly remember the morning hearing all those cries of grief ...

    working down the hallway when those who thought ILOVEYOU was some sort of greeting ...

    1. tiggity Silver badge

      Re: Still fondly remember the morning hearing all those cries of grief ...

      I remember all the happy clappy religious ones getting infected (the only ones who would not treat a subject line like that as a bit suspect but instead assume another god squad member had sent it)

      .. and obviously we never let them forget it

      e.g. All the had a clue uninfected people went out and got new mugs, ensuring we picked a mug with either a heart or the word love on it (or both)

      Amazing how constant reminders of muppet security practices encouraged safer email behaviour afterwards

    2. Anonymous Coward
      Anonymous Coward

      Re: Still fondly remember the morning hearing all those cries of grief ...

      and when you said you spent all weekend dealing with the aftermath of Nachi, they thought you had stomach issues after an particularly spicy Mexican.

    3. hplasm Silver badge
      Happy

      Re: Still fondly remember the morning hearing all those cries of grief ...

      Ah, memories!

      The first and only time I got a computer virus!

      Small office, we all got it.. I got mine from a cutie - I couldn't belive she'd said that to me... :)

      oh well...

  3. Anonymous Coward
    Anonymous Coward

    The important question

    I studied wannacry a lot because when it came out, my colleagues (boss) didn't understand it and got terrified. We didn't get hit, but not for lack of failing to patch. I can but hope that they have fixed that as much as I told them to; I left the company not much after then. I'm getting nervous now, and I wasn't at the time.

    This is concerning, not because the patching etc. because people have either done that or they're not going to, but because we don't know how they got the virus in the first place. This is worrying because the primary method of attack was random uploading through network-available vulnerable hosts and random emails, I.E. deliberate targeting. It's possible that someone had a machine with wannacry installed in the travel to new machines phase and left it off for a while, but I might wonder if someone targeted this company in some way, and if so whether they are doing it again. It's also possible that someone deliberately installed it onto the system from a USB drive or something, but I seriously hope that systems in place are good enough to deal with that. Also, the original developers were probably the nasty side of the Korean peninsula, to whom aircraft manufacturers could be a target. Random spreading is possible, but would imply that there are other infected hosts out there somewhere. Therefore, we have to wonder if this is going to spread again. Also, we have to wonder when people are going to install patches. It's a year old, my friends!

    Anonymous because my boss mishandled a lot of things, as I implied, and I don't want him to know in the case that he reads this.

    1. israel_hands

      Re: The important question

      ...but because we don't know how they got the virus in the first place.

      The Grugq put a post on his Medium blog about this, referring to how when WannaCry first hit it was fairly well targeted but because the software is designed to traverse systems it revealed a "hidden network" of connected machines due to things like permanently open remote connections to/from vendors etc.

      It could well be that one of Boeing's suppliers got hit and the ransomware got into their systems through a VPN tunnel which is something of a worrying thought for a government/military contractor.

    2. bombastic bob Silver badge
      Devil

      Re: The important question

      was Boeing's recent infection caused by individual Windows 7 users at the company NOT updating any more out of habit, because of GWX ? And NOT wanting to shut down work for half a day to WAIT for updates?

      last time I worked on site, "the accountant" seemed to get a virus on her computer about once every 2 months. Yeah, it was probably from MS Word docs with "attachments" that were "invoices" or something. And yes, they were using OUTLOOK.

      1. Alan Brown Silver badge

        Re: The important question

        > "the accountant" seemed to get a virus on her computer about once every 2 months. Yeah, it was probably from MS Word docs with "attachments" that were "invoices" or something.

        Around my neck of the woods it was the departmental secretaries. Who would override the AV's attempts to stop them opening said attachments "because it might be important". And when we set things up so they could no longer disable the AV, ring us up and abuse us comprehensively for "preventing them opening important mail".

        You really can't make up this kind of mentality.

        1. ecofeco Silver badge

          Re: The important question

          Ha! Had this happen the other day. Email AV/Firewall flagged an incoming email and the user was cranky he couldn't open it because it was part of some VIP deal being made.

          I tapped danced as nice as I could instead of just flat out telling the user, this was the AV/firewall's job and it was working as designed.

  4. Anonymous Coward
    Anonymous Coward

    "Aircraft do not use Windows for critical systems."

    Anyone care to speculate what would happen if they did?

    1. Anonymous Coward
      Anonymous Coward

      The pilots would WannaCry?

    2. Andytug

      Well...

      it's definitely a scenario where you would not want a lot of windows opening at random....

    3. Anonymous Coward
      Facepalm

      OH !!

      Didn't US Submarines use Windows NT some time ago, Don't know about NOW!!!

      1. vtcodger Silver badge

        Re: OH !!

        I think, don't know for sure, that the US Navy had some shipboard Windows administrative systems, not combat systems.

        What little I know about the USN (more than most folks, but really not much) is that each and every ship consists of a platform with a hodegepodge of weapons systems -- some quite ancient -- crammed into any space they can find that will hold them. Further, major upgrades are done during periodic overhauls that are scheduled many years apart because of limited yard capacity, so two ships that are actually configured the same would be a rarity.

        I have trouble imagining a Windows based combat system much more complex than WFWG, but the military does odd things at times. Sometimes they have good reasons. Sometimes not.

        1. LDS Silver badge

          Re: OH !!

          https://www.theregister.co.uk/2007/02/26/windows_boxes_at_sea/

          1. Paul Hovnanian Silver badge
            Facepalm

            Re: OH !!

            They tried running an NT system on the USS Yorktown, which went dead in the water when an app tried to divide by zero. This not only crashed the app, but brought down the shipboard network. Probably the first time in 50 years that a zero crippled one of our ships.

            Thank goodness nobody has been so foolhardy as to try such a stunt again.

        2. Alan Brown Silver badge

          Re: OH !!

          "I think, don't know for sure, that the US Navy had some shipboard Windows administrative systems, not combat systems."

          One USN ship had WIndows NT controlling the engine management systems.

          It soon became known as the USS TowMeHome.

      2. Anonymous Coward
        Anonymous Coward

        Re: OH !!

        They were sea and air gapped.

      3. bombastic bob Silver badge
        Devil

        Re: OH !!

        actually I think it's something called "windows for warships" (derived from XP) whether jokingly or for real. And the OS has been 'hardened' and the computers don't EVAR go on teh intarwebs. That's my understanding of it.

        But I've been out of the loop for quite a while. Last time I visited a sub (my old boat, which visited San Diego for decommissioning) I saw the "hardened" laptops in the Control room, but didn't take a very close look. They also said "no devices on the sub" so we had to leave our cell phones, etc. in the car before going on the tour. It was kinda fun seeing old friends from 30 years ago, as well as the opportunity for a close relative to see my old boat before it got cut up - literally.

      4. hplasm Silver badge
        Joke

        Re: OH !!

        "Didn't US Submarines use Windows NT some time ago, Don't know about NOW!!!"

        Stopped using it after it was discovered that the Kursk_(K-141) R.I.P had been using a pirate copy...

        <too soon?>

    4. Dave K Silver badge

      "Anyone care to speculate what would happen if they did?"

      Anguished yells from the cockpit of "Hey Cortana, what the f**k" when the Windows-powered guidance system decides to reboot to install critical updates, just as the pilots are in the middle of a choppy and misty approach to a busy airport...

      1. Anonymous Coward
        Anonymous Coward

        "Hey Cortana, what the f**k" "

        But maybe Cortana would be kinder and more helpful than some flight attendants I met...

    5. Flywheel Silver badge

      "Aircraft do not use Windows for critical systems."

      Anyone care to speculate what would happen if they did?

      Obligatory Windows 10 video https://www.youtube.com/watch?v=eP31lluUDWU

      1. DropBear Silver badge
        Trollface

        I call shenanigans! Allegedly, there are provisions to turn off airplane engines mid-flight and turn them back on again - it this isn't evidence of Windows presence, what is?!?

    6. Anonymous Coward
      Anonymous Coward

      As a pilot I find the windows to be very useful.

      The most critical system on board is the Mk1 eyeball.

    7. Clive Galway

      RE: What if aircraft used Windows?

      Death by Modal Dialog

    8. hplasm Silver badge
      Pirate

      Anyone care to speculate what would happen if they did?

      The glorious return of the Airship!

    9. Paul Hovnanian Silver badge

      "Anyone care to speculate what would happen if they did?"

      The Blue Sky of Death.

  5. gerdesj

    Aircraft do not use Windows for critical systems.

    Imagine being a pilot in a commercial jet on finals and being told that Windows Updates needs to do its thing due to an inadvertent miss configuration (ahem) and "making everything safe" before doing it.

    1. m0rt Silver badge

      Re: Aircraft do not use Windows for critical systems.

      This should tell you more about an apparent OS than anything else

      If you don't trust it for critical systems, should you even use it at all?

      That way it would prevent the kind of useless bloat that seems to be the symptom of some kind of industrial disease infecting large organisations.

      Hey, supposed tech companies. Sort your core OS out. Everything else should be optional.

      *mutter mutter*apple*mutter mutter*iTunes*mutter mutter*

      1. Anonymous Coward
        Anonymous Coward

        "If you don't trust it for critical systems, should you even use it at all?"

        Do you expect your car is being built with the same level of reliability of an aircraft? It would cost much more and with far higher maintenance requirements.

        Or your TV with the same level of flight instruments? You would not be able to add Netflix until it's fully approved after years of testing and a lot of paperwork.

        If your Facebook page crashes, you should thank the OS....

        1. m0rt Silver badge

          Re: "If you don't trust it for critical systems, should you even use it at all?"

          "Do you expect your car is being built with the same level of reliability of an aircraft? It would cost much more and with far higher maintenance requirements."

          I expect the core OS to be, yes. The rest of the software, however, of course not. I was pointing out that what constitutes an OS these days is far overreaching.

  6. Whiznot

    Did that happen before or after the Russian spies were kicked out of Seattle?

    1. Paul Hovnanian Silver badge

      Right about the same time. And just in time for the Saudi Crown Prince's visit to Boeing.

  7. Brian Miller

    "... this is not a production and delivery issue."

    Yep, not gonna affect production and delivery. Just testing that everything works OK...

  8. Destroy All Monsters Silver badge

    “All hands on deck,” said Mike VanderWel,

    Is it talk like a Pirate Day again, already?

  9. sanmigueelbeer Silver badge

    Boeing's IT security team is not to be taken lightly.

    Lucky this was a tiny event. If this happened to any US government offices it would definitely be a disaster.

    1. GrumpyOldBloke

      A disaster, for who?

      1. Destroy All Monsters Silver badge
        Devil

        For the taxpayer.

        Oh wait, everybody owes an upscale appartment to the state at the present time anyway. Never mind.

  10. Anonymous Coward
    Paris Hilton

    Now this IS bad

    Lives at stake if in-air damage had

    1. John Brown (no body) Silver badge
      Joke

      Re: Now this IS bad

      "Lives at stake if in-air damage had"

      Yoda are you, my £5 I claim.

  11. Doctor Syntax Silver badge

    "We are on a call with just about every VP in Boeing."

    My first reaction was about the naivety of thinking that the VPs would be those with the skills to fix it. Then I realised that tying them up with conference calls keeps them off the backs of those who actually do have the skills. So it really is the right thing to do.

    1. rmason Silver badge

      @Doctor Syntax

      While many "someones" will be fixing it in the background, the VP conference call must decide who to string up and hang out to dry.

      Basically a game of "which poor sap didn't send an email highlighting their concern re updates/patches not happening" is in progress.

      1. Paul Hovnanian Silver badge

        @rmason

        "While many "someones" will be fixing it in the background, the VP conference call must decide who to string up and hang out to dry."

        Boeing is in the business of defying gravity.

        Heads roll uphill.

    2. Anonymous Coward
      Anonymous Coward

      "tying them up with conference calls keeps them off the backs of those who actually do have the skills"

      Excellent plan, that is going in my incident response plan.

    3. ecofeco Silver badge

      Not really. Believe me, they are on open calls to their reports, who just want to be left alone to fix the problem.

  12. x 7

    revenge of the Russkies for being kicked out of Seattle

    If they can't have Boeing's data, nor can anyone else

  13. Colin Bull 1
    Mushroom

    It is not only Windows

    My fairly recent Garmin satnav gives a commendable warning not to interact with it when driving when booting up.

    Then just as you get to a large french town centre it splats a full screen warning, that the SD card is deteriorating due to over use and will not get back to its primary function of navigating until you acknowledge the warning.

    You could not make it up.

    1. DropBear Silver badge

      Re: It is not only Windows

      Meh... "keyboard not found, press F1"...

    2. hplasm Silver badge
      Devil

      Re: It is not only Windows

      And Garmin are the *good* ones in GPS...

      at least it;'s not a T**T**

  14. Anonymous Coward
    Anonymous Coward

    Putin promised retaliation.

    If this was his doing then it's time to check your security.

  15. Mahhn

    Thanks Reg

    for calling it what it is "NSA-augmented ransomware"

    I like this more than the softening words about evil stuff my government does.

  16. ecofeco Silver badge

    Low IT budgets now have real consequences

    See title.

    No buck, no Buck Rodgers.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019