Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Tuesday, 7 July, 2026
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Aerospace Giant Boeing Confirms Cyber Compromise, LockBit Claims Responsibility

by The Gurus
November 3, 2023
in Editor's News
AT&T Cybersecurity grows SASE offering by adding Palo Alto Networks
Share on FacebookShare on Twitter

Boeing, the American multinational corporation most known for the manufacturing of aircrafts, rockets, satellites, and missiles, has confirmed a cyber breach on their systems. Last week, the infamous and prolific ransomware gang, LockBit, announced that “a tremendous amount of sensitive data was exfiltrated” from Boeing’s systems and was ready to be published if the company did not make contact within the deadline. 

The announcement has since been removed from LockBit’s website, but a screenshot shared by Dominic Alvieri on X shows that LockBit demanded a response from Boeing before November 2nd.  

On October 28th, the malware research group VX-Underground claimed to have spoken with a LockBit representative about the then alleged breach. According to this statement, LockBit claimed to have gained access to Boeing systems through a Zero-Day Vulnerability exploit.  

At this point Boeing had yet to confirm or deny any claims.  

However, on November the 2nd, Boeing confirmed with various publications that their systems had been compromised in a cyber incident. 

Boeing spokesperson Jim Proulx told TechCrunch that while elements of parts and safety business were targeted in this incident, flight safety was not affected. Additionally, he said, “We are actively investigating the incident and coordinating with law enforcement and regulatory authorities. We are notifying customers and suppliers.” 

While Boeing has yet to confirm whether the LockBit group was truthfully behind the incident, the fact that the listing was removed from the website before the deadline suggests that it is the case.  

At this time, the Boeing Services website is down for technical issues.  

According to Erfan Shadabi, cybersecurity expert with data security specialists comforte AG, “Boeing’s acknowledgement of the cyber incident and its cooperation with law enforcement are commendable steps in addressing the breach. The aerospace and defence sector, similar to various other industries, heavily depends on an extensive network of suppliers and partners. It’s a common occurrence for threat actors to target vulnerabilities within these expansive ecosystems.” 

Erich Kron, Security Awareness Advocate at KnowBe4, added, “Ransomware can be a significant issue for organizations such as Boeing who need to provide parts quickly and often in a just-in-time manner. In the event their systems are down due to the ransomware encryption, significant delays could occur that may stop commercial aircraft from flying. In addition, organizations such as this have a tremendous amount of intellectual property that spans both commercial and military industries, and the theft of that information and threat to leak it publicly could be a significant issue for the company and any impacted military services. These cyber criminals know this and use it to their advantage to request what is often a huge ransom from the victims.”  

According to Shadabi, the data at risk is the real concern in a scenario like this. He commented, “One key takeaway from this incident is the importance of a proactive approach to cybersecurity that revolves around the safeguarding of data itself. Traditional cybersecurity measures often focus on perimeter defence and incident response. However, the concept of data-centric security, particularly tokenization, offers an additional layer of protection. Tokenization involves replacing sensitive data with non-sensitive placeholders, or tokens, rendering the stolen data useless to malicious actors. By utilizing tokenization, organizations can minimize the impact of data breaches, safeguard their intellectual property, and protect customer information. This proactive approach reduces the incentive for cybercriminals to target an organization and demand ransoms, as they are less likely to obtain valuable information. Cyberthreats are evolving and as we move forward in the digital age, organizations of all types must invest in comprehensive cybersecurity strategies that safeguard their most valuable asset – data.” 

 Indeed, Kron also raised some caution. He explained that, “Generally speaking, the attackers will guarantee that the information is deleted if the ransom is paid, however, that simply means we have to trust the very criminals that broke into our systems, stole the data, and oftentimes disrupted critical business, to do as they promise. When it comes to extremely valuable information, such as potentially sensitive information about military equipment, the odds are pretty good that other nation states will be willing to pay a significant amount for this information and the victim would never know it has been sold.” 

While there has been some discussion that LockBit gained access to Boeing systems by exploiting a Zero-Day Vulnerability, Kron warned that it could have just as easily been a result of a social engineering attack. He said, “Since most ransomware starts with a social engineering attack that targets humans, organisations that deal in information such as this or have critical manufacturing or logistical time frames should ensure that their employees are educated on how to spot and report phishing attacks to their security team. In addition, strong Data Loss Prevention (DLP) controls should be in place to limit the possibility of data being exfiltrated by bad actors.” 

Tags: boeingcybersecurityRansomware
ShareTweet
Previous Post

Keeper Security Begins Relationship with Ingram Micro to Expand Access to Keeper’s Cybersecurity Solutions

Next Post

The Future of Encryption: Navigating Change with Crypto-Agility

Recent News

Huntress Signs Giacom to Widen UK MSP Access to Managed Detection and Response

Huntress Signs Giacom to Widen UK MSP Access to Managed Detection and Response

July 7, 2026
pentesting

Pentesting is dead. Long live pentesting.

July 3, 2026
AI Appreciation Day: Celebrating Progress, Embracing Responsibility

The industries being reimagined by AI

July 2, 2026
geopolitical cyber report

Iran-linked MuddyWater espionage campaign targets organisations across four continents

July 1, 2026

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2024 IT Security Guru - Website Managed by Dessol

  • About Us
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2024 IT Security Guru - Website Managed by Dessol