LockBit, a notorious ransomware gang, has recently set its sights on the aerospace giant Boeing, initiating a double extortion attack and threatening to unveil stolen data on or after November 2, 2023. In a brazen move, the criminal group has publicly disclosed that they’ve gained access to sensitive company information and are prepared to auction off this valuable data unless Boeing’s IT department complies with their demand for a multimillion-dollar ransom.
According to the United States Cybersecurity and Infrastructure Security Agency (CISA), LockBit stands out as one of the most active Russian-speaking cybercriminal organizations in 2023. Their audacious exploits have targeted over 1,700 American multinational corporations, accumulating an astonishing $93 million in ill-gotten gains from January 2020 to January 2023.
Boeing, a prominent commercial aircraft manufacturer, has not yet officially responded to LockBit’s claims. However, the company has pledged to provide a comprehensive update by the coming weekend, citing ongoing internal investigations as the reason for the delay.
This incident is reminiscent of LockBit’s earlier breach of the technology firm CDW in August of this year. The breach may have led to the exposure of additional data belonging to CDW’s clients and partners, with Boeing potentially being among the affected parties, now ensnared in a ransomware quagmire.
Boeing, known for its role in designing, manufacturing, and distributing airplanes, rotorcraft, satellites, telecom equipment, and missiles worldwide, also provides critical product support services to numerous government defense contractors across the globe.
The extent and nature of the data in the possession of the LockBit criminal gang remain uncertain. The full scope of the breach may only become apparent when the group decides to release a selection of screenshots or other evidence of their ill-gotten information.
