Let Cybersecurity Dive’s free newsletter keep you informed, straight from your inbox.
The aerospace and defense company declined to describe the nature of the attack but said flight safety is not affected.
Boeing confirmed a cyberattack is impacting its global services division, five days after a prolific Russia-affiliated ransomware group claimed responsibility for an attack against the multinational aerospace company.
“We are aware of a cyber incident impacting elements of our parts and distribution business,” a Boeing spokesperson said via email on Wednesday. “This issue does not affect flight safety.”
Some parts of company’s global services site are currently down.
Boeing declined to confirm the identity of the threat actor, the nature of the attack or if a ransom has been paid. The company has yet to file a disclosure about the incident with the Securities and Exchange Commission.
The group taking credit for the attack, LockBit, is a financially motivated threat actor the Justice Department once described as “one of the most active and destructive ransomware variants in the world.”
LockBit listed Boeing on its leak site on Friday and threatened to leak “sensitive data” if Boeing did not meet its deadline to make contact by Thursday.
“We are actively investigating the incident and coordinating with law enforcement and regulatory authorities. We are notifying our customers and suppliers,” the spokesperson said.
Ransomware groups use leak sites to threaten and ramp up pressure on their victims to pay a ransom. Targeted organizations are typically removed from leak sites when active negotiations are underway or a ransom is paid, according to ransomware negotiators and threat analysts.
The FBI declined to comment.
The Cybersecurity and Infrastructure Security Agency, in a June advisory, said LockBit had attacked more than 1,700 organizations in the U.S. and made at least $91 million in ransom demands since it first appeared in January 2020.
Get the free daily newsletter read by industry experts
Active exploits already resulted in a follow-on attack that’s impacted multiple organizations. Threat hunters are on guard and anticipate more victims.
It marks the first major update to federal risk guidance since 2014 and incorporates new issues, including supply chain security and threats to small business.
Subscribe to Cybersecurity Dive for top news, trends & analysis
Get the free daily newsletter read by industry experts
Want to share a company announcement with your peers?
Share your announcement ➔
Active exploits already resulted in a follow-on attack that’s impacted multiple organizations. Threat hunters are on guard and anticipate more victims.
It marks the first major update to federal risk guidance since 2014 and incorporates new issues, including supply chain security and threats to small business.
The free newsletter covering the top industry headlines