Boeing, a major global defense and aerospace contractor, confirmed on Wednesday that it is investigating a cyber incident affecting certain aspects of its parts and distribution business. The company is also cooperating with a law enforcement inquiry into the matter.
This disclosure came after the Lockbit cybercrime group claimed to have stolen a significant amount of sensitive data from Boeing and threatened to release it online if a ransom wasn't paid by November 2. As of Wednesday, the Lockbit threat was no longer visible on the group's website, and they did not immediately respond to inquiries. Boeing did not confirm whether Lockbit was responsible for the cyber incident it reported.
Boeing emphasized that the incident does not impact flight safety and stated that it is actively investigating the situation while collaborating with law enforcement and regulatory authorities. The company is also notifying its customers and suppliers.
Boeing's parts and distribution business, part of its Global Services division, provides material and logistics support to customers. Some webpages related to the Global Services division on Boeing's official website were inaccessible on Wednesday due to technical issues, with an expectation of a prompt restoration.
Lockbit, which is known for ransomware attacks and data theft, was one of the most active ransomware groups globally in the previous year, affecting a significant number of victims. It has targeted approximately 1,700 U.S. organizations since 2020, as reported by the U.S. Cybersecurity and Infrastructure Security Agency (CISA).
Typically, Lockbit deploys ransomware to lock up a victim organization's systems while also stealing sensitive data for extortion purposes.
The extent of the data taken from Boeing remains uncertain. Experts note that even if organizations pay ransoms as demanded, there's no guarantee that the stolen data won't be leaked. The loss of military-related information could be particularly concerning, but Boeing did not comment on whether such data was impacted by the cyber incident.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) did not provide immediate comment in response to Boeing's statement.