cybersecurity

Boeing says ‘cyber incident’ hit parts business after ransom threat

Reuters

This is AI generated summarization, which may have errors. For context, always refer to the full article.

Boeing says ‘cyber incident’ hit parts business after ransom threat

BOEING. The Boeing logo is seen at the 54th International Paris Airshow at Le Bourget Airport near Paris, France, June 18, 2023.

Benoit Tessier/Reuters

Lockbit was the most active global ransomware group last year based on the number of victims, and it has hit 1,700 US organizations since 2020, according to the US Cybersecurity and Infrastructure Security Agency

WASHINGTON, DC, USA – Boeing, one of the world’s largest defense and space contractors, said on Wednesday, November 1, it was investigating a cyber incident that impacted elements of its parts and distribution business and cooperating with a law enforcement probe into it.

Boeing acknowledged the incident days after the Lockbit cybercrime gang said on Friday it had stolen “a tremendous amount” of sensitive data from the US plane maker that it would dump online if Boeing didn’t pay ransom by November 2.

The Lockbit threat was no longer on the gang’s website as of Wednesday, and it didn’t immediately respond to a request for comment. Boeing declined to comment on whether Lockbit was behind the cyber incident it disclosed.

“This issue does not affect flight safety,” a Boeing spokesperson said. “We are actively investigating the incident and coordinating with law enforcement and regulatory authorities. We are notifying our customers and suppliers.”

Boeing’s parts and distribution business, which falls under its Global Services division, provides material and logistics support to its customers, according to the company’s 2022 annual report. Some webpages on the company’s official website that had information on the Global Services division were down on Wednesday, with a message that cited technical issues.

“We expect the site to be back up soon,” the pages said.

Lockbit was the most active global ransomware group last year based on the number of victims, and it has hit 1,700 US organizations since 2020, according to the US Cybersecurity and Infrastructure Security Agency (CISA).

The hacking group typically deploys ransomware on a victim organization’s system to lock it up, as well as stealing sensitive data for extortion.

It’s unclear what data Lockbit may have stolen from the company. Brett Callow, a ransomware expert and threat analyst at the cybersecurity firm Emsisoft, said that while organizations may pay cybercriminal gangs when demanded ransom, that doesn’t guarantee that data won’t be leaked.

“Paying the ransom would simply elicit a pinky promise from LockBit that they will destroy whatever data they obtained,” Callow said. “There would, however, be no way of knowing for sure that they actually had.”

The loss of military-related information would be “extremely problematic”, he added. Boeing did not comment on whether any defense-related data had been impacted in the cyber incident.

The CISA did not immediately respond to a request for comment on the Boeing statement. – Rappler.com

Add a comment

Sort by

There are no comments yet. Add your comment to start the conversation.

Summarize this article with AI
Download the Rappler App!