One of the most significant military and space contractors in the world, Boeing (BA.N.), announced on Wednesday that it was looking into a cyber event that affected some of its components and distribution operations and that it was assisting with a law enforcement investigation into it.
Days after the Lockbit cybercrime group said on Friday that it had taken “a tremendous amount” of confidential information from the American aircraft manufacturer and threatened to post it online if Boeing failed to pay a ransom by November 2, Boeing confirmed the issue.
As of Wednesday, the gang’s website no longer included the Lockbit threat, and it didn’t immediately reply to a request for comment. Regarding whether Lockbit was responsible for the cyberattack, it was revealed that Boeing remained silent.
“Flight safety is unaffected by this issue,” a Boeing representative stated. “We are working with law enforcement and regulatory agencies while conducting an intensive investigation into the situation. We are informing our suppliers and clients.”
Boeing’s 2022 annual report states that the company’s parts and distribution division, a component of its Global Services division, offers material and logistical assistance to its clients. On Wednesday, a notice referring to technical difficulties was shown on several pages of the company’s official website that contained details on the Global Services business.
The site stated, “We anticipate the site to be back up shortly.” The U.S. Cybersecurity and Infrastructure Security Agency (CISA) reports that Lockbit, which has affected 1,700 U.S. firms since 2020, was the most active worldwide ransomware gang in terms of victims last year. The hacking gang usually locks down a victim organization’s system with ransomware and steals confidential information for extortion.
What information Lockbit may have taken from the business is unknown. While companies may pay cybercriminal gangs when they demand ransom, Brett Callow, a ransomware specialist and threat analyst at the cybersecurity company Emsisoft, noted that this does not ensure that data is not disclosed.
“Paying the ransom would simply elicit a pinky promise from LockBit that they would destroy whatever data they obtained,” Callow stated. “There would, however, be no way of knowing for sure that they actually had.”
He went on to say that it would be “extremely problematic” to lose knowledge of the military. Boeing refrained from commenting on whether the cyber intrusion had affected any data about defense. When asked for comment on the Boeing remark, the CISA did not get back to me right away.