LockBit has made good on its threat. On Friday November 10, the hacker group, one of the most active in the world, published almost 50 GB of data stolen from Boeing at the end of October via a ransomware cyberattack.

According to specialist site Bleeping Computer, most of the data published on the LockBit site comes from backups of various computer systems, the most recent of which is dated October 22. The files also contain internal e-mails.

500 GB of data

"Boeing ignored our warnings", explains the hacker group, which claims to hold around 500 GB of data. It promises to publish them in the absence of "positive cooperation" from the American aeronautical giant.

According to Boeing, the attack targeted its spare parts and logistics support business. "This problem does not affect flight safety", says the company, which says it is "actively investigating the incident" and cooperating with the authorities. However, the aircraft manufacturer refuses to say whether sensitive data, such as information on the US Air Force, was recovered by the attackers.

Shortly after the announcement of a successful attack by LockBit, the hacker group withdrew its threat to release the data. This was interpreted as a sign that Boeing had entered into negotiations to obtain the key to decrypt the data.

Ransomware-as-a-service

LockBit offers a ransomware-as-a-service service: it makes its malware available to affiliated hacker groups, enabling them to attack companies, hospitals or government agencies. The group then recovers part of the ransom paid by victims.

According to a report by cybersecurity solutions provider NCC Group , LockBit was behind 846 successful ransomware attacks in 2022, representing a third of all detected incidents. The collective's activity peaked with the launch of its LockBit 3.0 ransomware in spring 2022.

Source : L'Usine Digitale