Aerospace giant Boeing has confirmed that the LockBit ransomware gang demanded a staggering $200 million extortion payment after breaching the company’s network and stealing sensitive data in October 2023.
In early November, the notorious Russia-linked cybercrime group published approximately 43 gigabytes of data allegedly stolen from Boeing’s IT systems, including backups of management software configurations, monitoring logs, and auditing tools.
LockBit initially posted a 4GB sample of the stolen data in December, threatening to leak more if Boeing did not “cooperate.” The hackers dumped the full trove online when the company refused to engage.
While 43GB represents a significant volume of information, some cybersecurity experts believe it may not reflect the full extent of data exfiltrated from Boeing’s network.
“If they only got 43 GB of data from Boeing they obviously didn’t get very far into the Boeing network,” one researcher noted. “That’s barely a couple of lightly utilized laptop backups, or maybe one satellite office’s design data.”
Free Webinar on Live API Attack Simulation: Book Your Seat | Start protecting your APIs from hackers
In a statement, Boeing acknowledged Cyberscoop that “elements of our parts and distribution business” were impacted by the incident but asserted that it posed no threat to aircraft or flight safety.
The company declined to comment further, citing an ongoing investigation in coordination with law enforcement.
The $200 million ransom demand, one of the largest publicly known extortion attempts to date, was revealed in a U.S. Department of Justice indictment unsealed this week.
Authorities identified a Russian national, Dmitry Yuryevich Khoroshev, as the mastermind behind the LockBit operation, which has reaped over $500 million from victims worldwide since emerging in late 2019.
LockBit’s attack on Boeing, one of the world’s largest aerospace and defense contractors, underscores ransomware’s growing threat to even the most well-resourced organizations.
“If multibillion-dollar companies cannot secure their networks, what chance do cash-strapped school districts have?” said Emsisoft threat analyst Brett Callow. “Governments really do need to rethink their counter-ransomware strategies.”
On-Demand Webinar to Secure the Top 3 SME Attack Vectors: Watch for Free