Boeing says cyber incident affects parts and distribution business

Airplane maker Boeing said it is responding to a cyberattack involving its parts and distribution business.

In a statement on Wednesday evening, the manufacturing giant said it is investigating an incident that came to light last week after a notorious ransomware gang added the company to its list of victims.

"We are aware of a cyber incident impacting elements of our parts and distribution business. This issue does not affect flight safety,” a spokesperson told Recorded Future News.

“We are actively investigating the incident and coordinating with law enforcement and regulatory authorities. We are notifying our customers and suppliers."

The company declined to answer questions about whether it would pay a ransom.

At least one web domain associated with the business displayed a message saying it was “down for technical issues” early Thursday morning. It was unclear if the outage was associated with the cyberattack. Other parts and distribution sites appeared to be functioning normally.

On October 27, the LockBit ransomware gang added Boeing to its leak site, giving the company less than six days to respond to its threats. The gang did not say how much data was stolen and declined to provide samples.

Boeing was removed from the ransomware gang’s leak site on Monday, and researchers from malware platform vx-underground claimed they spoke to members of LockBit who said negotiations with the company were underway.

When the initial claims emerged last week, a Boeing spokesperson would only tell Recorded Future News, “We are assessing this claim.”

Boeing — a multinational corporation that reported more than $66 billion in revenue last year through its sale of airplane equipment, missiles, satellites and more —- has dealt with several security incidents in recent years.

A pro-Russian hacking group launched several distributed denial-of-service (DDoS) attacks against the company in December 2022. Jeppesen, a wholly owned Boeing subsidiary that provides navigation and flight planning tools, confirmed in November 2022 that it was dealing with a cybersecurity incident that caused some flight disruptions.

Boeing was also reportedly affected by the widespread WannaCry virus in 2018, though it was able to recover quickly. “The vulnerability was limited to a few machines,” a spokesperson told The Seattle Times. “We deployed software patches. There was no interruption to the 777 jet program or any of our programs.”

The aviation industry is regularly targeted by cyberattacks. Air Canada and Air Europa have both dealt with cyberattacks in the last month.

On Monday, the Querétaro Intercontinental Airport confirmed it was dealing with a cyberattack the same LockBit ransomware hackers claimed to have targeted the airport.