Slashdot Mirror

← Back to Stories (view on slashdot.org)

Boeing Hit By WannaCry Virus, Fears It Could Cripple Some Jet Production (seattletimes.com)

Posted by BeauHD on from the raise-the-alarm dept.

An anonymous reader quotes a report from The Seattle Times: Boeing was hit Wednesday by the WannaCry computer virus, raising fears within the company that it could cripple some vital airplane production equipment. Mike VanderWel, chief engineer at Boeing Commercial Airplane production engineering, sent out an alarming memo calling for "All hands on deck." "It is metastasizing rapidly out of North Charleston and I just heard 777 (automated spar assembly tools) may have gone down," VanderWel wrote, adding that he's concerned the virus will hit equipment used in functional tests of airplanes ready to roll out and potentially "spread to airplane software." Indicating widespread alarm within the company at the potential impact, VanderWel said the attack required "a battery-like response," a reference to the 787 in-flight battery fires in 2013 that grounded the world's fleet of Dreamliners and led to an extraordinary three-month-long engineering effort to find a fix.

122 comments

  1. Analogous to Big Ag... by Anonymous Coward · · Score: 0

    A monoculture of OS.

    1. Re: Analogous to Big Ag... by WindBourne · · Score: 1

      Not justono culture as much as a nation that has gotten lazy on.security. Boeing, like many large companies, only think bottom line and do not think about long-term issues.

      --
      I prefer the "u" in honour as it seems to be missing these days.
    2. Re: Analogous to Big Ag... by eric_harris_76 · · Score: 1

      You seem very certain.

      How is it you know those things are true?

      --
      There's no time like the present. Well, the past used to be.
  2. Computer virus? by Anonymous Coward · · Score: 5, Insightful

    No sir. It is not a computer virus.
    It is -once again, a Microsoft Windows virus.

    Call things by their names.

    1. Re: Computer virus? by Anonymous Coward · · Score: 0

      At least there needs to be malware involved.

      Another popular os claims to be virus free (it's not) and secure (with plaintext passwords and root password of nothing).

      No wonder why there's no viruses there. The fucking front door is wide open

  3. NSA by Anonymous Coward · · Score: 3, Insightful

    Thanks again, NSA! Glad you had our backs...

    1. Re:NSA by AHuxley · · Score: 1

      Collect it all has to be able to collect it all. No consumer system can be allowed to be secure from the NSA.

      --
      Domestic spying is now "Benign Information Gathering"
    2. Re:NSA by guruevi · · Score: 4, Interesting

      NSA isn't the only one to blame, Microsoft knew about the exploits that were going to be released when the NSA lost their data and chose to only patch some of the malware that the NSA had held onto, only after ShadowBrokers released WannaCry in the wild did they release the emergency fixes. They released a patch for XP about 2 months after WannaCry went public.

      Microsoft deliberately held back patches and fixes for Windows for god knows how long because it benefited the NSA.

      --
      Custom electronics and digital signage for your business: www.evcircuits.com
    3. Re:NSA by OneAhead · · Score: 2

      Microsoft deliberately held back patches and fixes for Windows for god knows how long because it benefited the NSA.

      Possibly, but Boeing held them back even longer, and I'm guessing for reasons at least equally lame (specifically, my best guess is "fear that a patch will break proprietary hack jo^H^H^H^H^H^H^H software packages running on some of those systems").

    4. Re:NSA by Anonymous Coward · · Score: 0

      Did you know that one of Microsoft's Wannacry-patches was finalized and digitally signed a few of months before Wannacry was even a word? Most likely, Wannacry was NSA/CIA's way to sample and probe systems and readiness around the world in preparation of future attacks, and then conveniently blame it on Russia (or whoever was blamed) to further demonize them.

    5. Re:NSA by Anonymous Coward · · Score: 0

      Good point. Also what a coincidence when just two months after M$ patch was released, the UK NHS was hit hard by WannaCry. I remember there were more critical bugs, even worse than SMBv1 and SMBv2 bugs which were more dangerous and yet was never patched by MS. So your conclusion sounds correct, WannaCry was intentionally released by a three-letter-agency but an ally gets hit hard so an emergency patch even for XP was released.

  4. Did they forget the May 17 patches? by Anonymous Coward · · Score: 0

    And what OS are they running?

    1. Re:Did they forget the May 17 patches? by Gonoff · · Score: 1

      And what OS are they running?

      Unless this is a new version of WannaCry, they probably aren't running XP. It ran fine on Win7 but did not get onto any of our (less common) XP systems.

      If we had avoided "up"grading to shinier operating systems, would we have entirely missed out on the fun last may?

      --
      I'll see your Constitution and raise you a Queen.
  5. Not Enough Time by Bigbutt · · Score: 4, Insightful

    Hey you business types who moan about not enough time to test updates and that it takes away from software projects that will generate income?

    Pay attention.

    [John]

    --
    Shit better not happen!
    1. Re:Not Enough Time by Anonymous Coward · · Score: 3, Informative

      Until it becomes less profitable to outsource risk, don't expect much to change.

      Still waiting for those equifax execs to be thrown in jail.

    2. Re:Not Enough Time by JeffOwl · · Score: 1

      I didn't see anything in the article that said this was because of an untested update. All I saw was a bunch of speculation from "experts" who don't actually have first hand knowledge of the situation.

    3. Re:Not Enough Time by Anonymous Coward · · Score: 0

      And those "experts" require you to permit unfettered execution of third-party code in order to look at their website.

      They are charlatans selling snake oil, and should be treated with all respect due such a critter.

    4. Re:Not Enough Time by tero · · Score: 2

      To continue in the same style - also maybe us IT-types could actually disable SMBv1 one day in our networks so this crap wouldn't happen. It's been deprecated for couple of decades now.

    5. Re:Not Enough Time by thegarbz · · Score: 1

      who moan about not enough time to test updates

      There's not enough time, and then there's this. It was over 6 months already.

  6. Should have used by AHuxley · · Score: 4, Insightful

    Microsoft to sell computer games about flying.
    Use a real OS that has real security for real work.

    --
    Domestic spying is now "Benign Information Gathering"
    1. Re:Should have used by AmiMoJo · · Score: 3, Insightful

      What makes you think any other desktop OS would be less vulnerably to ransomware? Security through obscurity perhaps.

      Let's say they were running Linux. The infection vector is usually a browser exploit or email attachment. Linux does nothing extra to prevent the user from executing code that Windows doesn't also do. Then the malware is running, and has access to the user's file, and any other files that the user has access to on the network. Again, Linux does nothing extra to prevent this.

      The virus spreads via exploits stolen from the NSA. Even assuming they are not zero-day and a patch is available, it's up to the organization to install that patch. If they were not installing Windows patches, why would they be installing Linux patches?

      No, the problem is not the OS. The problem is the IT staff not locking the system down properly. Just switching OS would not help them.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    2. Re:Should have used by kyrsjo · · Score: 3, Insightful

      I doubt they are reading emails on a machine controlling a piece of machinery - these things are generally on a special "technical network" that cannot reach the internet directly. AFAIK these are true remote exploits, not user intervention needed. So yes, it is the OS's fault, and you are off target by blaming the user.

    3. Re:Should have used by Archon · · Score: 0

      First: Qubes OS. https://www.qubes-os.org/

      Second: Regardless of IT staffs' intention, management makes the final decision to let the systems be locked down. In many cases, they don't.

    4. Re:Should have used by AmiMoJo · · Score: 1

      Okay, it's a remote exploit through a network connection. Again, how would a different OS help other than security through obscurity? Other operating systems are not magically bug-free.

      In fact, we say ransomware on MacOS. And that industrial control software they are using, why would the Linux version be any more secure than the Windows version? We have seen infections via application updates before, including people infiltrating open source repos and replacing packages with trojaned ones.

      The way to secure these systems is to unplug the ethernet cable and de-solder the external USB ports. At the very least, put them on a separate secure network. But then it has a cost to the company, because they can't do the same level of integration as having fully networked systems allows.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    5. Re: Should have used by Anonymous Coward · · Score: 0

      "What makes you think any other desktop OS would be less vulnerably to ransomware?"

      I don't. And when that happens, I'll tell (I won't be holding my breath, though).

      In the meantime, this is -again, a Microsoft Windows problem.

    6. Re:Should have used by Anonymous Coward · · Score: 0

      What makes you think any other desktop OS would be less vulnerably to ransomware? Security through obscurity perhaps.

      Let's say they were running Linux. The infection vector is usually a browser exploit or email attachment. Linux does nothing extra to prevent the user from executing code that Windows doesn't also do. Then the malware is running, and has access to the user's file, and any other files that the user has access to on the network. Again, Linux does nothing extra to prevent this.

      The virus spreads via exploits stolen from the NSA. Even assuming they are not zero-day and a patch is available, it's up to the organization to install that patch. If they were not installing Windows patches, why would they be installing Linux patches?

      No, the problem is not the OS. The problem is the IT staff not locking the system down properly. Just switching OS would not help them.

      ...written from a windows users point of view and understanding?

    7. Re:Should have used by kyrsjo · · Score: 1

      > At the very least, put them on a separate secure network

      Aka. "Technical network". At least that's what it is called where I work. And yes, we do run (mainly) Linux for our controls stuff.

      > Again, how would a different OS help other than security through obscurity? Other operating systems are not magically bug-free.

      Sure, they are not, but putting them on a separate network, and avoiding using the operating system that has holes so large that you can fly a 747 through them generally helps.

      > We have seen infections via application updates before, including people infiltrating open source repos and replacing packages with trojaned ones.

      Updates on TN computers tend to be tightly controlled - often so tightly that they never arrive, which of course is a security risk in itself.

  7. They use windows on planes! by Anonymous Coward · · Score: 0

    I thought a BSOD mid air would be enough to make running windows on a plane completely insane.

    Sounds like Donald Trump needs to get the Russians, Chinese and North Koreans to pay for a firewall.

    I bet wannacry will never hit an Antanov.

    1. Re:They use windows on planes! by InfiniteBlaze · · Score: 2

      Probably still running Windows XP or Windows 7...at least those gave diagnostic codes when they failed.

    2. Re:They use windows on planes! by PPH · · Score: 4, Interesting

      No. But they do use it on manufacturing equipment now. I was there when they got hit with the Code Red virus. Fortunately, in 2001 they were running Solaris, HP-UX and Linux on the shop floor. When management came running out in a panic about possible effects on production, we told them, "No problem. We don't run Windows."

      Management's response was, "Why aren't we running Windows?" I guess now they'll find out.

      --
      Have gnu, will travel.
    3. Re:They use windows on planes! by PPH · · Score: 1

      I bet wannacry will never hit an Antanov.

      Yeah. But Boeing will never have to run down to Radio Shack to test vacuum tubes.

      --
      Have gnu, will travel.
    4. Re:They use windows on planes! by ArchieBunker · · Score: 5, Interesting

      I can't believe they removed the F8 safe mode function from Windows 10. Now you need to be in Windows to tell it to reboot in safe mode. Good job there. What if your install is fucked and won't boot?

      --
      Only the State obtains its revenue by coercion. - Murray Rothbard
    5. Re:They use windows on planes! by AHuxley · · Score: 2

      Use the productive time to look up what to replace Windows with.

      --
      Domestic spying is now "Benign Information Gathering"
    6. Re: They use windows on planes! by Anonymous Coward · · Score: 0

      It boots into safe mode after a couple of failed boots.

    7. Re:They use windows on planes! by Anonymous Coward · · Score: 0

      Linux was barely run by any Fortune 100 corporations in 2001, let alone a dinosaur one like Boeing. Some companies were tinkering with Linux, sure, but a production system on the floor? Better get that memory checked out.

    8. Re:They use windows on planes! by Eravnrekaree · · Score: 2

      Its a sad fact that many niche apps like CAD and so on are written for Windows. Yes you can get a CAD program for Linux but it has to meet the requirements and *nix OSs have lagged far behind in applications which have efficient workflow the features needed for many situations. Linux is fine if you need a word processor but when you get into large, specialized technical apps falls behind.

    9. Re:They use windows on planes! by aaarrrgggh · · Score: 2

      Believe it or not, you can get a command and file compatible alternative to AutoCAD on Linux now called BricsCAD. Haven't tried it on Linux, but have on OSX and Windows.

    10. Re: They use windows on planes! by Anonymous Coward · · Score: 0

      In Soviet Russia, the tubes run to you.

    11. Re:They use windows on planes! by PPH · · Score: 4, Interesting

      applications which have efficient workflow the features needed for many situations

      Interesting. Because it was the 'efficient workflow features' that we had to build on UNIX systems at Boeing which were simply unavailable on Windows systems. CATIA started out running on UNIX (AIX and Solaris at Boeing) and was finally ported to Windows NT when the Microsoft fanbois cried hard enough. The backend 'workflow management' was never ported to a Windows platform during my time there. We just couldn't buy enough NT servers that would handle the load a Sun system could handle.

      Data integrity was (and still appears to be) a problem for Windows systems. We had a requirement to keep people from modifying datasets not a part of their scheduled workflow. The NT folks could never figure out how to implement that. And more than a decade later, this is fundamentally what the WannaCry virus does. Windows just isn't ready for enterprise use yet.

      --
      Have gnu, will travel.
    12. Re:They use windows on planes! by Anonymous Coward · · Score: 0

      Linux went mainstream during the dotcom bubble which started in around 1998. I was working as a Linux admin in NYC the summer of 2001.

    13. Re:They use windows on planes! by Anonymous Coward · · Score: 0

      TW317 for the win! 767 Wing Line rules!!

    14. Re:They use windows on planes! by HiThere · · Score: 1

      Linux was *NOT* the only alternative. Not even the most secure alternative. Just the most actively developed.

      Other alternatives are the various BSDs. They existed then and were stable then. I'm not really sure about the differences between them, or whether they are more significant than the differences between the various Linux distros.

      --

      I think we've pushed this "anyone can grow up to be president" thing too far.
    15. Re: They use windows on planes! by Anonymous Coward · · Score: 0

      But all these CAD applications were written for UNIX systems and still retain those features. AutoCAD commands are still UNIX like. AutoCAD also used to support Linux.

    16. Re: They use windows on planes! by Anonymous Coward · · Score: 0

      You use a recovery disc (which you can use to go straight into safe mode)?

    17. Re:They use windows on planes! by thegarbz · · Score: 3, Informative

      What if your install is fucked and won't boot?

      After 3 failures to boot to the desktop windows will automatically trigger the startup repair program where among other options you can attempt to boot into various forms of safe mode.

      If you for some reason can't get there (i.e. your computer boots to desktop and then somehow cleanly reboots preventing Windows from triggering the startup repair) you can do it manually from the recovery partition, USB or Windows 10 install media, or just go all out brute force and hit the reset button 3 times while the windows logo comes up to trigger 3 boot failures.

      As to why they don't do it, that much is obvious. Windows no longer goes through a proper boot process anymore unless you either a) manually reboot using the start menu, or b) install a windows update. After all booting is a big waste of time in the eyes of MS, as is giving the user 3 seconds to hit F8. On my desktop those 3 seconds make up the vast majority of the boot time.

      And no shutting down windows and then turning the power on is not a proper reboot anymore. That puts windows into some kind of half state which is how they dramatically cut down the boot time.

    18. Re:They use windows on planes! by thegarbz · · Score: 1

      Because it was the 'efficient workflow features' that we had to build

      So you built something yourself? You and the GP are talking about two different things.

    19. Re:They use windows on planes! by dunkelfalke · · Score: 2

      Antonov is Ukrainian FYI.
      And given the sorry state of their aircraft production (the overwhelming majority of An-148s was built in Russia, not in the Ukraine) the only Antonov computers that could get hit by WannaCry would be the laptop of the managing director and the workstation of his typist.

      --
      "It's such a fine line between stupid and clever" -- David St. Hubbins, Spinal Tap
    20. Re:They use windows on planes! by Anonymous Coward · · Score: 0

      Of course they use windows!!! If not, how would pilots see outside???

    21. Re:They use windows on planes! by PPH · · Score: 1

      So you built something yourself?

      Of course. Business rules have to be set up and workflows have to be defined.

      --
      Have gnu, will travel.
    22. Re: They use windows on planes! by WindBourne · · Score: 1

      No, windows is not on the plane. In this case, it is manufacturing equipment that was hit.

      --
      I prefer the "u" in honour as it seems to be missing these days.
    23. Re:They use windows on planes! by Thelasko · · Score: 1

      You guys have me all nostalgic about running Unigraphics on an HP-UX system.

      However, I thought the data integrity requirements you mention were largely resolved by Teamcenter.

      --
      One of our competitors trademarked the term "hypothesis". From now on, we will call them "boneheaded ideas".
    24. Re:They use windows on planes! by Anonymous Coward · · Score: 0

      Did you work for Veritas then?

      servo

    25. Re:They use windows on planes! by PPH · · Score: 1

      resolved by Teamcenter

      I'm not sure. They were looking at a lot of different products to implement DCAC/MRM when I left. This may have been one of them.

      Their problems were that whatever tool suite they tried to implement on top of an NT infrastructure, it was pretty easy to go in 'underneath' the apps and fiddle with the data. And this is probably what leads to stuff like WannaCry. Once one system in a domain is cracked, it seems to be pretty easy to get into pretty much anything else.

      --
      Have gnu, will travel.
    26. Re:They use windows on planes! by Anonymous Coward · · Score: 0

      Did not know BricsCAD runs on Linux. Serendipitous find during lunch reading FTW! Thanks for sharing.

    27. Re:They use windows on planes! by thegarbz · · Score: 2

      Business rules have to be set up and workflows have to be defined

      Again you and the GP talked about two different things. The GP talked about pre-defined software based workflows to suit the business. You're talking about designing a business workflow then custom making software to suit.

      It may sound like splitting hairs, but it will be precisely that hair which fundamentally changes the procurement process. Also many industries in general are overwhelmingly moving to the process described by the GP as they learn that their own defined business workflows are often either not the most efficient, or require so much bespoke software that it costs them a lot of money to maintain that workflow.

      I have spent the best part of last year in exactly this kind of discussion. ... *wasted*. I have *wasted* the best part of last year in that kind of discussion. It's amazing that everyone thinks they are special.

    28. Re:They use windows on planes! by jbengt · · Score: 1

      I have used BricsCAD on Linux, a few years ago, and it was pretty good then. I would still be using it if my workplace hadn't issued me a Windows 7 laptop with AutoCAD and Revit on it (with the expectation of me working on the train and during weekends).

    29. Re:They use windows on planes! by Anonymous Coward · · Score: 0

      "There is MOTHER-FUCKIN windows on the plane !!

    30. Re:They use windows on planes! by Anonymous Coward · · Score: 0

      And why not before 3 times ?. why not when you want or need?

    31. Re:They use windows on planes! by iczer1 · · Score: 1

      "Windows just isn't ready for enterprise use yet." reminds me of:

      Why Windows NT Server 4.0 continues to exist in the enterprise would be a topic appropriate for an investigative report in the field of psychology or marketing, not an article on information technology. Technically, Windows NT Server 4.0 is no match for any UNIX operating system, not even the non-commercial BSDs or Linux.
      http://linux.math.tifr.res.in/...

    32. Re:They use windows on planes! by PPH · · Score: 1

      their own defined business workflows are often either not the most efficient, or require so much bespoke software that it costs them a lot of money to maintain that workflow.

      That might work for a plumbing repair business. But I don't think there is an item in the pull down menu to select the "commercial aircraft manufacturing" workflow. And it doesn't really cost that much if you start out with a flexible tool set. Compared to having some consultants from a Windows shop "waste the better part of last year" trying to sell you their canned solution.

      The biggest part of any process re-engineering is to sit down with the customer, identify their processes and the inefficiencies therein and only then, propose a solution. And occasionally, after a cleanup, a clipboard and paper solution will work just fine.

      --
      Have gnu, will travel.
    33. Re:They use windows on planes! by Anonymous Coward · · Score: 0

      Isn't that what radar is for?

    34. Re:They use windows on planes! by Anonymous Coward · · Score: 0

      They didn't remove the F8 function; it's only hidden and can be reenabled using command-line programs

  8. Back-ups... Back-ups... Back-ups... by Anonymous Coward · · Score: 4, Insightful

    This is why my back-up drives aren't connected to my computer 24-7. When I finish backing up stuff, I disconnect the drive(s).

    Come on people, you gotta be smarter than this by now.

    1. Re:Back-ups... Back-ups... Back-ups... by rtb61 · · Score: 2

      Also if it doesn't need to be connected, do not connect it. If scanned sneaker net from one secured location to another secured location is good enough because it only happens once a week, not every second, that use scanned sneaker net, a lot more expensive per transaction maybe like an extra $10,000 over a year but the alternative hundreds of millions of dollars lost, makes that $10,000 look like nothing. Wireless quick easy, stupidly insecure. Wired not so quick not so easy but a lot more secure. Sneaker net, now that can be as tough as you want to get past, on secured verified staff get to carry data from one location to another location via a secured device and not network cards or chips, for those computers it is impossible to connect to the internet, factually impossible. Sure an internalised computer data transfer system, but not a typical computer network. Also don't hire foreigners because they are cheaper, the cheapest most skilled ones will be foreign agents, your greed serves insecurity best.

      This digital security break down should put all Boeing defence systems on a black list for digital security, who knows what little hidy holes it will bury itself in, only to pop up at some time in the future, when a device that was infected and got turned off in normal operations, only to be turned on at a required time years in the future. Boeing has a real problem now, it's competitors will be, hmm, insider trading raking in the hundreds of millions of dollars and getting a just to steal billions in business. The corporate wars, the US kicked them off, now the hassle of shutting them down.

      --
      Chaos - everything, everywhere, everywhen
    2. Re:Back-ups... Back-ups... Back-ups... by thegarbz · · Score: 2

      This is why my back-up drives aren't connected to my computer 24-7. When I finish backing up stuff, I disconnect the drive(s).

      Come on people, you gotta be smarter than this by now.

      No where do they say they lost data. Just that they were worried about being crippled. You're crippled too while you're slowly recovering your backups rather than getting actual work done.

    3. Re:Back-ups... Back-ups... Back-ups... by antdude · · Score: 1

      Also, they last longer. :)

      --
      Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
    4. Re: Back-ups... Back-ups... Back-ups... by Anonymous Coward · · Score: 0

      Sneakernet? Really? You can get boot viruses that way.
      Networks allow worms.

      What you want is an air gapped system with a camera pointed at a monitor on the networked system.

      High res monitor/projector plus high res camera = high speed air gapped network. Automatic ocr on time lapse jpgs can scan sixty pages a minute easily if your cpu is up to snuff. Higher if you tweak timings and avoid scan interval conflicts via a projector.

      Or flash 1080p QR codes and get an airgaped 2Mbit/sec per 1hz refresh. COTS specialist equipment can hit 480Mbit stock. Quadruple that if you have gobs of money to throw at 4k gear with a tight enough spec.

      This is a solved problem like security breaches via private data on lost/stolen laptops. People don't want to use free encryption. They're not going to pay for air gapped networks unless the liability risk is clearly costlier than a modicum of prevention.

    5. Re:Back-ups... Back-ups... Back-ups... by Anonymous Coward · · Score: 0

      if you care about backups then why are you using windows and NTFS.

  9. What can we file this under? by Anonymous Coward · · Score: 0

    Stupidity, or greed? I mean, sure, all the seven deadly sins are at play, but in what order?

    1. Re:What can we file this under? by AHuxley · · Score: 1

      Windows was the OS that low cost workers could understand.
      Supporting Windows was to be cheaper as everyone can use Windows.
      A really powerful firewall would always protect Windows.
      Windows would have the easy to use GUI software aircraft workers crave.

      --
      Domestic spying is now "Benign Information Gathering"
    2. Re:What can we file this under? by Eravnrekaree · · Score: 0

      Its a sad fact that many niche apps like CAD and so on are written for Windows. Yes you can get a CAD program for Linux but tends to pale in comparison, it has to meet the requirements and *nix OSs have lagged far behind in applications which have efficient workflow the features needed for many situations. Linux is fine if you need a word processor but when you get into large, specialized technical apps falls behind.

  10. Wanna Cry may turn into Wanna Fall Down by Anonymous Coward · · Score: 1

    No sir. It is not a computer virus.
    It is -once again, a Microsoft Windows virus.

    Call things by their names.

    Boeing got hit by Wanna Cry

    Would that make their planes Wanna Fall Down From The Sky ??

    1. Re: Wanna Cry may turn into Wanna Fall Down by Anonymous Coward · · Score: 0

      The new strain is called Wanna Crash.

  11. Wanna die? by Anonymous Coward · · Score: 0

    One of these days this virus is going to hit the wrong person and the authors are all going to wind up dead.

    1. Re:Wanna die? by Applehu+Akbar · · Score: 4, Insightful

      In what universe is an entire national medical system not the "wrong person?" If there was any way of getting at ransomware scammers, we would have deployed it by now.

      https://www.telegraph.co.uk/ne...

    2. Re:Wanna die? by davecb · · Score: 2

      I think if they hit organized crime, even by accident, that might be the "wrong person"

      --
      davecb@spamcop.net
    3. Re:Wanna die? by Dutch+Gun · · Score: 1

      Organized crime reach into normal society is pretty overrated. Seriously... I dare them toaksj alkj;a kalwwwwwwwwwwwwwwwwwwww

      --
      Irony: Agile development has too much intertia to be abandoned now.
    4. Re: Wanna die? by Anonymous Coward · · Score: 0

      You sound pro prison rape. SAD little man.

    5. Re:Wanna die? by Anonymous Coward · · Score: 0

      That actually happened when Anonymous went after the Mexican drug cartels.

    6. Re:Wanna die? by Gonoff · · Score: 1

      One of these days this virus is going to hit the wrong person and the authors are all going to wind up dead.

      They did. One of the groups hit by the attack last spring was the FSB. They used to employ Vladimir Putin when they went by the name KGB. I can't think of a worse target.

      Or perhaps they are now "under new management" after the old management all stopped having functioning nervous systems!

      --
      I'll see your Constitution and raise you a Queen.
    7. Re:Wanna die? by kyrsjo · · Score: 1

      Organized mobsters use the same hospitals as everyone else...

    8. Re:Wanna die? by Joosy · · Score: 1

      ... I dare them toaksj alkj;a kalwwwwwwwwwwwwwwwwwwww

      "Sorry, squire! I scratched the record!"

      --
      I'm sick and tired of these hip, "ironic" sigs. This is an actual, honest-to-goodness no-nonsense sig!
  12. What a difference 2 days makes by Flexagon · · Score: 4, Interesting

    I'm very interested to hear what Boeing vice president Phil Musser has to say about this event given his reported comment just 2 days ago in response to the closure of the Russian consulate in Seattle 'that the company has “rigorous IT and security protocols.”'.

    1. Re:What a difference 2 days makes by thegarbz · · Score: 3, Interesting

      Probably very little given TFA said it took them half a day to contain and caused zero production loss as a result. Frankly that is quite a phenomenal IT response given how many companies were cut off at the knees for a whole week at a time.

  13. Re: Much better! by Anonymous Coward · · Score: 0

    Why allow a single user keypress to decide what to do when a broken os might be able to figure it out after 10 minutes of failed boot. BRILLIANT!

  14. Boeing probably forgot ... by PPH · · Score: 2

    ... to update their Kaspersky AV software.

    --
    Have gnu, will travel.
    1. Re:Boeing probably forgot ... by Anonymous Coward · · Score: 0

      [snort]

  15. Not your grandpa's Boeing by Anonymous Coward · · Score: 5, Interesting

    Boeing used to be one of the world's most competent corporations.

    Then they merged with McDonnellDouglas. They absorbed the McD defense products, and then the morons in the board room replaced a bunch of Boeing's old management structures with the McD people. The McD teams used to outsource more stuff, whereas the old Boeing people used to do stuff more in-house. This came to a head with the 787 program which ended up over budget and behind schedule in large part because Boeing, which used to do everything inhouse, was under the new management oursourcing parts all over the planet and bringing the parts into the Boeing facilities for final assy - a tactic the McD guys were used to but the boeing people and systems were not. The results were entirely predictable to anybody without an MBA degree.

    The idea that the new & reckless Boeing management was running their internal systems on the super-crappy Windows operating system is both predictable and sad. These clowns should not be trusted with national security projects - they probably store all their stuff unencrypted in the cloud and run their Windows machines unpatched and without antivirus protections and hardware firewalls.

    This is the company that has been charging billions of dollars per year for nearly a decade to convert a shuttle external tank into a 1st stage booster - which they MIGHT be able to fly manned 20 years after the design started. Incidentally, the SLS design was specifically chosen to re-use shuttle heritage hardware, including engines and engine plumbing stripped directly from working orbiters, in order to accellerate development time and save money [sigh]. While Musk at SpaceX has been moving to re-usable rockets, Boeing is actually regressing to throwing away expensive reusable shuttle engines on each SLS launch!

    Same company that has been studying blended-wing-body airframes for 20+ years without builing a single manned example. The old Boeing could design a readically new aircraft and get a test article onto a flight line in MONTHS.

    This virus incident is just the most-recent evidence that the federal government was completely incompetent when they allowed Boeing to absorb North American aviation, Rockwell International's aerospace division, Bell helicopter, McDonnellDouglas (itself a merger of McDonnell Aircraft, Douglas Aircraft, Convair and Consolidated) and others. Huge bloated incompetent defense contractors lose all interest in being efficient and competent as they become hooked on cost-plus government contracts combined with lack of competition resulting from the absorption of most or all competitors.

    1. Re:Not your grandpa's Boeing by Anonymous Coward · · Score: 0

      But it creates DEBT, and inflation and money out of thin air! That's what keeps America afloat, didn't you know?

    2. Re:Not your grandpa's Boeing by l0n3s0m3phr34k · · Score: 3, Interesting

      I work as a network security analyst at a small airline, who has some DoD contracts. 800-171 compliance is my job, and our infrastructure team bases most of our decisions around it. Wannacry was patched last year; you have only 30 days to apply patches or your non-compliant. IMHO, Boeing should be brought before Congress and threatened with loosing all their DoD contracts and forced to go through a third-party audit and fined for anything found non-compliant.

      The ONLY "Saving grace" for Boeing might be that they might be able to show that the systems hit with Wannacry are not covered under any DoD contract; ie not used for anything DoD related. However, it's also my opinion that ANYTHING relating to our "national aviation infrastructure" SHOULD be, at a minimum, 800-171 compliant; as should anything relating to electrical utilities, water and sewage, and medical.

      If we actually "go to war", the USA is totally fucked on this front. I fully expect any transition to a "hot war" with, say North Korea, will immediately result in most of the electrical grid shorting out / shutting down, entire city networks being corrupted, and anything with a PC being pwned within 24 hours. We, as a country, are as about prepared for "modern warfare" as the Native Americans were to meeting the Europeans and their diseases.

    3. Re:Not your grandpa's Boeing by dunkelfalke · · Score: 1

      How come Airbus manages the distributed manufacturing just fine then? Boeing simply grew fat and lazy on defence contracts and reiterating the 707, that's all.

      --
      "It's such a fine line between stupid and clever" -- David St. Hubbins, Spinal Tap
    4. Re:Not your grandpa's Boeing by angel'o'sphere · · Score: 1

      Because Airbus is run by socialist communist european aristocrats, thats why!

      --
      Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
    5. Re:Not your grandpa's Boeing by rickb928 · · Score: 1

      'Cyberwarfare' is nearly the ultimate asymmetrical warfare scenario. It takes relatively insignificant effort to inflict massive, possibly fatal, harm on an opponent.

      And it's universally true. You think the US is uniquely unable to attack foes in this manner? Or to mask such an attack, deflecting blame?

      Truth is, MAD worked to mitigate the threat of nuclear war for decades. A similar protocol will be needed to prevent all-out cyberwar, which would be nearly as damaging the nuclear war, for everyone.

      It's a serious threat because it permits threats hat would never be nuclear to exert the same relative force against anyone else. And to do so in temporary anonymity, possibly even permanent if they can do enough damage.

      The answer to such attacks, of course, would be to retaliate in more tangible ways; if you could even find the attackers. And be sure of their identity and sponsorship.

      --
      deleting the extra space after periods so i can stay relevant, yeah.
    6. Re:Not your grandpa's Boeing by Anonymous Coward · · Score: 0

      If we actually "go to war", the USA is totally fucked on this front. I fully expect any transition to a "hot war" with, say North Korea, will immediately result in most of the electrical grid shorting out / shutting down, entire city networks being corrupted, and anything with a PC being pwned within 24 hours. We, as a country, are as about prepared for "modern warfare" as the Native Americans were to meeting the Europeans and their diseases.

      And we have Microsoft to thank for this.

    7. Re:Not your grandpa's Boeing by PPH · · Score: 1

      You think the US is uniquely unable to attack foes in this manner?

      Russian security services use typewriters.

      --
      Have gnu, will travel.
    8. Re:Not your grandpa's Boeing by PPH · · Score: 1

      immediately result in most of the electrical grid shorting out / shutting down

      I'm not worried. Our local power company put their first power plant on line in 1898. And they haven't changed much since then.

      --
      Have gnu, will travel.
  16. Inside job, stop blaming Russia by Anonymous Coward · · Score: 0

    a company of this size making the kind of airplanes, space components and required software simply does not have these holes protruding into their critical systems. This was clearly done from the inside, and yet somehow I bet they will blame it on Russia.

  17. Should have patched by Chrisq · · Score: 4, Insightful

    Since the NHS were admonished for not installing patches which would have prevented Wanacry in May 2017, Boeing really should have patched their systems by now.

  18. airplane software by Anonymous Coward · · Score: 0

    they are worried it might spread to airplane software.
    thanks, knowing this, now i'll be worried every time i fly with boeing.

    1. Re:airplane software by PPH · · Score: 1

      We had a story when I worked there: A CS consultant was giving an embedded systems class to a bunch of Boeing engineers. He started the first day off by asking, "If you were on a Boeing plane taking off and you suddenly realized that your group was responsible for the avionics software, how many of you would be concerned?" Everyone raised their hands except for one lady sitting in the front row. So the instructor asked her why she wasn't worried. "If my department wrote the software, the plane wouldn't even taxi, let alone take off."

      --
      Have gnu, will travel.
  19. Russian expulsions by Anonymous Coward · · Score: 0

    Wonder if this has anything to do with the Russian expulsions and closing of the consulate in Seattle that is considered too close to US submarine base and Boeing's operations?

    1. Re:Russian expulsions by Anonymous Coward · · Score: 0

      The answer is no.

  20. Which Defense Systems Failed? by Anonymous Coward · · Score: 1

    Unlike so many the succumb to ransomware, I expect that Boeing had good defenses - practices and systems - in place to defend against ransomware and intrusion. It's possible or even probable that they had the best systems in place

    Ransomware has been my biggest security fear for the last couple of years and defending against ransomware and the possibility of infection has been my biggest spend as well as time-sink for the past couple of years. The idea of a department or the entire company being infected scares the shit out of me.

    I'd very much like to know exactly which systems Boeing had implemented. I'd like to know which systems failed so dramatically.

    1. Re:Which Defense Systems Failed? by PPH · · Score: 2

      I expect that Boeing had good defenses

      You owe me a new keyboard. And a coffee refill.

      --
      Have gnu, will travel.
  21. Dead? by jbmartin6 · · Score: 1

    What happened to the "kill switch"? Was it removed or something? I thought WannaCry was a non-issue now because of that.

    --
    This posting is provided 'AS IS' without warranty of any kind, implied or otherwise.
    1. Re:Dead? by PPH · · Score: 2

      There are (at least) two parts to WannaCry: The transport mechanism, based on the NSA's EternalBlue exploit. And the payload, which does the privilege escalation and file encryption stuff. The 'kill switch' was a domain name that, when resolved by the transport mechanism, would stop it from spreading or deploying its payload on the current host.

      Several different domain names appeared in the WannaCry virus, probably as its creators tried to circumvent the kill switch fix. It's possible that someone got hold of the NSA exploit source and changed the kill switch domain name yet again. Or removed it altogether.

      Its also possible that Boeing didn't enter the kill domains into its internal DNS system. Or that they were deleted during some sort of cleanup*. An even funnier theory: The kill switches may have been put in by the NSA to keep their back door ware from spreading into secure government and subcontractor's systems. And Boeing just didn't rate a "friend of the government" designation in the NSA's buddy list.

      *Anecdote: We had a couple of systems crash back when I worked there because some IT bigwig had asked, "What are the /tmp directories for?" And upon getting an (oversimplified) answer of "For saving garbage files", he ordered them to be deleted since "We don't store garbage on our systems."

      --
      Have gnu, will travel.
  22. isn't this the same virus that was fixed? by Anonymous Coward · · Score: 0

    Isn't there a tool that finds the key in memory and automatically decrypts the files.

  23. I miss sysadmin work less and less by rickb928 · · Score: 1

    First thing that comes to mind; the multiple layers of backups and images needed to assure recovery from these events. In a dynamic manufacturing environment, I would want stackable images, possibly hourly delta backups, maybe even run things in VMs with on-and off-line redundancy. I would be diving my VMware rep insane with demands to port the images into KVM or virtualbox, and always at the lowest possible version to permit restoration despite underlying OS or environmental changes... Data separation to avoid losing it all in a half hour.

    Then and only then would I go back to fretting over the network security team and all the layers of intrusion detection and prevention.

    And a lab full of honeypots to try and identify the vermin before they find the real cheese. Because if I had Boeing as a client or employer, I would know I work for one of the most coveted targets on Earth. Not just script kiddies, but jerks, paid criminals, state actors, and competitive industrial spies. Everyone with an Android phone or a RasPi. Everyone. Even Facebook.

    And I would probably be redesigning the data assurance system yearly, just to keep refining it with the latest options.

    Intel certainly deals with this. They are an information company, and losing tools due to these threats should be unacceptable. Not merely airgap security for production tooling, but for all company IP. No other way. Seems like Boeing had a hole. Darn.

    --
    deleting the extra space after periods so i can stay relevant, yeah.
    1. Re:I miss sysadmin work less and less by Anonymous Coward · · Score: 0

      And outsourced to India and given to a 22 year old kid with no experience besides a paper mcse to run it all to save a mere $50,000 a year so a manager can get a bonus

    2. Re: I miss sysadmin work less and less by rickb928 · · Score: 1

      Yeah, Deepak will just reach across the pond and toggle the power to the DNS server.

      --
      deleting the extra space after periods so i can stay relevant, yeah.
  24. Re: NSA; wrong by WindBourne · · Score: 1

    NSA is not the ones to blame. You can and should blame companies for no longer taking security serious. Boeing has had ages to update their computers, yet have done nothing. Likewise, even now, they are pouring money into places like Russia to make titanium, and vietnam, China, and India are doing software for Boeing ( India works closely with Russia on military projects ). Boeing and other companies are to blame.

    --
    I prefer the "u" in honour as it seems to be missing these days.
  25. you're not even trying by Anonymous Coward · · Score: 0

    You can do better than that. Surely China was to blame somehow?

  26. Yeah by Anonymous Coward · · Score: 0

    You would do this all from your Mamas Basement.

    Here is the protip: Boeing is highly connected with thousands of suppliers, contractors and customers. They cannot simply disconnect themselves from the rest of the world. They almost certainly use lots of Windows-only stuff such as CAD packages. They employ a literal army of people, most of whom are not IT specialists. These folks must collaborate to keep the company running. Exchanging Emails, CAD files, scientific calculations, Excel-past parts list and lots of other Office documents. If you lock them down fully, the whole enterprise comes to a standstill.

    So: Basement Consulting LLC should come up with a concept that balances security and business needs.

    1. Re:Yeah by rickb928 · · Score: 1

      No different than any Fortune 100/500 company, such as Intel, GE, Ford, any national bank, any number of organizations. 'Locking them down' doesn't bring them to a standstill. As if they are not 'locked down' now, for if not, they were pwned a few years ago. Totally.

      'Locked down' is dog whistle for "I can't do whatever I want on the company laptop oh noes pimpage". Yeah. It's not even yours. Be happy you've got a job you can do from your mom's basement. My home office has a real window that shows me sunlight and my back lawn, not just the galvanized foundation vent and the spider nest. And a dog. And fresh coffee, Sumatra.

      --
      deleting the extra space after periods so i can stay relevant, yeah.
    2. Re:Yeah by Anonymous Coward · · Score: 0

      Last summer my employer - under extreme budget pressure at the time - ordered all of us to apply the WannaCry patches within 24 hrs or remove the systems from the internet. Boeing had many options but remained complacent. They own this...

      We also had many systems with propietary boards that ran instruments that would cost a small fortune to replace. In those case we installed a small computer with up-to-date OS and antivirus with 2 NIC cards and created a shared disk to exchange files. Crude, often annoying, but effective...

  27. Already by Anonymous Coward · · Score: 0

    You bet the Russians are already spreading false information in the Antonov computers they control. Which is all of them plus the personal computers of the Antonov employees.

    Ukraine is a fully corrupt s-hole and it has only become worse since Merkel and America have meddled in Ukraine.

    1. Re:Already by dunkelfalke · · Score: 1

      No argument about your second sentence - I have witnessed that myself. Worst country in Europe.

      --
      "It's such a fine line between stupid and clever" -- David St. Hubbins, Spinal Tap
  28. Yeah 1337 Windows-man by Anonymous Coward · · Score: 0

    Now, what happens if the crypto virus starts to encrypt your backup files as soon as you attach them to the computer ?

    Or do you buy a new backup medium every 14 days ???

    Or even worse, what happens if the virus slightly modifies the files in such a manner that they still nicely load into Excel, Powerpoint, AutoCAD etc, but changes the data slightly ? Then you cannot trust your nice backup any more.

  29. Yeah, Mr Superlogic by Anonymous Coward · · Score: 0

    So you create an optical transmission channel and by means of MAGIC malware is not transmitted by the optical channel ? Or is it a one-way channel ? You can get that much more reliable, easier and cheaper by using DVDs which are never again inserted into the source computer.

    One more question: Who stole your brain ?

  30. NAHH -SPETZNAZ by Anonymous Coward · · Score: 0

    Elite female Russian secret warriors looked too deeply into the eyes of Boeing managers. So they downloaded the viruses in some sort of trance by themselves, directly from www.evil-virus-of-russ.RU. All subconsciously, of course.

  31. Fight Back Boeing! by Anonymous Coward · · Score: 0

    Fight back Boeing! Reverse engineer that SOB and re-issue it into the wild as the WannaFly simulation!

  32. corporate experience by Anonymous Coward · · Score: 0

    Old Boeing management did not do it, so they did not develop that skillset and the proper managerial tools.

    McDonnellDouglas did it, but were a bit of a shambles in other areas, rendering them weak enough to become an aquisition target from Boeing.

    When the McD managers with their outsourcing dreams were put into positions at Boeing which was not experienced with outsourcing at that scale, things bubbled along OK for years with existing products, but when the new 787 came along and all the dreams of turning Boeing into a major outsourcer were put in place to [hopefully] drive up stock prices, things got really messy in a hurry.

    The Europeans, on the other hand, had a long experience with outsourcing on major aerospace projects like Concorde - for them and Airbus it was a standard way of doing things.