The Download
In a strange footnote to a US indictment against ransomware gang Lockbit's mastermind Dmitri Khoroshev, the unsealed indictment revealed that Lockbit held 43GB of sensitive Boeing documents hostage for a $200M ransomware payment last October. The US has placed a $10M bounty on Khoroshev's head for his capture. Lockbit, before it was shutdown, had compromised over 2000 victims and yielded over $500M in ransomware payments.
Boeing, while acknowledging the ransomware demand, also stated they declined to pay the ransom. Lockbit released sensitive documents, but no other fallout is known from the breach. Boeing, of course, has had its challenges with its 737 Max aircraft while this ransomware attack was ongoing. To Boeing's credit, it refused to pay the $200M ransom, which would have fueled more ransomware compromise operations.
What You Can Do
Boeing did the right thing in not paying the ransom, especially at a cost of $200M. Many firms, do not have the luxury of not paying a ransom, in order to stay in business. While many security programs are focused on "right of boom", the more resources you put into prevention "left of boom", the fewer incidents such as ransomware you will have to address "right of boom".
Continuous exposure management (CXM) continuously monitors your attack surfaces adversaries probe for gaps that adversaries can exploit. Better to find and fix these before the adversaries find and exploit them.
To Learn More:
Comments