Lockbit Strikes Boeing: Lockbit, a well-known cybercrime group infamous for its extortion tactics involving the theft and subsequent release of sensitive data, recently targeted Boeing, a global giant in defense and space contracting. The group had previously issued a warning, claiming to possess a substantial amount of sensitive data from the aerospace company. Their ultimatum was clear: unless Boeing paid a ransom by November 2, they would expose the pilfered information.
On Friday, Lockbit made good on their threat, publishing Boeing’s internal data online. Although Reuters has not independently verified the files, they predominantly date back to late October, as per Lockbit’s website.
Boeing, in response, confirmed the occurrence of a cybersecurity incident, specifying that elements of its parts and distribution business were affected. The company acknowledged the release of information by the criminal ransomware actor and assured ongoing investigations. Boeing pledged cooperation with law enforcement, regulatory authorities, and potentially affected parties.
While the aerospace giant expressed confidence that the incident does not pose a direct threat to aircraft or flight safety, it refrained from providing details on whether sensitive defense-related data had been compromised by Lockbit.
Lockbit ransomware first emerged on Russian-language cybercrime forums in January 2020, swiftly making its mark across the globe. Cybersecurity firm Trend Micro characterized the group as “one of the most professional organized criminal gangs in the criminal underground.” Their extensive reach has targeted organizations in the United States, India, Brazil, and beyond.
According to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), Lockbit has successfully targeted approximately 1,700 U.S. organizations, underscoring the severity and widespread impact of their operations.
In a related incident, Lockbit is suspected to be behind a ransomware attack on the Industrial and Commercial Bank of China’s (ICBC) U.S. arm, causing disruptions in the U.S. Treasury market. Despite numerous ransomware experts and analysts attributing the ICBC attack to Lockbit, the group’s dark web page, where they typically list the names of victims, did not mention ICBC specifically. These incidents emphasize the urgent need for heightened cybersecurity measures and constant vigilance in the face of evolving cyber threats.