Boeing said on March 28, 2018, it was hit by a cyberattack that some have identified as the infamous WannaCry ransomware. An internal memo obtained by the media states that the attack was ‘metastasizing rapidly’, possibly spreading to production systems and airline software. But the U.S. plane maker is downplaying the attack saying it was limited in scope and has been contained.

On March 28, 2018, a report by The Seattle Times stated that some of Boeing’s manufacturing equipment used in building its 787 Dreamliner and newest 777X jetliners could be crippled as a result of the cyberattack.

The report indicated that the potentially affected assembly lines include those of 787 Dreamliner’s Boeing South Carolina site in North Charleston, South Carolina, and the 777X Composite Wing Center in Everett, Washington.

In an internal memo, obtained by the press, Mike VanderWel, chief engineer of Boeing’s commercial airplane production, noted that the cyberattack was “metastizing” and that he was worried it could spread to Boeing’s production systems and airline software.

“It is metastasizing rapidly out of North Charleston and I just heard 777 (automated spar assembly tools) may have gone down,” VanderWel wrote.

According to The Seattle Times, the chief engineer said he was concerned that the malware would affect equipment used to test jetliners before they roll out of the factory for their initial flight and potentially “spread to airplane software.”

However, the U.S. plane maker said on March 28, 2018, its aircraft production lines and deliveries are not affected, Bloomberg reports. Boeing also states that some media reports on the cyberattack “are overstated and inaccurate”.

According to Linda Mills, a spokeswoman at Boeing commercial airplanes division, the company’s cybersecurity operations center “detected a limited intrusion of malware” that affected only “a small number of systems”. The situation was remedied, Mills said, adding that “this is not a production and delivery issue,” Reuters reports.

Some Boeing executives have identified the cyberattack as WannaCry ransomware, The New York Times writes. Boeing has declined to elaborate or confirm whether the attack was indeed WannaCry, and has not yet released an official statement on the issue. It is believed, however, that the issue has been contained.

In 2017, the same ransomware made news when it struck thousands of computer systems in over 70 countries around the world, compromising companies such as FedEx and Nissan Motor as well as disrupting parts of the U.K.’s National Health Service.