Boeing Confirms $200 Million Cyber Extortion Demand from LockBit Ransomware Gang in October 2023

Boeing Faces $200 Million Cyber Extortion Demand from LockBit Ransomware Gang

Boeing, the multinational aeronautical and defense corporation headquartered in Virginia, has confirmed being the victim of a cyber extortion attack by the LockBit ransomware gang. The cybercriminals demanded a staggering $200 million to not publish leaked data from the company’s parts and distribution operations.

The U.S. Department of Justice unsealed an indictment that revealed Dmitry Yuryevich Khoroshev as the principal administrator behind the LockBit ransomware operation. This coordinated international effort included sanctions from the U.S., the U.K., and Australia.

LockBit first listed Boeing as its victim on October 27, setting a ransom payment deadline for November 2. Despite initially choosing not to comment on the incident, Boeing eventually confirmed falling victim to the cyberattack. However, negotiations reportedly failed, leading LockBit to threaten to publish 4 gigabytes of sample data as proof of the breach.

As the ransom demands escalated, LockBit published over 40GB of data on November 10, indicating that Boeing likely did not agree to pay the $200 million extortion demand. This incident marks one of the largest ransom demands from a ransomware gang to date, with analysts suspecting LockBit made the inflated demand merely to test the waters.

The cyberattack on Boeing underscores the persistent threat posed by ransomware gangs like LockBit to major corporations. With over 1700 attacks executed in the United States alone, LockBit’s aggressive tactics highlight the urgent need for robust cybersecurity measures to safeguard sensitive information and prevent future breaches.