Boeing has verified that it was targeted in October 2023 by cybercriminals employing the LockBit ransomware platform, who demanded a staggering $200 million extortion payment. The confirmation follows an indictment unsealed by the U.S. Department of Justice, identifying Dmitry Yuryevich Khoroshev as the key figure behind the LockBit operation. Khoroshev faces international sanctions from the U.S., the U.K., and Australia.
While Boeing refrained from providing additional details and redirected inquiries to the FBI, the company reportedly did not yield to LockBit's demands despite approximately 43 gigabytes of company data being posted on LockBit's website in early November. The incident was acknowledged by Boeing at the time, affirming its impact on parts and distribution operations but emphasizing no compromise to flight safety. However, the company has remained silent on the stolen data posted by LockBit.
The indictment, referring to Boeing as an unnamed multinational, sheds light on LockBit's history of making "extremely large" ransom demands. Analysts believe that LockBit's demand against Boeing was among the largest to date, possibly driven by a desire to gauge potential payoffs rather than a realistic expectation of receiving the full amount.
LockBitSupp, the online persona representing LockBit, confirmed Boeing's identity as the unnamed company. However, conflicting claims emerged when U.S. and British law enforcement authorities asserted that Khoroshev is LockBitSupp. A message from LockBitSupp disputed this assertion, suggesting a case of mistaken identity by the authorities.
The revelation underscores the persistent threat posed by ransomware attacks and the ongoing efforts of law enforcement to combat such cybercriminal activities.