The aerospace and defense company declined to describe the nature of the attack but said flight safety was not affected.
Boeing confirmed a cyberattack is impacting its global services division, five days after a prolific Russia-affiliated ransomware group claimed responsibility for an attack against the multinational aerospace company.
“We are aware of a cyber incident impacting elements of our parts and distribution business,” a Boeing spokesperson said via email on Wednesday. “This issue does not affect flight safety.”
Some parts of company’s global services site are currently down.
Boeing declined to confirm the threat actor’s identity, the attack’s nature, or if a ransom had been paid. The company has yet to file a disclosure about the incident with the Securities and Exchange Commission.
The group taking credit for the attack, LockBit, is a financially motivated threat actor the Justice Department once described as “one of the most active and destructive ransomware variants in the world.”
LockBit listed Boeing on its leak site on Friday and threatened to leak “sensitive data” if Boeing did not meet its deadline to make contact by Thursday.
“We are actively investigating the incident and coordinating with law enforcement and regulatory authorities. We are notifying our customers and suppliers,” the spokesperson said.
Ransomware groups use leak sites to threaten and pressure their victims to pay a ransom. Targeted organizations are typically removed from leak sites when active negotiations are underway, or a ransom is paid, according to ransomware negotiators and threat analysts.
The FBI declined to comment.
In a June advisory, the Cybersecurity and Infrastructure Security Agency said LockBit had attacked more than 1,700 organizations in the U.S. and made at least $91 million in ransom demands since it first appeared in January 2020.
