Boeing is allegedly negotiating with cybercriminals to prevent the leak of sensitive data stolen in a targeted attack on the aerospace and defense contractor.
The aero giant, which designs and manufactures airplanes, rockets, satellites, and military equipment including missiles, said Wednesday it was investigating a cyber-incident at its parts and distribution branch.
Days after the incident came to light, LockBit ransomware operators said they had stolen “a tremendous amount” of sensitive data, and threatened to dump it online if Boeing didn't pay ransom by Nov. 2, Reuters reports.
“We are aware of a cyber incident impacting elements of our parts and distribution business. This issue does not affect flight safety,” the planemaker relayed to enquiring news outlets. “We are actively investigating the incident and coordinating with law enforcement and regulatory authorities. We are notifying our customers and suppliers.”
LockBit has since removed Boeing from its leak site, suggesting negotiations are underway between the company and its attackers. According to infosec collective vx-underground, that’s exactly what’s happening at the moment.
“We keep getting pinged. Yes, Boeing has been removed from Lockbit ransomware groups website,” according to a post on X by the malware platform. “Lockbit administrative staff informed us they removed Boeing because negotiations have begun.”
Boeing was also a target in the global WannaCry ransomware pandemic in 2018, but it recovered relatively unscathed, unlike other major industries.
LockBit is one of the most prolific cybercrime enterprises in the world, having extorted more than $90 million from organizations in the US alone in around 1,700 attacks since 2020, according to a report issued by the Cybersecurity and Infrastructure Security Agency (CISA) in June this year.
Considering the heightened tensions in Ukraine and the Middle East, the attack on Boeing – which produces both aircraft and missiles, parts or in whole – may have political undertones and not just financial motivations.
tags
Filip has 15 years of experience in technology journalism. In recent years, he has turned his focus to cybersecurity in his role as Information Security Analyst at Bitdefender.
View all postsDecember 24, 2024
December 19, 2024
November 14, 2024