Hackers leaked confidential files of Boeing, Lockheed Martin and SpaceX after ransom not paid

Despite efforts to combat cybercrime, sometimes companies can’t do anything to prevent their information from being exposed. According to experts from a cyber security course, a data breach in a major company allowed the leaking of multiple internal documents from some of the world’s leading aerospace companies.

Everything points to the incident behind this incident are hackers from criminal group DoppelPaymer, who exposed this information in retaliation to an unpaid ransom. Among the confidential information exposed are the plans of multiple projects developed by firms such as Lockheed-Martin, Boeing and SpaceX.

Cyber security course specialists point out that these documents were extracted from the systems of Visser Precision, a U.S. manufacturing and design contractor. Among the company’s most prominent customers are Tesla, Blue Origin, Sikorsky, Joe Gibbs Racing, as well as the aforementioned firms.

DoppelPaymer was responsible for infecting Visser’s computers to encrypt your files, demanding a ransom in exchange for restoring access to the information. Upon expiry of the deadline for the ransom to be paid, threat actors posted a sample of the compromised documents on a website that, to date, remains online within the reach of any user.

In this regard, a spokesman for Lockheed Martin said, “We are aware of the Visser Precision incident, and we will conduct our own cybersecurity incident response protocols related to our supply chain.” On the other hand, Visser, SpaceX and Boeing still do not give official statements.

This is not the first time that DoppelPaymer hackers have been linked to a similar incident. What’s more, this group of threat actors is maintaining a website to publish the documents of companies that decide not to pay after suffering a ransomware infection. Most of the information exposed on this site (which is constantly updated) does not pose serious threats to the companies exposed, although the case of Visser and its partners is an exception, say experts from the cyber security course.

The latest reports related to DoppelPaymer mention that hackers agreed not to attack any hospital’s technological infrastructure during the combat period to the coronavirus pandemic; it remains to be seen whether this promise is honored.  

Although the International Institute of Cyber Security (IICS) ensures that it is never advisable to pay hackers after a ransomware attack, multiple companies decide to take risks and pay the ransom due to the high costs arising from the recovery process of a similar incident, so that guides have even been developed for paying these extortions in the safest possible way.