Boeing hack: should the airline manufacturer negotiate with cybercriminals?
- Boeing acknowledges that there was a hack and its systems were compromised.
- Boeing is one of the largest aerospace and defense companies in the world – so the Boeing hack could have significant ramifications.
- Boeing declined to comment on whether it had received a ransom demand or whether the company had paid.
It’s been more than a week since the LockBit ransomware group claimed to have infiltrated Boeing and to be in possession of a great deal of its data. The ransomware group had threatened to release the data if the aircraft manufacturer did not contact it within a specific timeline.
Boeing initially said it was just investigating the claim, but has now acknowledged that there was a cybersecurity incident. According to a report by TechCrunch, a statement by Boeing spokesperson Jim Proulx has confirmed the Boeing hack is a reality.
Proulx explained that the attackers had targeted elements of Boeing’s parts and distribution business. The spokesperson also highlighted that the cybersecurity incident dis not affect flight safety and that the company is actively investigating the incident by coordinating with law enforcement and regulatory authorities.
Boeing declined to comment on whether it had received a ransom demand or whether the company had paid one if it had. A check on the services page of Boeing’s website showed that the site is experiencing technical issues and will be back up “soon.”
Boeing also declined to say how it was compromised or whether the company was aware of any exfiltration of data from its systems. However, the spokesperson did not dispute that Boeing had been affected by a cybersecurity incident that involved data exfiltration.
Who’s responsible for the Boeing hack?
The LockBit ransomware group has claimed responsibility for the cyberattack on Boeing. One of the most notorious ransomware groups today, LockBit has been terrorizing American and European organizations over the past few years.
According to the FBI, there have been over 1,700 attacks involving the ransomware group since 2020. Around US$91 million has so far extorted by the group.
Known for its well-planned and organized cyberattacks, LockBit is connected to Russian hacker groups. According to VX-Underground, the LockBit ransomware group is so organized that it even have system administrators to communicate with victims and ensure they get the message through.
What will be the impact of the Boeing hack?
With over 140,000 employees around the world, Boeing is one of the largest aerospace and defense companies in the world. Apart from manufacturing commercial jets, Boeing also develops, manufactures, and services defense products and space systems for customers across over 150 countries.
Boeing’s parts and distribution business, which falls under its Global Services division, provides material and logistics support to its customers, according to the company’s 2022 annual report.
“Global Services ensures (customers) have access to the world’s most robust supply chain and the flexibility, scale and purchasing power to operate efficiently,” the report says.
While Boeing has assured clients that the hack does not have an impact on any of its aircraft, there are still concerns about how much data was actually compromised by the hackers. Given that Boeing has defense contracts and works on a lot of defense products, the information held by the hackers could easily find interested buyers on the dark web.
It is also important to note that this is not the first time Boeing has been hacked. Last year, a Boeing subsidiary that distributes airspace safety notices to pilots also experienced a cybersecurity incident. Jeppesen, which provides electronic notices to air mission bulletins and applications for in-flight management tasks, experienced a technical issue which was a cyber-incident.
To pay or not to pay – that is the question
With investigations still ongoing, the question on everyone’s mind is whether Boeing is going to pay a ransom for the hack? While law enforcement and cybersecurity vendors would strictly advise the company not to pay a ransom, the information that has been compromised could result in more severe consequences if the matter is not resolved.
In a recent incident involving two casinos in Las Vegas – MGM and Caesars, one company decided to pay the ransom to get back access to its systems, while the other chose to negotiate.
MGM, which decided not to pay the ransom and negotiate with the hackers, not only ended up losing close to US$100 million but also disappointed customers, as many were left locked out of their hotel rooms, unable to proceed with check-ins and sufferign other inconveniences that tarnished the brand. Meanwhile, Caesers admitted to paying the ransom – and did not experience the same situation.
However, paying the ransom does not always guarantee a smooth journey. Ransomware groups want to be paid in crypto, and pricing may fluctuate. Ransomware groups can also make copies of the data. What’s more concerning is that ransomware groups could end up planting malware or spyware into the data to launch more attacks in the future.
For Boeing, the next few days will be crucial. Not only does the aerospace giant have to negotiate with cybercriminals, but it also needs to check its systems to ensure there isn’t any other malware or bugs that could pose a problem in the future.
READ MORE
- 3 Steps to Successfully Automate Copilot for Microsoft 365 Implementation
- Trustworthy AI – the Promise of Enterprise-Friendly Generative Machine Learning with Dell and NVIDIA
- Strategies for Democratizing GenAI
- The criticality of endpoint management in cybersecurity and operations
- Ethical AI: The renewed importance of safeguarding data and customer privacy in Generative AI applications