Cyber Incident Victim: The Boeing Company

On May 12, 2017, Boeing's commercial airplane production facility in Charleston, South Carolina, experienced a WannaCry ransomware infection that disrupted manufacturing operations. The attack prompted chief engineer Mike VanderWel to issue a company-wide memo declaring an "all hands on deck" emergency response. VanderWel's communication, obtained by the Seattle Times, indicated the malware was "metastasizing rapidly" from the North Charleston location with immediate concerns about critical 777 jet production systems. Specifically, automated spar assembly tools supporting 777 manufacturing were reported as potentially compromised. Boeing officials expressed additional concerns that the ransomware could propagate to equipment used for functional testing of aircraft, creating pathways for the infection to potentially spread to operational airplane software systems. The incident occurred during the global WannaCry outbreak that initially paralyzed UK healthcare systems and subsequently impacted over 150 countries.

The WannaCry ransomware exploited a critical vulnerability in Microsoft Windows operating systems, encrypting files and demanding cryptocurrency payments for decryption. While Microsoft had released security patches prior to the Boeing incident, unpatched systems remained vulnerable to infection. The malware's rapid propagation through Boeing's production network suggested possible lateral movement across connected industrial systems. The Trump administration formally attributed WannaCry to North Korea's cyber operations unit in December 2017, though this attribution occurred seven months after the Boeing incident. Boeing's containment efforts focused on preventing the ransomware from compromising flight-critical systems, though the Seattle Times report did not specify whether production delays or financial losses resulted. The event highlighted vulnerabilities in industrial control systems within aerospace manufacturing environments despite available security patches.