Boeing Hit With Ransomware. Has WannaCry Returned?
The dreaded WannaCry ransomware strain, which last year devastated hundreds of thousands of endpoints and enterprises around the world, appears to have briefly returned once more: aerospace manufacturer Boeing allegedly suffered an attack from the revived malware.
WannaCry was never considered truly dead, but it was considered neutered when its killswitch was accidentally discovered by Marcus Hutchins last year. That it would resurface and harm such a prominent manufacturer raised fears, especially of the infection spreading to aircraft software. However, it has not yet been confirmed if the malware was the original WannaCry strain or an imitation ransomware program.
Boeing claims they detected and removed the threat prior to writing. In a tweeted statement they said: “A number of articles on a malware disruption are overstated and inaccurate. Our cybersecurity operations center detected a limited intrusion of malware that affected a small number of systems. Remediations were applied and this is not a production or delivery issue.” Boeing said they have resumed normal operations at this time.
Some security experts worry that WannaCry can remain dormant for as long as the killswitch is active, but may return to infecting endpoints when they are safe to do so. The incident reminds us of twofold truths in cybersecurity. One is that nothing is dead that can eternal lie. Even the threats we’ve “beaten” can come back to haunt us. Hackers count among their numbers just as many innovators and ingenues as security experts do. What worked once can be retooled to work again under new conditions and with new goals.
Another is that we do need to remember to take a deep breath and evaluate what is truly a threat. Ransomware attacks are actually decreasing as much more lucrative cryptojacking attacks expand their victim pools. Jumping the gun on every potential threat can create mass burnout and cause us to miss the real threats just under our noses. In other words, if we aren’t careful we’ll start creating our own false positives. Let’s not give hackers another advantage in this long war.