View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

LockBit claims ransomware attack on SpaceX contractor Maximum Industries

Criminals taunt Elon Musk by threatening to release blueprints of his company's spacecraft.

By Claudia Glover

Prolific ransomware gang LockBit has posted a supplier of Elon Musk’s SpaceX to its dark web victim blog, claiming to have accessed over 3,000 proprietary schematics designed by the company. Maximum Industries has until March 20 to pay the ransom before the diagrams are auctioned off online.

SpaceX third-party contractor allegedly hit with Ransomware attack. (Photo by Shutterstock/undry Photography)

Maximum Industries is a ‘piece-part production and contract manufacturing facility’ based in Texas that serves companies in the aerospace industry.

SpaceX contractor may have been hit by ransomware attack

The manufacturing company was posted to the victim blog this week, although as of yet there is no evidence that the gang holds any data from its clients, which include SpaceX. 

From the message posted on the dark web, it appears the company has decided not to engage in negotiations with the gang.

“I would say we were lucky if SpaceX contractors were more talkative,” the blog reads. “But I think this material will find its buyer as soon as possible.”

LockBit then refers directly to the SpaceX CEO: “Elon Musk, we will help you sell your drawings to other manufacturers, build the ship faster and fly away,” the blog says. “And now for the numbers, about 3,000 drawings certified by SpaceX engineers. We will launch the auction in a week.” 

Neither company has responded to Tech Monitor’s request for comment at the time of writing.

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

But while LockBit’s claims have not been verified, this issue still stands as a warning to third-party suppliers, explains Trevor Dearing, director of critical infrastructure solutions at Illumio. “Manufacturers remain prime targets for ransomware attacks given the potential for disruption to production, and the valuable IP they hold,” he says. “The problem is exacerbated by the rapid growth of new endpoint technologies including IoT and remote-sensing devices which are expanding the attack surface.”

Companies could adopt a risk-based approach to mitigate against current online dangers, continues Dearing. “Fundamental to this are two key requirements, understanding the flow of data throughout the extended asset attack surface and separating key functions within the network to prevent breaches from spreading to reach critical assets,” he says.

LockBit continues its prolific crime spree

LockBit is one of the most prolific ransomware currently in operation, and posted 126 victims to its leak site in February alone, according to security company Malwarebytes. 

Companies attacked by the gang in February include financial software firm ION Group and Pierce Transit, a public transit operator in Washington state. LockBit claimed that ION Group had paid an undisclosed ransom and demanded $2m from Pierce Transit.

So far this year the gang held the UK postal service Royal Mail to ransom, demanding $80m in Bitcoin. The company did not pay up, calling the demands “ridiculous,” and the gang responded by posting the data, alongside copies of the negotiations between LockBit and Royal Mail’s representatives.

Later, it stole customer data from UK highstreet retailer WH Smith. The attack hit personally identifiable information of current and former employees. There has been no indication since of whether or not the company paid the ransom.

Read more: LockBit ransomware gang claims Phihong attack

Topics in this article :
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU