The LockBit ransomware gang recently leaked over 43GB of data stolen from Boeing, one of the largest aerospace companies. This leak followed Boeing’s refusal to pay a ransom demanded by the hackers. The data, primarily backups for various systems with the most recent dating October 22, was first posted on LockBit’s site on October 27 with a deadline for Boeing to engage in negotiations by November 2.
Boeing was briefly removed from LockBit’s list of victims but reappeared on November 7, indicating that the company’s lack of response to the hackers’ warnings. The group then threatened to publish around 4GB of recent data as a demonstration of their capabilities and warned of releasing more databases if Boeing did not cooperate.
On November 10, LockBit went ahead and published all the data they had from Boeing, including configuration backups for IT management software, logs for monitoring and auditing tools, and backups from Citrix appliances. This raised suspicions that LockBit might have exploited the Citrix Bleed vulnerability (CVE-2023-4966). Boeing confirmed the cyberattack but did not provide details about the incident or the breach method.
LockBit, recognized as a resilient ransomware-as-a-service operation active for over four years, has targeted various organizations, including the Continental automotive giant, UK Royal Mail, the Italian Internal Revenue Service, and the City of Oakland. The U.S. government reported that the group extorted about $91 million since 2020 in nearly 1,700 attacks.
Source: Cyber Security Hub
To mitigate potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net or you can try your self using check.website.