Boeing Investigates Sensitive Data Theft Claims of LockBit

This Friday, aerospace giant Boeing announced an investigation into the ransomware attack claims made by the notorious LockBit cybercrime gang.

According to the post by VX-Underground on X, the ransomware-as-a-service (RaaS) group added Boeing to their victim list, claiming to have stolen a significant amount of sensitive data from the firm.

The details of the stolen information or modus operandi was not revealed by the gang; however, it claimed to have accessed the data through its ransomware affiliate’s exploitation of a zero-day flaw.

It also issued a deadline of November 2, post which they threaten to release the data in the public domain. “Sensitive data was exfiltrated and ready to be published if Boeing does not contact within the deadline!” the post read. “For now we will not send lists or samples to protect the company BUT we will not keep it like that until the deadline,” the post continued.

Post the ransomware threat publication, Boeing was forced to issue a statement. “We are assessing this claim,” a Boeing spokeswoman told Reuters.

With a revenue of $66.6 billion, the US-headquartered aircraft and defense manufacturer employs more than 140,000 people worldwide.

First observed in 2020, in the US, the RaaS gang was one of the most active cybercrime groups in 2022, in terms of the number of victims’ names published on its website.

According to the US Cybersecurity and Infrastructure Security Agency (CISA), since it was first discovered, the group has conducted around 1,700 attacks in the US and earned an estimated ransom of $91 million from the country alone.

With its victims spread across multiple industries (infrastructure, financial services, food and agriculture, education, energy, government and emergency services, healthcare, manufacturing, and transportation), LockBit and its affiliates are also known to engage in secondary extortion techniques.