Untitled

54th Paris Air Show at Le Bourget Airport near Paris

A Boeing logo is seen at the 54th International Paris Airshow at Le Bourget Airport near Paris, France, June 18, 2023. REUTERS/Benoit Tessier Acquire Licensing Rights

LONDON, Nov 10 (Reuters) – Internal data from Boeing (BA.N), one of the world’s largest defence and space contractors, was published online on Friday by Lockbit, a cybercrime gang which extorts its victims by stealing and releasing data unless a ransom is paid.

The hackers in October said they had obtained “a tremendous amount” of sensitive data from the aerospace giant and would dump it online if Boeing didn’t pay a ransom by Nov. 2.

According to a post on Lockbit’s website, the data from Boeing was published in the early hours of Friday morning. The files, which Reuters has not independently verified, mostly date to late October.

In a statement, Boeing confirmed that “elements” of the company’s parts and distribution business had experienced a cybersecurity incident.

“We are aware that, in connection with this incident, a criminal ransomware actor has released information it alleges to have taken from our systems,” Boeing said. “We continue to investigate the incident and will remain in contact with law enforcement, regulatory authorities, and potentially impacted parties, as appropriate.”

The company said it “remains confident” the event does not pose a threat to aircraft or flight safety, but declined to comment on whether defense or other sensitive data had been obtained by Lockbit.

Lockbit ransomware, first seen on Russian-language-based cybercrime forums in January 2020, has been detected all over the world, with organisations in the United States, India and Brazil among common targets, cybersecurity firm Trend Micro said last year.

It called the group “one of the most professional organised criminal gangs in the criminal underground”.

The group has hit 1,700 U.S. organisations, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA).

On Thursday, the Industrial and Commercial Bank of China’s (ICBC) U.S. arm was hit by a ransomware attack that disrupted trades in the U.S. Treasury market.

Several ransomware experts and analysts said Lockbit was believed to be behind the hack, although the gang’s dark web page, where it typically posts names of its victims, did not mention ICBC.

Reporting by James Pearson; additional reporting by Tim Hepher in Paris and Valerie Insinna in Washington; Editing by Kirsten Donovan, David Evans and Emelia Sithole-Matarise

Our Standards: The Thomson Reuters Trust Principles.

Acquire Licensing Rights, opens new tab

Reports on hacks, leaks and digital espionage in Europe. Ten years at Reuters with previous postings in Hanoi as Bureau Chief and Seoul as Korea Correspondent. Author of ‘North Korea Confidential’, a book about daily life in North Korea. Contact: 447927347451

Go to Source