LockBit’s Latest Victim: Boeing’s Cybersecurity Compromise Unveiled

Boeing, a pivotal entity in the aerospace industry and defense technology, has confirmed it fell victim to a cyberattack, presumably orchestrated by the notorious hacking collective LockBit, accused of illicit access to confidential information and data theft.

Boeing is cognizant of a cyber incident that affected a segment of our business related to the supply of aircraft spare parts. “We are actively investigating the incident and coordinating with law enforcement and regulatory authorities,” a Boeing representative declared. The company assures that the incident will not impact flight safety and is currently under thorough investigation in collaboration with law enforcement.

Boeing is alerting clients and suppliers to the threat. Presently, Boeing’s website, dedicated to the distribution and sale of parts, is offline due to “technical issues.”

The financial report for 2022 indicates that the sale of spare components and aircraft maintenance is among the company’s most lucrative avenues. The firm has been channeling more resources into production and has taken control of revenues from the sale of parts manufactured by other producers under Boeing’s license, likely attracting malefactors’ attention.

Although LockBit admits culpability, analysts have yet to determine the true source of the threat.

Information published by VX Underground indicates that hackers added Boeing to their victim list on a leaked site, initially giving the company merely six days to decide on negotiation terms. Researchers claim LockBit exploited a zero-day vulnerability to access the corporation’s systems.

Curiously, by October 30th, the group removed the leaked announcement, stating negotiations were underway.

To date, the aviation behemoth has not released an official press statement nor provided a report to the Securities and Exchange Commission (SEC).

The United States Cybersecurity and Infrastructure Security Agency (CISA) has identified LockBit as the most active ransomware operator in 2022.

As VX Underground notes, LockBit is more than a mere assembly of enthusiasts. The hackers have established a robust management system and engage in self-promotion, even paying celebrities to tattoo their insignia. Experts approach the group’s hacking claims with skepticism and meticulously verify information before taking any action.