December 2, 2023

Airplane maker Boeing mentioned it’s investigating information leaked by a distinguished Russia-based ransomware gang that was allegedly stolen from the corporate.

Two weeks in the past, the aviation manufacturing big confirmed that its components and distribution enterprise was affected by a cyberattack.

On Friday, the LockBit ransomware gang published 50GB of knowledge it allegedly stole from the corporate after days of including and eradicating the corporate from its leak website. The gang made a number of unverified claims that it was negotiating a ransom with Boeing earlier than talks fell by way of.

In an announcement to Recorded Future Information on Monday, Boeing mentioned it might notify anybody whose info could have been leaked.

“Components of Boeing’s components and distribution enterprise not too long ago skilled a cybersecurity incident. We’re conscious that, in reference to this incident, a felony ransomware actor has launched info it alleges to have taken from our methods,” a spokesperson mentioned.

“We proceed to analyze the incident and can stay in touch with regulation enforcement, regulatory authorities, and probably impacted events, as applicable. We stay assured this incident poses no menace to plane or flight security.”

Knowledge shared by LockBit actors signifies the group could have exploited CVE-2023-4966 — a not too long ago disclosed vulnerability identified colloquially as “Citrix Bleed” — in its assault on Boeing.

A number of cybersecurity specialists praised Boeing for not buckling and paying the ransom.

“Refusing to pay a ransom is the fitting factor to do. If everybody adopted Boeing’s path, ransomware ROI would turn out to be an uneconomical vector, and finally stop to exist,” mentioned Coro co-founder Dror Liwer.

LockBit continues to trigger untold harm to organizations internationally, far outpacing every other ransomware gang by way of assaults launched. Final week, the Querétaro Intercontinental Airport confirmed it was coping with a cyberattack the identical LockBit ransomware hackers claimed to have focused the airport.

The gang surpassed 2,000 assaults in latest months placing it greater than 1,000 assaults forward of the subsequent closest group in accordance with statistics from Recorded Future.

Get extra insights with the

Recorded Future

Intelligence Cloud.

Study extra.

No earlier article

No new articles

Jonathan Greig

Jonathan Greig is a Breaking Information Reporter at Recorded Future Information. Jonathan has labored throughout the globe as a journalist since 2014. Earlier than shifting again to New York Metropolis, he labored for information shops in South Africa, Jordan and Cambodia. He beforehand lined cybersecurity at ZDNet and TechRepublic.