Boeing says it refused to meet huge demand for ransomware
Boeing has revealed that it refused to pay a $200 million ransom from ransomware hackers who stole some of its sensitive data in 2023.
The US Department of Justice recently published an indictment against one Dmitry Yuryevich Khoroshev, who is accused of being the one who developed and maintained the dreaded LockBit ransomware, a piece of malicious software used in numerous hacking attacks with devastating consequences.
The unsealed indictment listed victims as including an unnamed multinational aerospace and defense company asking for $200 million, an amount described as βextremely large.β Boeing later confirmed that company CyberScoopbut declined to answer further questions.
Testing the waters
The company suffered a ransomware attack in November 2023 and said at the time that the incident affected parts of its parts and distribution business, but that flight safety was not compromised.
LockBit’s affiliates made off with 43 gigabytes of data, for which they later demanded an obscene amount of money.
The data appeared to be backups of various corporate systems and included configuration backups for IT management software and logs for monitoring and auditing tools.
While hackers targeting major corporations are no strangers to massive ransom demands, in this case they most likely made a blind attempt.
The indictment against Khoroshev labels him as LockBitSupp, the persona running the LockBit encryptor. This person then left a message on the RaaS messaging platform saying that the police had the wrong person. However, they did confirm that Boeing was the compromised company.