The indictment filed against the LockBit ransomware gang leader by the US has confirmed Boeing was hit by the gang and received a ransom demand of US$200 million (A$302.13 million).
The indictment says Dmitry Yuryevich Khoroshev and his subordinate LockBit members extorted hundreds of millions of dollars in ransom payments from thousands of victims in the US, including
the District of New Jersey, and around the world.
It said the victims included hospitals, schools, non-profit organisations, critical infrastructure, and government and law-enforcement agencies with the broader losses and damage running into billions of
dollars.
Boeing refused to pay the ransom. It has made no public statement about the attack.
{loadposition sam08}That Boeing was hit is clear from this sentence in the indictment: "One victim alone, for example — Victim-15, a multinational aeronautical and defence corporation headquartered in Virginia — received a ransom demand of approximately US$200 million from the LockBit perpetrators."
A report in November last year said LockBit had leaked more than 43GB of data from Boeing after the company did not pay the ransom.
LockBit issued a number of statements about the Boeing attack on its site on the dark web.
Back in April 2020, iTWire reported that documents from Boeing and a number of other companies was leaked following an attack on Visser Precision, a parts maker for space and defence companies.
The ransomware in question is DoppelPaymer which is run by a group that adopts similar tactics to those of two other ransomware groups, Maze and REvil.
At the time, DoppelPaymer published a list of documents from Visser's clients: Air Comm, Alcadyne, Bingham Engineering, Blue Origin, Boeing, Cardiff School of Engineering, Custom Microwave, De Vore Aviation, Desktop Metals, DME Co, EAP, Schlumberger Technology, Tesla, SpaceX, General Dynamics, Lockheed Martin and University of Colorado.