Summarize

Simplifying... Inshort

Boeing confirmed a $200 million cyber extortion attempt in 2023, orchestrated by Russian national Dmitry Yuryevich Khoroshev, the developer of LockBit ransomware.
Despite 43GB of Boeing's data being displayed on LockBit's website, the company didn't pay any ransom and assured that flight safety was not compromised.
The online alias for LockBit, LockBitSupp, confirmed Boeing as the targeted company, marking it as one of the largest ransom demands to date.

Was a long read? Making it simpler...

Next Article

The $200M cyber extortion was for nearly 43GB of Boeing's data

Boeing confirms $200 million cyber extortion attempt in 2023

By Akash Pandey

May 09, 2024

06:59 pm

What's the story

Boeing, the multinational aerospace and defense corporation, has confirmed being targeted in a $200 million cyber extortion attempt in October 2023. The cybercriminals used the LockBit ransomware platform to carry out the attack. This information came to light after an indictment was unsealed by the US Department of Justice on Tuesday, identifying Boeing as the victimized company. Boeing has declined to comment further on this matter, directing all inquiries to the Federal Bureau of Investigation (FBI).

Information

Russian national identified as primary orchestrator of the ransomware attack

The indictment named Dmitry Yuryevich Khoroshev as the main orchestrator and developer of the LockBit ransomware operation. Khoroshev, a Russian national, is currently facing international action involving sanctions from the US, the UK, and Australia.

No ransom paid

Boeing's stance on the cyber extortion attempt

Despite nearly 43GB of Boeing's data being displayed on LockBit's website in early November, no ransom was reportedly paid by the company. Boeing acknowledged a "cyber incident" at that time which affected parts of their distribution business but assured that flight safety was not compromised. The company never commented on the stolen data published by LockBit.

Large ransom demands

Extortion attempt highlighted in indictment

The indictment underscored this extortion attempt as an instance of "extremely large" ransom demands made by Khoroshev and his associates. Since late 2019 or early 2020, they have reportedly amassed over $500 million in ransoms from their victims. Brett Callow, a ransomware analyst with cybersecurity firm Emsisoft, suggested that this could be "the second biggest ransom demand to date — or, perhaps more accurately, to have become public knowledge."

Confirmation received

LockBitSupp confirms Boeing as targeted company

LockBitSupp, the online alias representing LockBit, confirmed to CyberScoop on Wednesday that Boeing was indeed the company referred to in the indictment. US and British law enforcement authorities have identified Khoroshev as LockBitSupp, a claim which was disputed in a message posted to LockBitSupp's account on a messaging platform. This confirmation further solidifies Boeing's position as the victim of this cyber extortion attempt.