Boeing (BA) has confirmed a cybersecurity breach after the notorious ransomware gang Lockbit published internal data allegedly stolen from the aerospace leader. Lockbit had previously threatened to release sensitive data if their demands for ransom were not met by November 2. On Friday, the group claimed to have followed through on its threat by posting what it purports to be Boeing's data. While Boeing has not confirmed the specific nature of the data, it has acknowledged a cyber incident within its parts and distribution sector, reassuring that the breach does not compromise aircraft or flight safety.
The files released by Lockbit, which date back to late October, have not been independently verified by Reuters. However, their publication marks another instance of the increasing threat posed by ransomware attacks on critical sectors. Boeing, while taking the breach seriously, has yet to disclose whether the data includes defense or other highly sensitive information. The company has committed to ongoing investigations, cooperating with law enforcement, and notifying potentially impacted parties.
Lockbit's ransomware has become a global concern, with the U.S., India, and Brazil being common targets. Cybersecurity firm Trend Micro has identified the group as one of the most professionally organized criminal operations in the cybercrime underworld. According to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), Lockbit has affected approximately 1,700 U.S. organizations, demonstrating its pervasive reach and the growing challenge of ransomware in cybersecurity.
The incident at Boeing follows closely on the heels of a similar ransomware attack on the U.S. arm of the Industrial and Commercial Bank of China (ICBC), which caused significant disruptions in the U.S. Treasury market. While Lockbit's direct involvement in the ICBC attack has not been confirmed, experts suspect the group's hand, although no official claim has been made on its dark web page.
