Boeing Production Taken Down By North Korean Computer Virus

The Seattle Times is reporting that Boeing was hit today with the WannaCry computer virus and that is may be inhibiting aircraft production.

Boeing was hit Wednesday by the WannaCry computer virus, raising fears within the company that it could cripple some vital airplane production equipment.

…“It is metastasizing rapidly out of North Charleston and I just heard 777 (automated spar assembly tools) may have gone down,” [Boeing Chief Engineer Mike] VanderWel wrote

…“We are on a call with just about every VP in Boeing,” VanderWel’s memo said.

The WannaCry virus came to prominence as a ransomware attack last May targeting Windows operating systems. It encrypted data and demanded bitcoin payments to unlock systems. It’s believed to have originated in North Korea, and the U.S. formally presented that claim in December.

Last year over 200,000 computers were infected causing potentially billions of dollars. The vulnerability was huge because — although the NSA had actually discovered it — they chose not to tell Microsoft about it, trying to keep it for themselves for their own offensive purposes. This despite the NSA having a mandate to protect the U.S. from cyberattack.

It’s unclear how Boeing became infected at this point, or how difficult a task it will be to use the ‘kill switch’ that prevented damage last year from being far worse.

Update: Boeing now says it won’t affect production.

About Gary Leff

Gary Leff is one of the foremost experts in the field of miles, points, and frequent business travel - a topic he has covered since 2002. Co-founder of frequent flyer community, emcee of the Freddie Awards, and named one of the "World's Top Travel Experts" by Conde' Nast Traveler (2010-Present) Gary has been a guest on most major news media, profiled in several top print publications, and published broadly on the topic of consumer loyalty. More About Gary »

More articles by Gary Leff »


  1. Is is certainly not “…unclear how Boeing became infected at this point…” – Some idiot clicked on a link in an email. Until companies wise up and remove the URL’s in email traffic, they will never stop this from happening because no matter how many times you warn your employees, there are always stupid ones.

    We remove the URL’s from all email – adding tags both before and after the now unclickable text with something similar – if they copy and paste that text to a browser and cause an issue, they are handed a pink slip and escorted from the facility.

  2. Over three decades as an IT auditor my personal experience has been that the idiot clicking the keyboard and activating a virus is often less of the problem that the architect who created the trusted system, failed to turn on security features, did not have the time to keep system patches up to date, failed to employ encryption in backups or have an adequate and tested contingency plan . Your system gods often have feet of clay.

  3. @alohadavekennedy – yeah, the backend systems may be configured poorly, no doubt.

    But it’s also likely that the human factor TRIGGERED the incident (e.g. a stupid employee clicked on a URL or opened an attachment despite being warned). I don’t think we’ve seen an example of a drive-by ransomware infection strike a company without human intervention.

  4. Having worked with some ex-Boeing IT professionals, I’m not in the least bit surprised. Like most large companies they have tons and tons of dead weight in their IT department, because anyone actually good gets poached to other companies for more money and better benefits.

Leave a Reply

Your email address will not be published. Required fields are marked *