Ransomware

Boeing Investigating Ransomware Attack Claims

The LockBit ransomware gang claims to have stolen large amounts of data from aerospace giant Boeing.

October 30, 2023

Boeing is investigating recent claims made by the LockBit ransomware gang that large amounts of data were exfiltrated from the aerospace giant’s network.

An entry added to the cybercrime group’s leak site on Friday alleges that sensitive data was stolen from the company, threatening to publish it unless Boeing contacts the gang to negotiate a ransom.

“A tremendous amount of sensitive data was exfiltrated and ready to be published if Boeing do not contact within the deadline,” the post reads.

The LockBit ransomware group has not shared samples of the allegedly stolen data, supposedly to protect the manufacturer.

Boeing has launched an investigation into the matter, but has yet to confirm a potential compromise or share any details on the incident.

“We are assessing this claim,” Boeing said, responding to a SecurityWeek inquiry on the matter.

LockBit has been active since at least 2020, operating under the ransomware-as-a-service (RaaS) business model, with several major versions of its malware identified to date.

LockBit affiliates have been seen targeting organizations in critical infrastructure, energy, government, financial services, food and agriculture, healthcare, manufacturing, and other sectors.

Used in one-fifth of the ransomware attacks observed in Australia, Canada, New Zealand, and the US last year, LockBit is believed to have launched approximately 1,700 attacks against US entities and to have received roughly $91 million in ransom payments from them.

Advertisement. Scroll to continue reading.

The cybercrime gang is known for listing on its leak site the names of victims that refuse to pay up and has been observed engaging in secondary extortion after compromising a third-party provider.

The group typically uses freeware and open source tools in attacks, and is also known for exploiting numerous vulnerabilities, including newly reported ones.

Written By Ionut Arghire

Ionut Arghire is an international correspondent for SecurityWeek.

Latest News

CIEM Chat: How to Reduce Cloud Identity Risk

March 26, 2024

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Virtual Event: Ransomware Resilience & Recovery Summit

April 17, 2024

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Why Using Microsoft Copilot Could Amplify Existing Data Quality and Privacy Issues

Microsoft provides an easy and logical first step into GenAI for many organizations, but beware of the pitfalls. (Alastair Paterson)

Beyond the Buzz: Rethinking Alcohol as a Cybersecurity Bonding Ritual

Jennifer Leggio makes the case for more alcohol-free networking events at conferences, and community-building opportunities for sober individuals working in cybersecurity. (Jennifer Leggio)

Navigating Vendor Speak: A Security Practitioner’s Guide to Seeing Through the Jargon

As a security industry, we need to focus our energies on those professionals among us who know how to walk the walk. (Joshua Goldfarb)

SD-WAN: Don’t Build a Dead End, Prepare for Future-Proof Secure Networking

SD-WAN must be scalable, stable, secure, and fully operational to serve as a strong base for seamless modernization and progression to SASE. (Etay Maor)

You Against the World: The Offenders Dilemma

Foreign attackers have many more toolsets at their disposal, so we need to make sure we’re selective about our modeling, preparation and how we assess and fortify ourselves. (Tom Eston)

Cybercrime

Cyber Insights 2023 | Ransomware

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Kevin TownsendFebruary 2, 2023

Ransomware

SaaS Ransomware Attack Hit Sharepoint Online Without Using a Compromised Endpoint

A SaaS ransomware attack against a company’s Sharepoint Online was done without using a compromised endpoint.

Kevin TownsendJune 9, 2023

Cybercrime

Dish Network Says Outage Caused by Ransomware Attack

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Eduard KovacsMarch 1, 2023

Data Breaches

Sony Confirms Data Stolen in Two Recent Hacker Attacks

Sony shares information on the impact of two recent unrelated hacker attacks carried out by known ransomware groups.

Eduard KovacsOctober 5, 2023

Ransomware

GoAnywhere Zero-Day Attack Hits Major Orgs

Several major organizations are confirming impact from the latest zero-day exploits hitting Fortra's GoAnywhere software.

Ionut ArghireMarch 27, 2023

Data Breaches

Yum Brands Discloses Data Breach Following Ransomware Attack

KFC and Taco Bell parent company Yum Brands says personal information was compromised in a January 2023 ransomware attack.

Ionut ArghireApril 11, 2023

Ransomware

Ransomware Group Files SEC Complaint Over Victim’s Failure to Disclose Data Breach

Alphv/BlackCat ransomware group files SEC complaint against MeridianLink over its failure to disclose an alleged data breach caused by the hackers.

Eduard KovacsNovember 16, 2023

Ransomware

Johnson Controls Hit by Ransomware

Johnson Controls has confirmed being hit by a disruptive cyberattack, with a ransomware group claiming to have stolen 27Tb of information from the company.

Eduard KovacsSeptember 29, 2023

SECURITYWEEK NETWORK:

ICS:

SecurityWeek

Ransomware

Boeing Investigating Ransomware Attack Claims

More from Ionut Arghire

Latest News

Trending

CIEM Chat: How to Reduce Cloud Identity Risk

Virtual Event: Ransomware Resilience & Recovery Summit

People on the Move

Expert Insights

Why Using Microsoft Copilot Could Amplify Existing Data Quality and Privacy Issues

Beyond the Buzz: Rethinking Alcohol as a Cybersecurity Bonding Ritual

Navigating Vendor Speak: A Security Practitioner’s Guide to Seeing Through the Jargon

SD-WAN: Don’t Build a Dead End, Prepare for Future-Proof Secure Networking

You Against the World: The Offenders Dilemma

Related Content

Cybercrime

Cyber Insights 2023 | Ransomware

Ransomware

SaaS Ransomware Attack Hit Sharepoint Online Without Using a Compromised Endpoint

Cybercrime

Dish Network Says Outage Caused by Ransomware Attack

Data Breaches

Sony Confirms Data Stolen in Two Recent Hacker Attacks

Ransomware

GoAnywhere Zero-Day Attack Hits Major Orgs

Data Breaches

Yum Brands Discloses Data Breach Following Ransomware Attack

Ransomware

Ransomware Group Files SEC Complaint Over Victim’s Failure to Disclose Data Breach

Ransomware

Johnson Controls Hit by Ransomware

SECURITYWEEK NETWORK:

ICS:

More from Ionut Arghire

Latest News

Trending

Daily Briefing Newsletter

CIEM Chat: How to Reduce Cloud Identity Risk

Virtual Event: Ransomware Resilience & Recovery Summit

People on the Move

Expert Insights

Why Using Microsoft Copilot Could Amplify Existing Data Quality and Privacy Issues

Beyond the Buzz: Rethinking Alcohol as a Cybersecurity Bonding Ritual

Navigating Vendor Speak: A Security Practitioner’s Guide to Seeing Through the Jargon

SD-WAN: Don’t Build a Dead End, Prepare for Future-Proof Secure Networking

You Against the World: The Offenders Dilemma

Related Content

Cybercrime

Cyber Insights 2023 | Ransomware

Ransomware

SaaS Ransomware Attack Hit Sharepoint Online Without Using a Compromised Endpoint

Cybercrime

Dish Network Says Outage Caused by Ransomware Attack

Data Breaches

Sony Confirms Data Stolen in Two Recent Hacker Attacks

Ransomware

GoAnywhere Zero-Day Attack Hits Major Orgs

Data Breaches

Yum Brands Discloses Data Breach Following Ransomware Attack

Ransomware

Ransomware Group Files SEC Complaint Over Victim’s Failure to Disclose Data Breach

Ransomware

Johnson Controls Hit by Ransomware