Boeing Confirms That It Was Pwned By LockBit

Last week I posted a story on the fact that there was chatter that Boeing was pwned in a ransomware attack perpetrated by LockBit . Today Reuters is reporting that they have actually have been pwned by LockBit:

Boeing (BA.N), one of the world’s largest defense and space contractors, said on Wednesday it was investigating a cyber incident that impacted elements of its parts and distribution business and cooperating with a law enforcement probe into it.

Boeing acknowledged the incident days after the Lockbit cybercrime gang said on Friday it had stolen “a tremendous amount” of sensitive data from the U.S. planemaker that it would dump online if Boeing didn’t pay ransom by Nov. 2.

The Lockbit threat was no longer on the gang’s website as of Wednesday, and it didn’t immediately respond to a request for comment. Boeing declined to comment on whether Lockbit was behind the cyber incident it disclosed.

“This issue does not affect flight safety,” a Boeing spokesperson said. “We are actively investigating the incident and coordinating with law enforcement and regulatory authorities. We are notifying our customers and suppliers.”

Anurag Gurtu (he/him), CPO, StrikeReady had this comment:

In light of Boeing’s confirmation of a system compromise by the LockBit ransomware group, this incident highlights the escalating challenges that corporations face in the digital age. The breach into Boeing’s parts and distribution systems signifies a serious concern for both operational security and potentially wider supply chain implications. It’s imperative that industries, especially those involved with critical infrastructure, prioritize robust cybersecurity frameworks that include real-time monitoring, rapid response capabilities, and resilience planning to counteract such inevitable threats. Additionally, the importance of collaborating with government and private cybersecurity entities to address and mitigate these risks cannot be overstressed. This event should catalyze a unified effort to enhance security measures across all sectors.

At least Boeing is being somewhat honest about being pwned. But clearly there are questions that Boeing will have to answer. And I for one look forward to getting a lot more details about this hack and what Boeing is going to do to not get pwned again.

Leave a Reply

%d bloggers like this: