Boeing cyberattack: Protecting assets from digital crime

Boeing admitted it fell victim to a cyber incident earlier in the week which impacted parts of its distribution business. 

The organisation, which is one of the world’s largest defence and space contractors, acknowledged the attack and said it is currently investigating with law enforcement.

Days earlier, the Lockbit cybercrime gang stated that it had stolen large amounts of sensitive data from Boeing in a ransomware attack, stating that it would publish the contents online if Boeing did not pay by 2nd November 2023.

According to TechCrunch, paying ransoms to sanctioned hacking groups and ransomware gangs can violate the law in the United States.

Ransomware orchestrated by large gangs make even the largest businesses vulnerable

“This issue does not affect flight safety,” a Boeing spokesperson said to Reuters. “We are actively investigating the incident and coordinating with law enforcement and regulatory authorities. We are notifying our customers and suppliers.”

Lockbit is one of the most active global ransomware groups last year based on the number of victims, having impacted 1,700 US organisations since 2020, according to the US Cybersecurity and Infrastructure Security Agency (CISA).

The hacking group typically deploys ransomware on a victim organisation's system to lock it, as well as stealing sensitive data for extortion.

It is currently unclear what data Lockbit may have stolen from Boeing. As a leader in the aerospace and manufacturing industry with connections to the government, it is easy to see why Boeing is an attractive target for threat actors wanting to access sensitive information. 

This will also inevitably have an impact on the company’s global supply chain and so it will be vital that Boeing are able to rectify the issue quickly.

Manufacturers must continue to invest in cybersecurity

These types of industry cyberattacks are on the rise, with manufacturers in particular keen to invest in more sophisticated cybersecurity measures. Given that manufacturing is becoming more reliant on new technology, it is more important than ever before for organisations to adopt stronger security measures to protect data.

Research from 2022 shows less than two thirds (62%) of manufacturers have a formal cybersecurity plan in place - showing there is a long way to go.

James Dyer, Threat Intelligence Lead at Egress, says on the attack: “This incident is not only worrying because of its immediate threat but also in terms of the fallout. With Boeing, the attackers are using double extortion methods by threatening to expose or sell the data. Ultimately, the company and customers could now be at greater risk from increased phishing attacks using credentials compromised in the other initial attack – otherwise known as Business Email Compromise (BEC).

“For example, in a supply chain, a single compromised vendor can result in a high proportion of their customers also becoming compromised; the military clients in Boeing’s supply chain no doubt makes them an extremely enticing target. The attacker seizes this opportunity to leverage trusted relationships as an entry point and socially engineer their victims. The threat actor is likely to use highly pressurising techniques on their victim such as insisting on urgency and confidentiality or leveraging the seniority of whom they are impersonating. 

He continues: “Often ransomware attacks give 10 days for their victims to respond, but in this incident, only 6 days have been offered to increase the pressure. 

“When an attack is presented in the guise of a trusted colleague or business partner, it is suddenly much harder to differentiate between a genuine and a malicious email. Organisations are then exposed to account takeover, data exfiltration, and financial losses from fraudulent payments. 

“Employees must be aware of the risk and how to put an action plan in place to understand not only why an email has been flagged as dangerous but also identify compromise from a trusted source.”

******

For more insights into the world of Cyber - check out the latest edition of Cyber Magazine and be sure to follow us on LinkedIn & Twitter.

Other magazines that may be of interest - Technology Magazine | AI Magazine.

Please also check out our upcoming event - Cloud and 5G LIVE on October 11 and 12 2023.

******

BizClik is a global provider of B2B digital media platforms that cover Executive Communities for CEOs, CFOs, CMOs, Sustainability leaders, Procurement & Supply Chain leaders, Technology & AI leaders, Cyber leaders, FinTech & InsurTech leaders as well as covering industries such as Manufacturing, Mining, Energy, EV, Construction, Healthcare and Food.

BizClik – based in London, Dubai, and New York – offers services such as content creation, advertising & sponsorship solutions, webinars & events.