Boeing has revealed that it refused to pay a $200 million ransom demand from ransomware hackers who stole a tranche of sensitive data in 2023.
The US Department of Justice recently revealed an indictment against Dmitry Yuryevich Khoroshev, accused of developing and maintaining the dreaded LockBit ransomware, a malicious software that was used in numerous hacking attacks with devastating consequences.
In the unsealed indictment, among the victims named was an unnamed multinational aeronautical and defense corporation that was asked for $200 million, a figure described as “extremely large.” Boeing later confirmed to be that company CyberScoopbut declined to answer additional questions.
Testing the waters
The company suffered a ransomware attack in November 2023 and at the time said the incident affected elements of its distribution and spare parts business, but that flight safety was not compromised.
LockBit affiliates took 43 gigabytes of data, for which they then demanded an obscene amount of money.
The data appeared to be backups of different company systems and included configuration backups for IT management software and logs for monitoring and auditing tools.
While hackers attacking large corporations are no strangers to huge ransom demands, in this case they most likely took a blind shot.
The indictment against Khoroshev labels him as LockBitSupp, the person who manages the LockBit encryption. This person later left a message on the RaaS messaging platform, saying that the authorities had the wrong person. However, they did confirm that Boeing was the company involved.