Boeing Roughed-Up After Ransomware Deadline Expires
The Beating Occurred Friday Amid an Aggressive New ‘Digital Extortion’ Crimewave
In the uncannily evocative language of street parlance—Boeing just got jumped.
Boeing, a leading aerospace and defense company, has been targeted by the notorious Lockbit syndicate in a significant ransomware attack. A vast amount of its confidential data has now been leaked online, according to a post on Lockbit’s website.
Amplifying the cyber siege, the NCC Group’s latest report reveals a harrowing 153% surge in ransomware attacks during September 2023, with a staggering 514 incidents reported. This dramatic increase reveals an enhanced level of cyber threat sophistication, endangering industries worldwide.
Lockbit, known for its strategy of stealing data and demanding ransom, purportedly released the data early Friday morning. The group had previously threatened in October to disclose “a tremendous amount” of sensitive information extracted from Boeing unless a ransom was paid by November 2nd.
“We are aware that, in connection with this incident, a criminal ransomware actor has released information it alleges to have taken from our systems,” Boeing said. “We continue to investigate the incident and will remain in contact with law enforcement, regulatory authorities, and potentially impacted parties, as appropriate.”
Boeing stated that the incident involved its parts and distribution operations; that website is currently down due to a “cyber incident.” The company assured the public that the breach does not pose a threat to aircraft safety or flight operations. However, Boeing refrained from commenting on whether defense-related or other highly sensitive data fell into the hands of the hackers.
Since its emergence in early 2020 on Russian cybercrime forums, Lockbit has become a notable name in international cybercrime, carrying out ransomware attacks in several countries, including the United States, India, and Brazil, and impacting over 1,700 American organizations. This group is recognized by experts as a highly organized criminal entity in the cyber underworld.
The recent high-profile cyberattack on Boeing, a key player in the global economy, underscores the growing threat of such attacks. The impact of these breaches is significant, with 60% of affected companies going out of business within six months. This incident raises critical concerns about the vulnerability of major corporations and the potential for these cybercriminals to target other crucial sectors.
To enhance cyber safety, especially after the Boeing attack, companies should consider these measures:
Adopt a Layered Security Approach
Use multiple security layers for comprehensive protection.
Segment Networks
Break down networks into manageable segments to localize breaches.
Monitor Open-Source Software in IoT Devices
Ensure open-source software in IoT devices is well-understood, patched, and risks are mitigated.
Regularly Patch Firmware and Software
Keep all software and firmware updated to guard against vulnerabilities.
Encrypt Data
Encrypt data in storage and transit to prevent unauthorized access.
24×7 Network Monitoring
Continuously monitor network access and activities.
Supply Chain Vulnerability Monitoring
Assess and monitor your supply chain for cybersecurity risks.
Understanding and Preparing for Risks
Prepare for operational disruptions due to cyber threats, regardless of company size.
Awareness and Training
Educate employees on cybersecurity best practices.
Incident Response Plan
Have a clear, actionable plan for breach incidents.
Compliance and Regulations
Stay compliant with relevant cybersecurity regulations.
Insurance and Legal Preparedness
Consider cyber insurance and be prepared to work with law enforcement and regulatory authorities.
Implementing these strategies is vital for maintaining a strong cybersecurity posture. Cybersecurity is an evolving field, requiring ongoing vigilance and adaptation.
Contact Cyber Defense Advisors for unparalleled expertise in safeguarding your data and helping you achieve uninterrupted business operations in the face of escalating cyber threats.