Wednesday, March 28, 2018

Meanwhile, some crazy cyber shit is happening



I thought it was because of the proximity to a naval base, but did I not say at the time that it seemed silly considering the fact that so much attacking these days goes on through cyberspace?  Why yes, I believe I did.
Why Seattle? Is it the Russian consulate in the US closest to Russia? Can they see Russia from their front porch? 

The officials said that the closure of the consulate in Seattle was ordered because of its proximity to a U.S. naval base.
[...]
“Today’s actions make the United States safer by reducing Russia’s ability to spy on Americans and to conduct covert operations that threaten America’s national security,” the White House said in a statement.
Except spying in the age of cyber hacking seems to be the currently preferred method. They can do that from anywhere.

  YWA
Anyway, Boeing headquarters is indeed in Seattle.
Boeing was hit by the WannaCry computer virus Wednesday, initially raising fears within the company that airplane production could be affected. Later Boeing played down the impact and called it a “limited intrusion” with production unaffected.

[...]

After the cyberattack struck, Mike VanderWel, chief engineer at Boeing Commercial Airplane production engineering, sent out an alarming memo calling for “All hands on deck.”

“It is metastasizing rapidly out of North Charleston and I just heard 777 (automated spar assembly tools) may have gone down,” VanderWel wrote, adding his concern that the virus could hit equipment used in functional tests of airplanes ready to roll out and potentially “spread to airplane software.”

Late Wednesday afternoon, however, Boeing issued a statement dialing back those fears.

“Our cybersecurity operations center detected a limited intrusion of malware that affected a small number of systems,” Boeing said. “Remediations were applied and this is not a production and delivery issue.”

  Seattle Times
But they would, wouldn't they?
The WannaCry virus, which exploits a flaw in Windows software to gain access to a network, attacks computers using “ransomware.”

It was designed to lock users out of their data by encrypting files until they pay a fee, sometimes in cryptocurrency, or other type of ransom.

Ransomware attacks have increased in recent years. The city of Atlanta experienced a five-day ransomware attack that was mostly fixed by Tuesday.

[...]

Jake Williams, founder of cybersecurity consultancy Rendition Infosec, said the ransomware part of the WannaCry virus is broken and there’s actually no way to pay a ransom that will retrieve files once encrypted.

[...]

Microsoft issued patches to plug the vulnerability [after worldwide attacks by the virus in May 2017]. However, Corey Nachreiner, chief technology officer of Seattle security technology firm WatchGuard Technologies, said some companies with specialized equipment don’t update very often for fear their custom-built systems will be in danger.

[...]

Mitchell Edwards, a Dallas, Texas-based cyberthreat intelligence analyst, said that although a so-called “kill switch” fix for the WannaCry virus was quickly developed, other hackers were also quick to produce WannaCry variants that could defeat the fix.

He said the virus used to attack Boeing was unlikely to be the original WannaCry virus but an updated version.

[...]

He said the virus is unlikely to have had a big impact on production.

“Obviously, Boeing isn’t going to be running its entire production network on Windows,” he said. “I hope not. So it’s likely a limited infection.”
"I hope not."
Williams of Rendition Infosec was less optimistic about that.

He said he knows of three manufacturing companies, two of them now his clients in the U.S., that suffered production stoppages due to WannaCry infections in the last six months.

He said one plant was down for 24 hours, another for 96 hours. In both cases, configuration files that controlled machines were lost and systems had to be re-installed from scratch before production could restart.

[...]

“Tons of manufacturing equipment runs on Windows. I was surprised,” said Williams.

[...]

Once the Boeing cyberattack news broke, some on social media raised the “nightmare scenario” of the virus infecting an airplane’s control software and possibly triggering a ransomware demand while in the air.

Edwards dismissed this as “hysteria.” Nachreiner and Williams agreed.

“I don’t think that’s realistic,” said Williams. “I don’t think any of Boeing’s planes or any aircraft anywhere run Embedded Windows. It’s not suitable for applications that require consistent, real-time availability without delay because lives depend on it.”
I hope not.


Must be that infrastructure week Trump's always talking about.

P.S.:
The consulate in Seattle is being shuttered because of its proximity to a U.S. submarine base and Boeing's operations there, a senior administration official said. The consulate must close by April 2.

  NPR
...but hey, do what you want...you will anyway.

No comments: