Boeing (NYSE:BA) Co., a leading name in the aerospace and defense industry, confirmed in October 2023 that its global services division's parts and distribution business was the target of a cyberattack. The attack mainly impacted its information systems and parts business. The company is now conducting an investigation in collaboration with law enforcement, regulatory bodies, and swift forensic investigations to address this security breach. Importantly, Boeing has assured that flight safety remains unaffected by the incident.
The cybercrime group Lockbit, known for its Russian affiliations and notorious for data encryption and decryption ransoms, claimed responsibility for the attack. Lockbit initially announced Boeing as their target on their dark web blog before removing the post, hinting at possible negotiations. Despite speculations around Lockbit's potential decline, Boeing's confirmation indicates their continued operations. This group has a notorious reputation for its modus operandi, which typically involves file-locking and demanding ransoms.
In line with this pattern, Lockbit posted a threat on the dark web, warning of a significant data leak if their ransom demand was not met by today's deadline. As part of its response to the incident, Boeing is prioritizing system restoration and maintaining business continuity while notifying customers and suppliers about this cybersecurity breach. However, details regarding any potential ransom payment have yet to be disclosed by the company.
Lockbit first appeared on Russian-language-based cybercrime forums in January 2020 and since then has executed over 1,700 attacks on U.S. organizations. The group was recognized as the most active global ransomware group last year and often announces its victims on its data leak blog.
While Boeing has not explicitly confirmed Lockbit's involvement in the attack, it has been scrutinizing a cyber incident since Wednesday after Lockbit claimed theft of extensive sensitive data from its parts and distribution business. The group threatened to leak this data online if a November 2 ransom deadline was not met. Despite these threats, Boeing continues to cooperate with law enforcement while maintaining flight safety integrity.
The incident coincided with the formation of an international alliance to combat ransomware threats, highlighting the global concern over such cybercrimes. This incident adds to Boeing's history of cyberattacks, including the 2018 WannaCry ransomware and an indirect targeting by DoppelPaymer ransomware in 2020. William Wright from Closed Door Security suggested the possibility of zero-day vulnerability exploitation, underlining the need for swift forensic investigations.
This article was generated with the support of AI and reviewed by an editor. For more information see our T&C.