Share this
by Barry McIntyre on (October 30, 2023 at 12:14 AM)
The notorious LockBit ransomware gang has claimed yet another high-profile victim, The Boeing Company, a prominent global aerospace manufacturer and US military contractor. The multinational American company with an annual revenue of $73 billion, has a vast workforce of over 150,000 employees worldwide.
In response to the claims made by the LockBit ransomware group, Boeing said it was assessing a claim made by the Lockbit cybercrime gang.
Image source: https://twitter.com/vxunderground/status/1718243288287764803/photo/1
LockBit, the Russian-linked ransomware group, wasted no time in escalating the situation, setting a deadline for Boeing to contact them. The group demanded that Boeing reach out to them by November 2nd, at precisely 1:23 pm UTC, failing which they threatened to publish an immense volume of sensitive data.
While LockBit asserted their willingness to protect the company by withholding data temporarily, they were clear that this would only continue until the aforementioned deadline, after which they vowed to publish all available data.
Access Gained Through a Zero-day Exploit
The VX underground, a platform known for tracking and reporting on cyber threats, shared details about the attack on Boeing. VX underground reported that LockBit ransomware group administrators indicated they had not yet engaged with a representative from Boeing. LockBit's administrative staff refrained from divulging specific information about the breach, such as the duration of their access to Boeing's systems, the extent of data exfiltrated, and the nature of the stolen data.
LockBit ransomware group claimed that they gained access to Boeing through a zero-day exploit, a type of software vulnerability that is unknown to the vendor and therefore unpatched. However, they did not provide additional details about this exploit, making it challenging to verify the legitimacy of their claim.
An interesting point of contention is the timeline given by LockBit to Boeing for initiating negotiations. Typically, victims of the group are granted ten days or more to establish contact with the cybercriminals. In Boeing's case, LockBit allowed less than six days, signaling a sense of urgency on their part.
It is vital to note that LockBit ransomware has not disclosed the quantity of data they allegedly exfiltrated from Boeing - the hacking group stated "a tremendous amount". Boeing's size and significance in the aerospace and defense industry make the potential breach a matter of great concern.