Lockbit Ransomware Claims U.S. DoD Contractor Boeing as its Latest Victim
Boeing is developing the next iteration of the presidential carrier Air Force One.
- Lockbit ransomware gang added Boeing to its list of victims on its dark web leak site.
- Boeing has been given a shortened deadline of six days to respond compared to the standard ten days that Lockbit usually provides.
Late last week, American aerospace major Boeing said it is investigating claims of a ransomware attack by the Lockbit ransomware gang, which added the company to its list of victims on its dark web leak site.
Lockbit has given the U.S. Department of Defense contractor a November 2 deadline to respond to its claims, lest the company wants to risk the alleged data being publicly leaked. “Sensitive data was exfiltrated and ready to be published if Boeing do not contact within the deadline!” noted Lockbit. Boeing’s deadline is notably shorter by four days compared to the standard ten days that Lockbit usually provides.
“For now we will not send lists or samples to protect the company BUT we will not keep it like that until the deadline,” the syndicate, which first emerged as the most active ransomware gang in 2022, added.
According to Trend Micro open-source intelligence, one in six ransomware attacks against U.S. government offices in 2022 were traced back to LockBit actors. Members of the ransomware gang seem to have been carrying forward the legacy, having victimized 522 organizations in Q1 2023, including the largest contract chipmaker – Taiwan Semiconductor Manufacturing Company (TSMC), according to Trend Micro.
See More: Officials Confirm Second Major Ransomware Bust of 2023
Between January 2020, when Lockbit first targeted an organization on U.S. soil, and June 2023, the cybercriminal entity has earned $91 million in ransomware proceeds, the Cybersecurity and Infrastructure Agency (CISA) revealed earlier this year.
The group is also the most actively engaged in ransomware through its ransomware-as-a-service (RaaS) operations in October, having targeted 72 organizations, according to Malwarebytes Labs. The cybersecurity company’s findings indicate that Lockbit continued to dominate the ransomware attack charts in Q3 2023, victimizing 237 organizations.
Details of the alleged exploit and infiltration into the company and the volume and type of data that was exfiltrated remain undisclosed. Malware sample aggregator vx-underground spoke with Lockbit admins, who claimed infiltration by exploiting a zero-day vulnerability.
Yesterday Lockbit ransomware group listed Boeing on their victims list. Boeing is a multinational American company with an estimated annual revenue of $66,610,000,000. They have over 150,000 employees worldwide. Boeing serves both the public and private sector.
We spoke with… pic.twitter.com/gOiGcdWpAk
— vx-underground (@vxunderground) October 28, 2023
A Boeing spokesperson told Reuters, “We are assessing this claim.”
Engaged in aerospace equipment and defense design and manufacturing, including commercial and military aircraft and missiles, Boeing can be a lucrative target for cybercriminals. The company is also developing the next iteration of the presidential carrier Air Force One.
How will the U.S. government respond against Lockbit for going after one of its contractors? Share with us on LinkedIn, X, or Facebook. We’d love to hear from you!
Image source: Shutterstock
MORE ON RANSOMWARE
