Boeing confirms cyberattack amid LockBit ransomware claims

Aerospace giant Boeing is investigating a cyberattack that impacted its parts and distribution business after the LockBit ransomware gang claimed that they breached the company's network and stole data.

Boeing says the incident did not impact flight safety and confirmed collaboration with law enforcement and regulatory agencies as part of an ongoing investigation.

The Boeing services website is currently down with a message saying the ongoing outage is caused by "technical issues."

"We are aware of a cyber incident impacting elements of our parts and distribution business. This issue does not affect flight safety," Boeing told BleepingComputer.

"We are actively investigating the incident and coordinating with law enforcement and regulatory authorities. We are notifying our customers and suppliers."

This statement comes after a spokesperson told BleepingComputer the company is "assessing" LockBit's claims that they breached Boeing's network to steal data.

Boeing services website down (BleepingComputer)

The ransomware gang said on Friday that they allegedly breached Boeing's network and stole a significant amount of sensitive information that they would leak online five days later if the airplane maker didn't reach out before the deadline.

While Boeing has yet to confirm a leak between LockBit's claims and the incident that has affected some of its systems, the data leak page on the cybercrime operation's dark web site has now been removed.

"A tremendous amount of sensitive data was exfiltrated and ready to be published if Boeing do not contact within the deadline," the gang's message read before being removed.

"For now we will not send lists or samples to protect the company BUT we will not keep it like that until the deadline."

This commonly happens when victims either start negotiating a ransom payment with the ransomware gang or if they've already paid to stop stolen files from being published online and to get a decryptor tool.

Boeing page on LockBit data leak site (BleepingComputer)

The LockBit ransomware-as-a-service (RaaS) operation surfaced in September 2019, with notable victims including the Continental automotive giant, the UK Royal Mail, the Italian Internal Revenue Service, and the City of Oakland.

Cybersecurity authorities from the United States and worldwide revealed in a joint advisory in June that the ransomware operation has extorted at least $91 million from U.S. organizations after approximately 1,700 attacks since 2020.

Boeing is one of the largest aerospace and defense companies that employs over 140,000 people across the United States and 65 countries worldwide.

It develops, manufactures, and services commercial airplanes, defense products, and space systems for customers across over 150 countries.

Source