The LockBit ransomware gang has made public data pilfered from Boeing, a major player in the aerospace industry servicing both commercial aeroplanes and defense systems. Prior to the data leak, LockBit hackers had warned Boeing about the impending release of data, even threatening to disclose a 4GB sample of the most recent files.
LockBit ransomware successfully leaked over 43GB of files from Boeing after the aerospace company refused to comply with the ransom demands. Most of the data available on the hacker group’s leak site comprises backups for various systems, with the most recent backups timestamped as of October 22.
On October 27, LockBit posted Boeing on their site and set a November 2nd deadline for the company to initiate negotiations. The hackers emphasized that they had acquired a substantial amount of sensitive data and were prepared to publish it. Although Boeing briefly disappeared from LockBit’s victim list, it reappeared on November 7, as the hackers declared that their warnings had gone unheeded.
With Boeing maintaining silence, the LockBit ransomware gang decided to exhibit their bargaining power. They threatened to release approximately 4GB of sample data, emphasizing that this was just a fraction of what they possessed. The hackers warned of publishing databases if positive cooperation from Boeing was not forthcoming.
On November 10, LockBit fulfilled its threat by releasing all the data it had obtained from Boeing. This included configuration backups for IT management software and logs for monitoring and auditing tools. The listing of backups from Citrix appliances sparked speculation about the potential use of the recently disclosed Citrix Bleed vulnerability (CVE-2023-4966), for which the exploit code was published on October 24.
While Boeing acknowledged the cyberattack, the company refrained from providing details regarding the incident or how the hackers infiltrated their network. LockBit recognized as one of the most resilient ransomware-as-a-service (RaaS) operations, has been active for over four years, victimizing thousands across various sectors.
LockBit’s impact extends internationally, with victims including the Continental automotive giant, the UK Royal Mail, the Italian Internal Revenue Service, and the City of Oakland. In June, the U.S. government revealed that the gang had extorted approximately $91 million since 2020 through close to 1,700 attacks on various organizations. Additionally, in August, the Spanish National Police warned about a phishing campaign targeting architecture firms in Spain, aiming to encrypt systems using LockBit’s locker malware.
It is also to be noted that on September 2023, Ransomware group LockBit attacked Pelmorex Corp., the parent company of The Weather Network and on September 2021, Bangkok Airways was also a victim of the LockBit ransomware attack.
Explore the top 5 best Microsoft Intune alternatives, comparing key features, user reviews, and capabilities…
Discover the top 7 smartphones of 2024 with best security features, offering privacy, performance, and…
Discover the top 11 log management tools for efficient system management and monitoring. Learn about…
Explore the top 5 threat intelligence tools, their features, and how they enhance cybersecurity against…
Explore the top 5 best PAM Tools, market trends, and expert insights to secure the…
Explore the top solutions for Apple Device Management including to iOS Device Management and macOS…