One of the biggest defense and space contractors in the world, Boeing, announced on Wednesday that it was looking into a cyber incident that affected some of its parts and distribution business and that it was assisting with a law enforcement investigation into it.
The aerospace giant acknowledged the incident days after the Lockbit cybercrime gang said on Friday it had stolen “a tremendous amount” of sensitive data from the U.S. planemaker that it would dump online if Boeing didn’t pay ransom by November 2.
As reported by Reuters, as of Wednesday, the gang’s website no longer featured the Lockbit threat, and it didn’t immediately reply to a request for comment. Regarding whether Lockbit was responsible for the cyber incident it revealed, Boeing remained silent.
“This issue does not affect flight safety,” said a Boeing spokesperson to Reuters. “We are actively investigating the incident and coordinating with law enforcement and regulatory authorities. We are notifying our customers and suppliers.”
Boeing’s parts and distribution business, which falls under its Global Services division, provides material and logistics support to its customers, according to the company’s 2022 annual report. Some webpages on the company’s official website that had information on the Global Services division were down on Wednesday, with a message that cited technical issues. “We expect the site to be back up soon,” the pages said.
According to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), Lockbit was the most active global ransomware group last year based on the number of victims, and it has hit 1,700 U.S. organizations since 2020.
It’s unclear what data Lockbit may have stolen from the company. Brett Callow, a ransomware expert and threat analyst at the cybersecurity firm Emsisoft, said that while organizations may pay cybercriminal gangs when demanded ransom, that doesn’t guarantee that data won’t be leaked.
“Paying the ransom would simply elicit a pinky promise from LockBit that they will destroy whatever data they obtained,” Callow said. “There would, however, be no way of knowing for sure that they actually had.”
The loss of military-related information would be “extremely problematic”, he added. Boeing did not comment on whether any defense-related data had been impacted in the cyber incident.