Boeing refuses to pay LockBit gang’s $200 million ransomware demand

Boeing confirmed that it received a huge claim of $200 million after the notorious LockBit hacker group launched a ransomware attack in October 2023.

The company confirmed its connection to the indictment of Dmitry Yuryevich Khoroshev, who this week the U.S. Department of Justice identified as LockBitSupp, the leader of the LockBit gang.

The indictment details Khoroshev’s alleged criminal activities and mentions that “a Virginia-based multinational aerospace and defense company” received ransom demands equivalent to approximately $200 million.

Although no names were named in the indictment (the company was referred to as “Victim-15”), Boeing confirmed Internet exclusive This is the organization described.

If the $200 million figure is accurate, it would be one of the highest ransom demands ever made by cyber extortionists.

In late October 2023, LockBit’s leak website announced that it had stolen “a large amount of sensitive data” from Boeing and threatened to publish the data if payment was not made by November 2, 2023.

At the time, Boeing said the attackers affected its parts and distribution operations but that aircraft or flight safety were not affected.

Eventually, LockBit did release approximately 43GB of data they claimed to have stolen from Boeing, and claimed that negotiations with Boeing over a ransom payment had broken down.

Boeing deserves credit for not bowing to pressure from LockBit attackers. The blackmailers appear to be greedy in their demands for such astronomical ransoms. Overly optimistic demands may be dashed because hackers overestimate the value of stolen information.

Earlier this week, international law enforcement agencies announced sanctions against Khoroshev by U.S., British and Australian authorities.

Meanwhile, LockBitSupp released a message denying that their true identity was Dmitry Yuryevich Khoroshev and stating that law enforcement agencies had arrested the wrong person.