The IT Nerd

News has surfaced that the infamous LockBit ransomware gang is claiming to have pwned aircraft manufacturer Boeing:

Boeing said on Friday it was assessing a claim made by the Lockbit cybercrime gang that it had “a tremendous amount” of sensitive data stolen from the aerospace giant that it would dump online if Boeing didn’t pay ransom by Nov. 2.

The hacking group posted a countdown clock on its data leak website with a message saying, “Sensitive data was exfiltrated and ready to be published if Boeing do not contact within the deadline!”

“For now we will not send lists or samples to protect the company BUT we will not keep it like that until the deadline,” the hacking group said.

The hacking group typically deploys ransomware on a victim organization’s system to lock it up and also steals sensitive data for extortion.

“We are assessing this claim,” a Boeing spokeswoman said by email.

The claim by LockBit was also posted on Twitter:

Yesterday Lockbit ransomware group listed Boeing on their victims list. Boeing is a multinational American company with an estimated annual revenue of $66,610,000,000. They have over 150,000 employees worldwide. Boeing serves both the public and private sector.

We spoke with… pic.twitter.com/gOiGcdWpAk

— vx-underground (@vxunderground) October 28, 2023

IF this is true, this is likely the biggest victim that LockBit has had.

Ken Westin, Field CISO, Panther Labs had this to say:

This is another example of a Russian based threat group gaining access to potentially sensitive data.

Ransomware groups have been increasing their level of sophistication and capabilities, so no organization is safe from a potential ransomware incident. Even organizations with the best security posture and following best practices are still at risk. This compromise, along with the recent compromise of DC voter data via DataNet Systems by RansomVC, raises national security concerns as often times these groups not only encrypt the data, but also exfiltrate it. LockBit is a predominantly Russian speaking ransomware group believed to be operating out of Russia with ties to the Russian government. Data from Boeing can be very valuable to foreign governments, particularly their “Defense, Space & Security” division. The scope of the breach has not been announced so it’s not clear if data from this division was compromised, but it could be a threat.

This is a story to keep an eye on because I am sure that we will find out what the truth is in the coming days.

This entry was posted on October 29, 2023 at 8:54 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.