Moderators: jsumali2, richierich, ua900, PanAm_DC10, hOMSaR

 
Runway28L
Topic Author
Posts: 2100
Joined: Wed Sep 20, 2017 7:35 pm

Boeing hit by WannaCry virus, could impact production

Wed Mar 28, 2018 10:54 pm

http://www.seattletimes.com/business/bo ... roduction/

Boeing was hit Wednesday by the WannaCry computer virus, raising fears within the company that it could cripple some vital airplane production equipment.

Mike VanderWel, chief engineer at Boeing Commercial Airplane production engineering, sent out an alarming memo calling for “All hands on deck.”

“It is metastasizing rapidly out of North Charleston and I just heard 777 (automated spar assembly tools) may have gone down,” VanderWel wrote, adding that he’s concerned the virus will hit equipment used in functional tests of airplanes ready to roll out and potentially “spread to airplane software.”


It appears that both 777 and 787 production may be affected.

Indicating widespread alarm within the company at the potential impact, VanderWel said the attack required “a battery-like response,” a reference to the 787 in-flight battery fires in 2013 that grounded the world’s fleet of Dreamliners and led to an extraordinary three-month-long engineering effort to find a fix.

“We are on a call with just about every VP in Boeing,” VanderWel’s memo said.


The virus locks out computers and demands ransoms of cryptocurrency (Bitcoin?). It also contaminates vital production parts of the assembly lines.

Boeing's gonna have a lot of work cut out for them to dig out of this mess it seems.
Last edited by Runway28L on Wed Mar 28, 2018 11:02 pm, edited 1 time in total.
 
User avatar
neomax
Posts: 945
Joined: Fri Dec 01, 2017 3:26 am

Re: Boeing hit by WannaCry virus, could impact production

Wed Mar 28, 2018 10:56 pm

I typically don't sympathize with Boeing, but this really does suck.
 
User avatar
Polot
Posts: 10741
Joined: Thu Jul 28, 2011 3:01 pm

Re: Boeing hit by WannaCry virus, could impact production

Wed Mar 28, 2018 10:58 pm

Runway28L wrote:

It appears that 777 and 787 production may be affected. Specifically for the 787, the lithium ion batteries it uses.

You are misreading the article. Boeing is saying that the issue requires a response similar to the lithium ion battery problems a few years ago, not that the batteries are specifically being affected by the virus.
 
User avatar
ikolkyo
Posts: 2994
Joined: Tue Nov 05, 2013 8:43 pm

Re: Boeing hit by WannaCry virus, could impact production

Wed Mar 28, 2018 11:00 pm

This virus was in outbreak for 4 days and was patched a year ago. Why in the world is Boeing not updating their computers to be protected from these kind of things?
 
Runway28L
Topic Author
Posts: 2100
Joined: Wed Sep 20, 2017 7:35 pm

Re: Boeing hit by WannaCry virus, could impact production

Wed Mar 28, 2018 11:01 pm

Polot wrote:
Runway28L wrote:

It appears that 777 and 787 production may be affected. Specifically for the 787, the lithium ion batteries it uses.

You are misreading the article. Boeing is saying that the issue requires a response similar to the lithium ion battery problems a few years ago, not that the batteries are specifically being affected by the virus.

Thanks for pointing that out. Now that I've read it again you are indeed correct. I'll go back and fix that.
 
DDR
Posts: 1732
Joined: Sat Sep 28, 2013 11:09 pm

Re: Boeing hit by WannaCry virus, could impact production

Wed Mar 28, 2018 11:02 pm

These viruses, hacking, and other stuff directed at companies is getting ridiculous. Makes you realize that nothing on line is really safe.
 
User avatar
ikolkyo
Posts: 2994
Joined: Tue Nov 05, 2013 8:43 pm

Re: Boeing hit by WannaCry virus, could impact production

Wed Mar 28, 2018 11:16 pm

Statement directly from Boeing
Statement: A number of articles on a malware disruption are overstated and inaccurate. Our cybersecurity operations center detected a limited intrusion of malware that affected a small number of systems. Remediations were applied and this is not a production or delivery issue.

https://twitter.com/boeingairplanes/sta ... 83937?s=21
 
User avatar
TWA772LR
Posts: 7325
Joined: Thu Nov 17, 2011 6:12 am

Re: Boeing hit by WannaCry virus, could impact production

Wed Mar 28, 2018 11:52 pm

Wasn't WannaCry launched by North Korea?
When wasn't America great?


The thoughts and opinions shared under this username are mine and are not influenced by my employer.
 
buzzard302
Posts: 169
Joined: Sat Jun 06, 2015 12:06 pm

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 12:46 am

ikolkyo wrote:
Statement directly from Boeing
Statement: A number of articles on a malware disruption are overstated and inaccurate. Our cybersecurity operations center detected a limited intrusion of malware that affected a small number of systems. Remediations were applied and this is not a production or delivery issue.

https://twitter.com/boeingairplanes/sta ... 83937?s=21


And the truth is probably somewhere in the middle.
 
2175301
Posts: 1898
Joined: Wed May 16, 2007 11:19 am

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 3:13 am

buzzard302 wrote:
ikolkyo wrote:
Statement directly from Boeing
Statement: A number of articles on a malware disruption are overstated and inaccurate. Our cybersecurity operations center detected a limited intrusion of malware that affected a small number of systems. Remediations were applied and this is not a production or delivery issue.

https://twitter.com/boeingairplanes/sta ... 83937?s=21


And the truth is probably somewhere in the middle.


Actually, the truth is probably that a lot of computers were affected; but, that the virus was not effective on those computers.

These kind of viruses work by locking up the data files and not letting you get to them unless you pay the ransom. They can also lock certain backup method files. That matters for things like business files and word documents and administrative computer systems are most affected. Wiping and rebooting the computer looses those files - which can be really costly if you don't have backups that were not affected by the virus. For production and testing computers.... Just wipe the computer and reload the software as the next job is not dependent on the data files from previous jobs.

IT departments that know what they are doing will have backup files (at least once a day) that cannot be locked up by this kind of virus. This minimizes the effect of these kinds of viruses.

I have recently heard of some medical and government departments that did not have adequate secure backup that were really affected badly.

Have a great day,

Have a great day,
 
ODwyerPW
Posts: 1624
Joined: Thu Dec 09, 2004 6:30 am

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 3:29 am

I spent the entire month of July assisting a large multi-conglomerate recuperate after a very similar type attack. It was horrible. You think you are protected from about everything.. and then these things expose your weaknesses. The worst part is the practices that must be adopted post recovery.... I literally want to walk away from all things computers and engineering and just plant trees or farm.... Only there is no money in purifying the air and feeding people.... Fun world...

I feel sorry for the folks at Boeing. Been there... Done that...
learning never stops.
 
RickNRoll
Posts: 1869
Joined: Fri Jan 06, 2012 9:30 am

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 4:57 am

The cyber warfare/sabotage story is hard to decode from news reports. There are attacks that are to a large extent theoretical. They make headlines and patches are applied but the probability of an attack in the near future is very low. Patch when you can on your regular patching schedule.

Others like WannaCry are much more serious. Wannacry was just a poorly executed but still dangerous attack on the well known weakness of the Microsoft SMB communication protocol. Any company that hasn't tried to nail down all SMB1 vulnerabilities should be hanging their heads in shame. SMB1 can even be disabled as it is replaced by newer versions. Now it can be easier for some organizations to deal with urgent patching than others but a company making as much money as Boeing has no excuse for cutting on the IT budget to the extent that a year later is has still not patched all its' computers.

I was surprised to go to the bank for a loan a few years ago and their official loan managers (who are on the road going from branch to branch and to customer homes) were using XP. This from a bank that makes very sizeable profits. That is unforgivable.
 
RickNRoll
Posts: 1869
Joined: Fri Jan 06, 2012 9:30 am

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 5:37 am

Boeing was hit Wednesday by the WannaCry computer virus, and after an initial scare within the company that vital airplane-production equipment might be brought down, company executives later offered assurances that the attack had been quashed with minimal damage.

Though news of the attack triggered widespread alarm within the company and among airline customers during the day, by evening Boeing was calling for calm.

“We’ve done a final assessment,” said Linda Mills, the head of communications for Boeing Commercial Airplanes. “The vulnerability was limited to a few machines. We deployed software patches. There was no interruption to the 777 jet program or any of our programs.”


The head of communications and executives. I wonder what the IT people have to say?

They have only just deployed the software patches. Oh dear.
 
User avatar
KrustyTheKlown
Posts: 365
Joined: Fri Jun 17, 2016 3:45 am

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 6:07 am

Wannacry is still a thing?

If it were any other kind of cyberattack I would suspect retaliation for the closure of the Russian consulate in Seattle, but being infected by a 2 year old worm is just stupidity of Boeing's IT department and makes you wonder if they could even detect a direct cyberattack.
 
VSMUT
Posts: 4591
Joined: Mon Aug 08, 2016 11:40 am

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 6:19 am

TWA772LR wrote:
Wasn't WannaCry launched by North Korea?


Thats what the US government claims. The virus itself was created by the NSA though, and stolen by hackers in 2017.
 
User avatar
bgm
Posts: 2476
Joined: Fri Sep 11, 2009 9:37 am

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 6:32 am

Just think, if Boeing spent the money it wasted taking Bombardier to court on improved cyber security, they wouldn't be in this situation. :duck:

Jokes aside, I'm very surprised that their systems were this weak. This virus was well known, and given how critical these systems are to producing their aircraft, I would have thought Boeing would have taken stronger measures to protect them from cyber attacks.

Hopefully it won't cause too much disruption to their production line.
 
Planesmart
Posts: 2891
Joined: Sun Dec 05, 2004 3:18 am

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 6:57 am

RickNRoll wrote:
I was surprised to go to the bank for a loan a few years ago and their official loan managers (who are on the road going from branch to branch and to customer homes) were using XP. This from a bank that makes very sizeable profits. That is unforgivable.

Banks are Microsoft's single most lucrative industry source of one to one software support contracts. Customer may see shiny Windows 10 front ends, but Vista, XP and 7 still reign supreme behind the scenes.
 
boerje
Posts: 49
Joined: Tue Jan 09, 2018 9:16 am

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 7:21 am

Darn... If only Boeing would have some knowledge and tools against these things. It's not like Boeing has a "comprehensive suite of solutions for customers looking to protect their networks". :lol:

http://www.boeing.com/defense/cybersecurity-information-management/
Last edited by boerje on Thu Mar 29, 2018 7:27 am, edited 1 time in total.
 
Planesmart
Posts: 2891
Joined: Sun Dec 05, 2004 3:18 am

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 7:27 am

boerje wrote:
Darn... If only Boeing would have some knowledge and tools against these things. It's not like Boeing can have a "comprehensive suite of solutions for customers looking to protect their networks". :lol:

http://www.boeing.com/defense/cybersecurity-information-management/

No issues with 787 operator admin software, which is considered to have leading edge security?
 
RickNRoll
Posts: 1869
Joined: Fri Jan 06, 2012 9:30 am

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 7:49 am

Planesmart wrote:
boerje wrote:
Darn... If only Boeing would have some knowledge and tools against these things. It's not like Boeing can have a "comprehensive suite of solutions for customers looking to protect their networks". :lol:

http://www.boeing.com/defense/cybersecurity-information-management/

No issues with 787 operator admin software, which is considered to have leading edge security?


I'd be surprised if any aircraft had critical systems that depended on Windows.
 
User avatar
Jouhou
Posts: 2539
Joined: Tue May 24, 2016 4:16 am

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 9:23 am

I'm going to take a wild guess and say it's affecting cnc machinery, which boeing doesn't make themselves.
情報
 
User avatar
SomebodyInTLS
Posts: 1859
Joined: Wed Jun 15, 2016 12:31 pm

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 11:38 am

DDR wrote:
These viruses, hacking, and other stuff directed at companies is getting ridiculous. Makes you realize that nothing on line is really safe.


And yet so many large corporations willing to put their data in the cloud and their lives in the hands of Microsoft and Google online apps. As an internet old-timer, I just can't understand how people are so naive.
"As with most things related to aircraft design, it's all about the trade-offs and much more nuanced than A.net likes to make out."
 
planecane
Posts: 1579
Joined: Thu Feb 09, 2017 4:58 pm

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 12:38 pm

VSMUT wrote:
TWA772LR wrote:
Wasn't WannaCry launched by North Korea?


Thats what the US government claims. The virus itself was created by the NSA though, and stolen by hackers in 2017.


And you know this for a fact? Cite credible sources please.
 
User avatar
par13del
Posts: 10363
Joined: Sun Dec 18, 2005 9:14 pm

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 12:43 pm

VSMUT wrote:
Thats what the US government claims. The virus itself was created by the NSA though, and stolen by hackers in 2017.

Hmmm.....how does one hack or steal from the NSA.............or perhaps it was stolen by the US Government and given to ....
Oh wait, I'm thinking about Spinnaker in a movie.....my bad.....
 
InThrustWeTrust
Posts: 40
Joined: Fri Jun 19, 2015 7:10 pm

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 12:48 pm

No, Its launch by Airbus....(Joke)
 
bigjku
Posts: 1906
Joined: Sat Feb 17, 2007 10:51 pm

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 1:00 pm

RickNRoll wrote:
The cyber warfare/sabotage story is hard to decode from news reports. There are attacks that are to a large extent theoretical. They make headlines and patches are applied but the probability of an attack in the near future is very low. Patch when you can on your regular patching schedule.

Others like WannaCry are much more serious. Wannacry was just a poorly executed but still dangerous attack on the well known weakness of the Microsoft SMB communication protocol. Any company that hasn't tried to nail down all SMB1 vulnerabilities should be hanging their heads in shame. SMB1 can even be disabled as it is replaced by newer versions. Now it can be easier for some organizations to deal with urgent patching than others but a company making as much money as Boeing has no excuse for cutting on the IT budget to the extent that a year later is has still not patched all its' computers.

I was surprised to go to the bank for a loan a few years ago and their official loan managers (who are on the road going from branch to branch and to customer homes) were using XP. This from a bank that makes very sizeable profits. That is unforgivable.


It’s much more complicated than that. Often time the patching process is just as disruptive if not more so than the threat of a virus. Particularly when you have a large number of different systems working in concert. Hardly any company owns all its own systems either so the extent to which you can control someone else making their stuff compliant with the latest security standards is somewhat limited as well.

I sit on the IT committtee for the finance company I work for and am by no means an expert. But there has to be a balance between what the IT people want both in terms of budget and security and actually getting things done. I haven’t met an IT department or outsourced vendor that can’t spend what I would call “all the money” on things they would like to do. They also often would like everything so locked down that almost nothing actually functions.

From where I sit there is a constant struggle between the two. With these crytpto lockers the key should be having strong backup and recovery versions you can revert to. If they skimped on that they deserve pain. The patching stuff is forgivable in my mind. You can’t always do it how the security experts might want.
 
Jamie514
Posts: 154
Joined: Thu May 18, 2017 4:36 pm

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 1:15 pm

bigjku wrote:
RickNRoll wrote:
The cyber warfare/sabotage story is hard to decode from news reports. There are attacks that are to a large extent theoretical. They make headlines and patches are applied but the probability of an attack in the near future is very low. Patch when you can on your regular patching schedule.

Others like WannaCry are much more serious. Wannacry was just a poorly executed but still dangerous attack on the well known weakness of the Microsoft SMB communication protocol. Any company that hasn't tried to nail down all SMB1 vulnerabilities should be hanging their heads in shame. SMB1 can even be disabled as it is replaced by newer versions. Now it can be easier for some organizations to deal with urgent patching than others but a company making as much money as Boeing has no excuse for cutting on the IT budget to the extent that a year later is has still not patched all its' computers.

I was surprised to go to the bank for a loan a few years ago and their official loan managers (who are on the road going from branch to branch and to customer homes) were using XP. This from a bank that makes very sizeable profits. That is unforgivable.


It’s much more complicated than that. Often time the patching process is just as disruptive if not more so than the threat of a virus. Particularly when you have a large number of different systems working in concert. Hardly any company owns all its own systems either so the extent to which you can control someone else making their stuff compliant with the latest security standards is somewhat limited as well.

I sit on the IT committtee for the finance company I work for and am by no means an expert. But there has to be a balance between what the IT people want both in terms of budget and security and actually getting things done. I haven’t met an IT department or outsourced vendor that can’t spend what I would call “all the money” on things they would like to do. They also often would like everything so locked down that almost nothing actually functions.

From where I sit there is a constant struggle between the two. With these crytpto lockers the key should be having strong backup and recovery versions you can revert to. If they skimped on that they deserve pain. The patching stuff is forgivable in my mind. You can’t always do it how the security experts might want.


“The dog ate my homework.”

Boeing is using shoddy providers that dont adhere to the latest patches on their supplied infrastructure. Boeing is the only entity in a position to demand better from them or outright find better providers.
 
User avatar
par13del
Posts: 10363
Joined: Sun Dec 18, 2005 9:14 pm

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 1:38 pm

Well, they have been pressing their vendors to reduce cost, why do we believe that these vendors only make a/c parts using slide rules and no computers??????
 
toxtethogrady
Posts: 1861
Joined: Sat Dec 23, 2000 12:33 pm

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 1:42 pm

ikolkyo wrote:
This virus was in outbreak for 4 days and was patched a year ago. Why in the world is Boeing not updating their computers to be protected from these kind of things?


So there was some idiot in South Carolina who clicked on an e-mailed link, which they know they're not supposed to do, and it apparently spread.
 
Sooner787
Posts: 2721
Joined: Thu Jul 18, 2013 1:44 am

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 1:58 pm

toxtethogrady wrote:
ikolkyo wrote:
This virus was in outbreak for 4 days and was patched a year ago. Why in the world is Boeing not updating their computers to be protected from these kind of things?


So there was some idiot in South Carolina who clicked on an e-mailed link, which they know they're not supposed to do, and it apparently spread.



That's the scariest part ....only takes one fool to take the bait :(
 
Zaf
Posts: 113
Joined: Wed Jun 15, 2016 9:47 am

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 2:20 pm

The main problem is that a lot of (almost all) industrial tools use Windows as a basis to run their controlling apps. If they had custom Unix or DOS they wouldn't have to deal with a household virus.
They build million dollar tooling systems, but they can't write their own bootloader and OS?
 
boerje
Posts: 49
Joined: Tue Jan 09, 2018 9:16 am

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 2:55 pm

Sooner787 wrote:
toxtethogrady wrote:
ikolkyo wrote:
This virus was in outbreak for 4 days and was patched a year ago. Why in the world is Boeing not updating their computers to be protected from these kind of things?


So there was some idiot in South Carolina who clicked on an e-mailed link, which they know they're not supposed to do, and it apparently spread.



That's the scariest part ....only takes one fool to take the bait :(


So why wasn't the idiot's computer protected by a up-to-date anti-malware program capable of preventing the infection? We are talking about a malware known since May 2017. Yes, the idiot could still click the link but the malware would not be able to run.
 
fsabo
Posts: 197
Joined: Fri Dec 04, 2015 8:41 pm

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 3:00 pm

Zaf wrote:
The main problem is that a lot of (almost all) industrial tools use Windows as a basis to run their controlling apps. If they had custom Unix or DOS they wouldn't have to deal with a household virus.
They build million dollar tooling systems, but they can't write their own bootloader and OS?


Yes. I have trouble comprehending why they do that. I think it is quite stupid.
 
Elementalism
Posts: 603
Joined: Sat Jun 10, 2017 4:03 am

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 3:05 pm

planecane wrote:
VSMUT wrote:
TWA772LR wrote:
Wasn't WannaCry launched by North Korea?


Thats what the US government claims. The virus itself was created by the NSA though, and stolen by hackers in 2017.


And you know this for a fact? Cite credible sources please.



https://en.wikipedia.org/wiki/EternalBlue

Our tax dollars hard at work.
 
Utah744
Posts: 236
Joined: Mon Jul 13, 2009 10:41 pm

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 3:28 pm

Maybe he sent the email 3 days early.
You are never too old to learn something stupid
 
User avatar
Slash787
Posts: 951
Joined: Sat Jul 23, 2016 9:37 pm

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 3:37 pm

I really don't want the B777 X to be delayed.
 
2175301
Posts: 1898
Joined: Wed May 16, 2007 11:19 am

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 4:10 pm

boerje wrote:
So why wasn't the idiot's computer protected by a up-to-date anti-malware program capable of preventing the infection? We are talking about a malware known since May 2017. Yes, the idiot could still click the link but the malware would not be able to run.


Because almost all virus and malware programs detect known viruses. Rewrite it slightly and it won't be recognized. It takes between 4 to 7 days typically for a "new" virus to be added to the various virus program updates.

This is why your virus definitions are updated often... to keep you current with the latest version.

Sad thing is that in reality something like 90% of all known viruses are really something like 20-30 basic attacks; just rewritten slightly so that there are in some cases over 1 million versions of essentially the same base virus.

The real problem is our dependence on software operating systems. Long long ago I had a personal PC which had the operating system hard written on chips... I'd laugh when a disk kept "rereading" because some virus file on the disk was trying to write itself into the system... and could not. That was the sign of an infected disc - and you could always find the virus file on such a disc.

I happen to know that certain industrial controllers intended for secure processes (nuclear plants, and I suspect certain aircraft functions) have gone back to hard coded on chip operating systems. You have to change the chip to change the program.

I cannot imaging why we cannot have most computers doing the same. Everything else can be an app that could be deleted and replaced very quickly. Data files could be controlled by the hard chip operating system.

Have a great day,
 
Elementalism
Posts: 603
Joined: Sat Jun 10, 2017 4:03 am

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 4:19 pm

I'd say the reason is while the virus cant write to the disk. It can still live within memory exploiting whatever is exploitable on the chip. Hardcoding the OS means it cant be upgraded without replacing the chip. If the OS has an exploit(and it will). It will be exploitable until the chip is replaced. This is vs having OS's on writable disks that allow the OS to be patched for exploits without having to replace physical hardware.

This issue would be a bigger nightmare for Boeing if they had to replace tens of thousands of pieces of hardware to stop the attack vs sending out a software patch.
 
boerje
Posts: 49
Joined: Tue Jan 09, 2018 9:16 am

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 4:55 pm

2175301 wrote:
boerje wrote:
So why wasn't the idiot's computer protected by a up-to-date anti-malware program capable of preventing the infection? We are talking about a malware known since May 2017. Yes, the idiot could still click the link but the malware would not be able to run.


Because almost all virus and malware programs detect known viruses. Rewrite it slightly and it won't be recognized. It takes between 4 to 7 days typically for a "new" virus to be added to the various virus program updates.


Well no. Virus definitions and heuristics are used by a file scanning engine but as you wrote these usually only work against known malware. In addition modern anti-malware programs use behavioural analysis, cloud based file reputation checks, process monitoring and the works to allow legitimate programs to run but will alert and block a program when suspicious activity is discovered. It is these properties that allow anti-malware decent chance in detecting zero-day malware.
 
User avatar
litz
Posts: 2368
Joined: Wed Dec 24, 2003 6:01 am

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 4:57 pm

The comment about "automated spar assembly" is interesting. Whether or not it's true, who knows ...

but what's interesting is that there are an awful lot of computers in today's world that run essentially hands-off automated tasks ... 10 years ago, these were all dedicated microcontrollers ... 5 years ago, they were embedded versions of the OS. Today, seems more and more are full-fledged OS instances, running dedicated tasks.

Those computers need exactly the same level of care and patching as the laptop on employee X's desk ... and because it's a "black box" attached to a big giant machine, it might get overlooked.

That's dangerous stuff, and should be a wake-up call across all industries.
 
User avatar
Tugger
Posts: 10746
Joined: Tue Apr 18, 2006 8:38 am

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 5:01 pm

So far it appears that Boeing has reacted properly and had the proper systems in place to safeguard themselves.

I am seeing a lot of made up situations in the thread, one person saying they are using outdated versions of software or their employee PC's aren't protected and then someone else attacking Boeing for being that bad when it isn't even a real thing, the situation is a staw-man set up by poster.

We don't know the actual facts of the situation yet and we likely never will. It could be any number of things and in a company with 140,000 employees and probably in excess of 100,000 PC's that is a lot of potential access and error points. Large companies like that have billion dollar IT divisions that must contend with all of that and more. The fact that someone can receive an email from a "friend" or bring in a thumb drive that then allows a malicious code to install probably happens several times a week if not more often. The important thing is to keep it limited and isolated and prevent any real damage.

Actually these kinds of attacks are easy, they can be seen and stopped. The more difficult thing is cyber-spying, hacking and infiltration as they do not "do damage" and instead sit and be as quiet an non-disruptive as possible for as long as possible. Siphoning off as much information as they can. And that is the nightmare, that is what most companies fear and work to find and reduce harm from.

This sounds like it was limited to a section somewhere (here I am making my own strawman) and it spreads from the entry computer to others but was then contained. The affected systems will be cleaned and the entry point and action that allowed it reviewed and addressed (employee written up or even up to termination or that virus identified and the system updated to prevent its entry again). As I said we probably won't know the facts ever.

Tugg
I don’t know that I am unafraid to be myself, but it is hard to be somebody else. - W. Shatner
There are many kinds of sentences that we think state facts about the world but that are really just expressions of our attitudes. - F. Ramsey
 
2175301
Posts: 1898
Joined: Wed May 16, 2007 11:19 am

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 6:31 pm

boerje wrote:
2175301 wrote:
boerje wrote:
So why wasn't the idiot's computer protected by a up-to-date anti-malware program capable of preventing the infection? We are talking about a malware known since May 2017. Yes, the idiot could still click the link but the malware would not be able to run.


Because almost all virus and malware programs detect known viruses. Rewrite it slightly and it won't be recognized. It takes between 4 to 7 days typically for a "new" virus to be added to the various virus program updates.


Well no. Virus definitions and heuristics are used by a file scanning engine but as you wrote these usually only work against known malware. In addition modern anti-malware programs use behavioural analysis, cloud based file reputation checks, process monitoring and the works to allow legitimate programs to run but will alert and block a program when suspicious activity is discovered. It is these properties that allow anti-malware decent chance in detecting zero-day malware.


Those programs only detect suspicious activity after the virus or malware is on our computer.... They don't prevent it from getting there. Prevention requires an exact match of code - which is easy to fool with a simple edit of a virus. There are some really nasty things out there that can slip by the "suspicious activity" triggers until they are deep into your system... (those triggers happen based on a series of events over a limited time period - and the same series over a long time period is missed).

The real problem is this idea that every machine needs 1) a computer that can do it all (the entire restaurant kitchen in functions) vs just being a knife and fork, and 2) that everything must be connected.

In my opinion BS to both. Most industrial computers need to be able to do no more than 3 basic functions (and most just 2); and if they can do those well - there is no reason to link them.

But, once you use an "all functions possible" program that can do nothing really well but everything so-so - unless something is monitoring it and telling it to do better; you now need to monitor and control it.

I vote that its time to go back to dedicated controllers that can only do the needed functions for almost all machines and process controls. That would stop most of these problems. It is in fact the very reason that nuclear power plant controls - even on the newest plants - are distributed controls without an overall central controlling computer (there is a monitoring computer with one way data diodes to alow trending of process data and alert people of issues). If one system goes haywire it's easy to take manual control of that system while everything else is independently controlled. My friends in the fossil power industry also tell me that they are going away from central control computers installed on plants a decade or so ago and are going back to distributed controls for the same reason.

Edited to add: My engineering minor is in controls/control technology. I have gone from large cabinets of relays, analog computers, through every generation of control computers out there.

Have a great day,
 
2175301
Posts: 1898
Joined: Wed May 16, 2007 11:19 am

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 6:44 pm

Elementalism wrote:
I'd say the reason is while the virus cant write to the disk. It can still live within memory exploiting whatever is exploitable on the chip. Hardcoding the OS means it cant be upgraded without replacing the chip. If the OS has an exploit(and it will). It will be exploitable until the chip is replaced. This is vs having OS's on writable disks that allow the OS to be patched for exploits without having to replace physical hardware.

This issue would be a bigger nightmare for Boeing if they had to replace tens of thousands of pieces of hardware to stop the attack vs sending out a software patch.


You miss the point that if machines and processes are controlled by dedicated chip computers they don't need to be linked at all, and any attack is likely to only be able to affect a few computers.

Also, if a virus can attack a hard coded chip. Turning the computer off and restarting it clears the virus and restarts the proper program. Simple as that. It cannot be stored in permanent memory as that is one of the design rules for these kinds of computers, and the proper program cannot itself be corrupted.

Have a great day,
 
VSMUT
Posts: 4591
Joined: Mon Aug 08, 2016 11:40 am

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 7:07 pm

Elementalism wrote:
planecane wrote:
And you know this for a fact? Cite credible sources please.


https://en.wikipedia.org/wiki/EternalBlue

Our tax dollars hard at work.


:checkmark:

https://www.telegraph.co.uk/technology/ ... er-attack/

Microsoft slams US government over global cyber attack

The global ransomware attack, which hit computers in more than 150 countries, was engineered using tools developed by America's spy agency, the National Security Agency.


It isn't even the first time it has happened. The Stuxnet virus that ruined the Iranian nuclear centrifuges was also a US development (quite possibly with Israeli involvement). While it was successful, Iran retaliated by putting it up for grabs for anyone interested in it, and it eventually caused tremendous damage against the west when all sorts of hackers got their fingers on it. Using a virus as cyber warfare tool is a double-edged sword...
 
Elementalism
Posts: 603
Joined: Sat Jun 10, 2017 4:03 am

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 7:11 pm

2175301 wrote:
Elementalism wrote:
I'd say the reason is while the virus cant write to the disk. It can still live within memory exploiting whatever is exploitable on the chip. Hardcoding the OS means it cant be upgraded without replacing the chip. If the OS has an exploit(and it will). It will be exploitable until the chip is replaced. This is vs having OS's on writable disks that allow the OS to be patched for exploits without having to replace physical hardware.

This issue would be a bigger nightmare for Boeing if they had to replace tens of thousands of pieces of hardware to stop the attack vs sending out a software patch.


You miss the point that if machines and processes are controlled by dedicated chip computers they don't need to be linked at all, and any attack is likely to only be able to affect a few computers.

Also, if a virus can attack a hard coded chip. Turning the computer off and restarting it clears the virus and restarts the proper program. Simple as that. It cannot be stored in permanent memory as that is one of the design rules for these kinds of computers, and the proper program cannot itself be corrupted.

Have a great day,


That is assuming the source of the outbreak has been found. If it hasnt, once the exploitable OS is back up, the virus comes back.
 
2175301
Posts: 1898
Joined: Wed May 16, 2007 11:19 am

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 9:23 pm

Elementalism wrote:
2175301 wrote:
Elementalism wrote:
I'd say the reason is while the virus cant write to the disk. It can still live within memory exploiting whatever is exploitable on the chip. Hardcoding the OS means it cant be upgraded without replacing the chip. If the OS has an exploit(and it will). It will be exploitable until the chip is replaced. This is vs having OS's on writable disks that allow the OS to be patched for exploits without having to replace physical hardware.

This issue would be a bigger nightmare for Boeing if they had to replace tens of thousands of pieces of hardware to stop the attack vs sending out a software patch.


You miss the point that if machines and processes are controlled by dedicated chip computers they don't need to be linked at all, and any attack is likely to only be able to affect a few computers.

Also, if a virus can attack a hard coded chip. Turning the computer off and restarting it clears the virus and restarts the proper program. Simple as that. It cannot be stored in permanent memory as that is one of the design rules for these kinds of computers, and the proper program cannot itself be corrupted.

Have a great day,


That is assuming the source of the outbreak has been found. If it hasnt, once the exploitable OS is back up, the virus comes back.


These outbreaks are almost always a one time intrusion. There is no active source in the network once it is cleared. With hard chip programmed computers its gone once the computer is restarted. Let me explain why. I will use the example of an ancient portable PC I had from Radio Shack with hard coded operating system (and floppy disc). There was a small internal memory for data files. But, the only data files allowed were the word files, spreadsheet files, and database files. No other extensions could be written to that memory, and those extensions could not be an executable file.

I have seen many industrial controllers with the same feature. The ONLY files that could be stored were their own internal data files (or imported data files). No other form of file could be written to the internal storage. That is done by hard coded limitations on file writing and file transfer; and its very simple an not likely a place for someone to make a mistake that is subject to a virus attack in the OS (it is the bases of the security of the system). What is in RAM vanishes and is whipped on reboot of the computer. End of virus.

Such a computer these days would most likely only have a memory stick input/output (and may have a data output only connection - one way data diode - often optical in high security applications). In any suspected computer problem the memory stick is pulled from the machine, and certainly scanned - if not destroyed if they suspect a problem.

This kind of system is far more secure than you are thinking. In my opinion the problem is that the industry has generally gone away from them because overall on construction and initial programing cost - a general reprogramable "do it all" computer is cheaper to build and initially program over a large number of applications. Dedicated chip computers have much lower production numbers and the program has to be loaded on the chip (and usually the chip replaced in the computer - there are certain computers that allow a special port with specific access codes to program the chip in the computer - my Auto CPAP a medical device is like that). That cost more initially. However, long term maintenance and troubleshooting cost are less (not to mention that the device is secure from such virus attacks or very easily recovered just by turning it off and on).

Have a great day,
 
Andre3K
Posts: 361
Joined: Tue May 30, 2017 10:11 pm

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 10:06 pm

Well I don't know why anyone is surprised and even though I'm more of a Boeing fan boy I DON'T feel sorry for them. If you want to automate huge chunks of your workers out of existence then you have karma issues to deal with.
 
RickNRoll
Posts: 1869
Joined: Fri Jan 06, 2012 9:30 am

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 10:29 pm

par13del wrote:
Well, they have been pressing their vendors to reduce cost, why do we believe that these vendors only make a/c parts using slide rules and no computers??????


There are many ways to have a process computerized and not use Windows. For specialized computer run functions using Windows is often an easy cop out. With a bit more work you can be using a dedicated processor and software that is pretty well safe from viruses. Such as the hardware/software used to run their own jets.
 
PlanesNTrains
Posts: 9524
Joined: Tue Feb 01, 2005 4:19 pm

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 10:29 pm

Andre3K wrote:
Well I don't know why anyone is surprised and even though I'm more of a Boeing fan boy I DON'T feel sorry for them. If you want to automate huge chunks of your workers out of existence then you have karma issues to deal with.


You just described most large scale manufacturers I'd think. I'd imagine by wishing for those jobs back, we'd also be wishing for all the tech folks to be out on the street.
-Dave


MAX’d out on MAX threads. If you are starting a thread, and it’s about the MAX - stop. There’s already a thread that covers it.
 
RickNRoll
Posts: 1869
Joined: Fri Jan 06, 2012 9:30 am

Re: Boeing hit by WannaCry virus, could impact production

Thu Mar 29, 2018 10:36 pm

bigjku wrote:
RickNRoll wrote:
The cyber warfare/sabotage story is hard to decode from news reports. There are attacks that are to a large extent theoretical. They make headlines and patches are applied but the probability of an attack in the near future is very low. Patch when you can on your regular patching schedule.

Others like WannaCry are much more serious. Wannacry was just a poorly executed but still dangerous attack on the well known weakness of the Microsoft SMB communication protocol. Any company that hasn't tried to nail down all SMB1 vulnerabilities should be hanging their heads in shame. SMB1 can even be disabled as it is replaced by newer versions. Now it can be easier for some organizations to deal with urgent patching than others but a company making as much money as Boeing has no excuse for cutting on the IT budget to the extent that a year later is has still not patched all its' computers.

I was surprised to go to the bank for a loan a few years ago and their official loan managers (who are on the road going from branch to branch and to customer homes) were using XP. This from a bank that makes very sizeable profits. That is unforgivable.


It’s much more complicated than that. Often time the patching process is just as disruptive if not more so than the threat of a virus. Particularly when you have a large number of different systems working in concert. Hardly any company owns all its own systems either so the extent to which you can control someone else making their stuff compliant with the latest security standards is somewhat limited as well.

I sit on the IT committtee for the finance company I work for and am by no means an expert. But there has to be a balance between what the IT people want both in terms of budget and security and actually getting things done. I haven’t met an IT department or outsourced vendor that can’t spend what I would call “all the money” on things they would like to do. They also often would like everything so locked down that almost nothing actually functions.

From where I sit there is a constant struggle between the two. With these crytpto lockers the key should be having strong backup and recovery versions you can revert to. If they skimped on that they deserve pain. The patching stuff is forgivable in my mind. You can’t always do it how the security experts might want.


See, there is the problem. You don't understand what they are telling you but you decide what they can and can't do. They are responsible for managing the risk but they have no authority to do so.

Popular Searches On Airliners.net

Top Photos of Last:   24 Hours  •  48 Hours  •  7 Days  •  30 Days  •  180 Days  •  365 Days  •  All Time

Military Aircraft Every type from fighters to helicopters from air forces around the globe

Classic Airliners Props and jets from the good old days

Flight Decks Views from inside the cockpit

Aircraft Cabins Passenger cabin shots showing seat arrangements as well as cargo aircraft interior

Cargo Aircraft Pictures of great freighter aircraft

Government Aircraft Aircraft flying government officials

Helicopters Our large helicopter section. Both military and civil versions

Blimps / Airships Everything from the Goodyear blimp to the Zeppelin

Night Photos Beautiful shots taken while the sun is below the horizon

Accidents Accident, incident and crash related photos

Air to Air Photos taken by airborne photographers of airborne aircraft

Special Paint Schemes Aircraft painted in beautiful and original liveries

Airport Overviews Airport overviews from the air or ground

Tails and Winglets Tail and Winglet closeups with beautiful airline logos