A significant cybersecurity incident has thrust aerospace giant Boeing into the spotlight
as the LockBit ransomware group publicly claimed responsibility for a breach. Boeing has officially acknowledged the incident, emphasizing that it impacts specific areas within their parts and distribution business, with no implications for Boeing flight safety. The company has promptly initiated an investigation and is closely coordinating with law enforcement and regulatory bodies while ensuring customers and suppliers are kept informed.
This confirmation arrives on the heels of the audacious LockBit ransomware gang’s bold admission of targeting Boeing. A recent U.S. government advisory reveals that LockBit has been active since late 2019, Boeing compromising approximately 1,800 victim systems across the United States and globally.
LockBit heightened the stakes by demanding a substantial ransom by November 2 and warning that they possessed a trove of sensitive Boeing data, which would be disclosed if their demands were not met. The removal of the listing from LockBit’s website, a tactic employed by ransomware groups to pressure organizations into complying, raises questions about potential negotiations or partial ransom payment.
Boeing remains tight-lipped when questioned about ransom demands or payments. It is critical to note that the U.S. government has previously sanctioned Evil Corp, an alleged LockBit ransomware group affiliate, making it illegal to pay these hackers. Any payment to sanctioned hacking groups or ransomware gangs is a direct violation of U.S. law.
In a twist of events, the malware research group VX-Underground reported that LockBit had not directly contacted Boeing as of October 28. LockBit’s representative also remained silent about the extent and nature of the alleged data theft.
Boeing, a multinational American corporation with an estimated annual revenue of $66.61 billion and a global workforce exceeding 150,000, plays a pivotal role in both public and private sectors.
While Boeing has refrained from sharing details about the breach’s origin, they have not denied the possibility of data exfiltration. Notably, Boeing subsidiary Jeppesen, offering navigational information, operational planning tools, and flight planning products, experienced a cybersecurity incident last year that disrupted flight planning processes.
