Raytheon hit by cloud-based attack
LATEST NEWS
SUBSCRIBE
Computerworld is New Zealand's only specialised information systems fortnightly. Subscribe now for $100 (23 issues) and save more than 37% off the cover price!
SIGN UP
Defence company Raytheon has revealed that it was the victim of a cloud-based attack for the first time,with the incident occurring just last week.
By Anh Nguyen | London | Thursday, 13 October, 2011
Defence company Raytheon has revealed that it was the victim of a cloud-based attack for the first time,with the incident occurring just last week.
It was a spear phishing attack where an email was sent to employees at the company, asking them to access an application through a certain link, which was through a cloud service.
No data was exploited via the attack, which Raytheon discovered through its monitoring of outgoing network traffic. It described anything trying to get out to the internet as 'beaconing'.
"We recently saw our first cloud-based attack, where the cloud was the enabler to the attack," Vincent Blake, head of cyber security at Raytheon UK told the RSA Conference in London.
"We had 20 people targeted. It was looped back through a cloud service. Two of the individuals did click [on the link in the phishing email]. We fortunately detected these two [when they] started beaconing through [to] the cloud and we picked it up through the beaconing."
Blake attributed the detection to "very sophisticated engines" which use some automation.
Raytheon also makes sure that the "dwell time", the maximum length of time an attack is left in the system before the company responds to it - though it will be working on the response during this time - is just two hours.
"A year from now, I would like it to be down to 10 minutes," Blake added.
Information security has been a c-level concern at Raytheon ever since it started selling missiles to Taiwan five years ago. It was at this point, when "a country next-door to Taiwan" began to show interest in the company's intellectual property information, leading to a significant growth in cyber-attacks it experienced.
Blake said that now: "We block 1.2 billion attacks a day." This is in addition to blocking four million spam emails each day.
"We went from knowing nothing [about our network] to reporting to our CEO every day of what's going on," he said, keen to get across the fact that board-level buy-in was key to IT security.
MOST POPULAR
- NZ game industry: Govt support for development increasing
- Raspberry Pi arrives in New Zealand
- Video, connection costs major factors in broadband uptake: ComCom
- Spotify launches in New Zealand and Australia today
- NASA on 'brink of a new future' with SpaceX launch
- No more risk to privacy on Facebook, than web: MED
Social Media @Computerworld NZ
Computerworld NZ has now reached LinkedIn! Join to expand your networks and meet others interested in information systems.
