This Content Is Only For Subscribers
On November 10, internal data from Boeing, a prominent defense and space contractor, was disclosed online by the Lockbit cybercrime group.
This organization employs a strategy of extorting victims by stealing and releasing data unless a ransom is paid. In October, the hackers had announced that they had acquired a substantial amount of sensitive data from Boeing and threatened to publish it online if a ransom was not paid by November 2.
According to Lockbit’s website, the Boeing data was released in the early hours of Friday, with the files mostly dating back to late October. Boeing acknowledged that certain elements of its parts and distribution business had experienced a cybersecurity incident.
The company stated that it is investigating the matter, collaborating with law enforcement and regulatory authorities, and communicating with potentially affected parties. While Boeing expressed confidence that the incident does not pose a threat to aircraft or flight safety, it did not comment on whether Lockbit had obtained defense or other sensitive data.
Lockbit ransomware, initially observed on Russian-language cybercrime forums in January 2020, has targeted organizations worldwide, including in the United States, India, and Brazil. Described as one of the most professional criminal gangs in the underground, Lockbit has impacted 1,700 U.S. organizations, as reported by the U.S. Cybersecurity and Infrastructure Security Agency (CISA).
Notably, on Thursday, the U.S. arm of the Industrial and Commercial Bank of China (ICBC) experienced a ransomware attack that disrupted trades in the U.S. Treasury market. While Lockbit is suspected to be behind this attack, the gang’s dark web page did not mention ICBC among its victims.
James Pearson reported on this development, with additional contributions from Tim Hepher in Paris and Valerie Insinna in Washington. The article was edited by Kirsten Donovan, David Evans, and Emelia Sithole-Matarise.