Ransomware

Boeing Investigating Ransomware Attack Claims

The LockBit ransomware gang claims to have stolen large amounts of data from aerospace giant Boeing.

October 30, 2023

Boeing is investigating recent claims made by the LockBit ransomware gang that large amounts of data were exfiltrated from the aerospace giant’s network.

An entry added to the cybercrime group’s leak site on Friday alleges that sensitive data was stolen from the company, threatening to publish it unless Boeing contacts the gang to negotiate a ransom.

“A tremendous amount of sensitive data was exfiltrated and ready to be published if Boeing do not contact within the deadline,” the post reads.

The LockBit ransomware group has not shared samples of the allegedly stolen data, supposedly to protect the manufacturer.

Boeing has launched an investigation into the matter, but has yet to confirm a potential compromise or share any details on the incident.

“We are assessing this claim,” Boeing said, responding to a SecurityWeek inquiry on the matter.

LockBit has been active since at least 2020, operating under the ransomware-as-a-service (RaaS) business model, with several major versions of its malware identified to date.

LockBit affiliates have been seen targeting organizations in critical infrastructure, energy, government, financial services, food and agriculture, healthcare, manufacturing, and other sectors.

Used in one-fifth of the ransomware attacks observed in Australia, Canada, New Zealand, and the US last year, LockBit is believed to have launched approximately 1,700 attacks against US entities and to have received roughly $91 million in ransom payments from them.

Advertisement. Scroll to continue reading.

The cybercrime gang is known for listing on its leak site the names of victims that refuse to pay up and has been observed engaging in secondary extortion after compromising a third-party provider.

The group typically uses freeware and open source tools in attacks, and is also known for exploiting numerous vulnerabilities, including newly reported ones.

Written By Ionut Arghire

Ionut Arghire is an international correspondent for SecurityWeek.

Latest News

Virtual Event: Cyber AI & Automation Summit

Wednesday, December 6, 2023

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.

Virtual Event: Cyber Insurance & Liability Summit

Wednesday, January 17, 2024

As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.

Five Cybersecurity Predictions for 2024

Cybersecurity predictions for 2024 to help security professionals in prioritizing efforts to navigate the ever-changing threat landscape. (Torsten George)

Humans Are Notoriously Bad at Assessing Risk

When too much subjectivity is mixed into risk assessment, it can produce a risk picture that is not an accurate representation of reality. (Joshua Goldfarb)

5 Steps to Assessing Risk Profiles of Third-Party SSE Platforms

It's crucial to thoroughly assess the risk profiles of various SSE platforms and weigh their suitability against their organization's risk tolerance before adopting SSE. (Etay Maor)

Threat Intel: To Share or Not to Share is Not the Question

To share or not to share threat intelligence isn’t the question. It’s how to share, what to share, where and with whom. (Marc Solomon)

Addressing the State of AI’s Impact on Cyber Disinformation/Misinformation

By embracing a strategy that combines technological advancements with critical thinking skills, collaboration, and a culture of continuous learning, organizations can safeguard against AI's disruptive effects. (Rik Ferguson)