Boeing Investigates Cyber Incident Impacting Parts and Distribution Business
WASHINGTON, Nov 1 (Reuters) – Boeing (BA.N), a prominent defense and space contractor, confirmed on Wednesday that it is conducting an investigation into a cyber incident that affected certain aspects of its parts and distribution business. The company is also working closely with law enforcement authorities in their probe.
This announcement from Boeing comes after the Lockbit cybercrime gang claimed on Friday to have obtained a large amount of sensitive data from the U.S. planemaker. The gang threatened to release the data online if a ransom was not paid by Nov. 2. However, the Lockbit threat is no longer visible on their website as of Wednesday, and their response to the situation is unknown. Boeing has not confirmed if the cyber incident is directly linked to Lockbit.
“This incident does not pose any threats to flight safety,” stated a spokesperson from Boeing. “We are actively investigating the matter, collaborating with law enforcement agencies and regulatory authorities, and informing our customers and suppliers.”
The parts and distribution business of Boeing, which falls under its Global Services division, provides material and logistics support to customers, as detailed in the company’s 2022 annual report. Some webpages on Boeing’s official website that contain information about the Global Services division were temporarily unavailable on Wednesday due to technical problems. However, the issue is expected to be resolved soon.
Lockbit, recognized as the most active ransomware group worldwide in the previous year, has targeted a total of 1,700 organizations in the U.S. since 2020, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA). The group typically deploys ransomware to encrypt a victim organization’s system and steals sensitive data for extortion purposes.
The extent of the data breach and the specific information stolen from Boeing are still unknown. Ransomware expert Brett Callow from cybersecurity firm Emsisoft highlighted that even if organizations pay the ransom, there is no guarantee that the stolen data will not be leaked.
“Paying the ransom would simply rely on the promise from Lockbit that they will delete the data they obtained,” explained Callow. “However, there is no way to confirm if they would actually follow through with their promise.”
Boeing has not commented on whether any defense-related data was compromised during the cyber incident. The CISA has not provided a response to Boeing’s statement at this time.
Reporting by Valerie Insinna; Editing by Chris Reese, Lisa Shumaker, Jamie Freed and Lincoln Feast.
Acquire Licensing Rights, opens new tab