Raytheon hit by cloud-based attack

Raytheon hit by cloud-based attack

One of the company's 1.2 billion daily threat events

Article comments

Defence company Raytheon has revealed that it was the victim of a cloud-based attack for the first time,with the incident occurring just last week.

It was a spear phishing attack where an email was sent to employees at the company, asking them to access an application through a certain link, which was through a cloud service.

No data was exploited via the attack, which Raytheon discovered through its monitoring of outgoing network traffic. It described anything trying to get out to the internet as 'beaconing'.

"We recently saw our first cloud-based attack, where the cloud was the enabler to the attack," Vincent Blake, head of cyber security at Raytheon UK told the RSA Conference in London.

"We had 20 people targeted. It was looped back through a cloud service. Two of the individuals did click [on the link in the phishing email]. We fortunately detected these two [when they] started beaconing through [to] the cloud and we picked it up through the beaconing."

Blake attributed the detection to "very sophisticated engines" which use some automation.

Raytheon also makes sure that the "dwell time", the maximum length of time an attack is left in the system before the company responds to it - though it will be working on the response during this time - is just two hours.

"A year from now, I would like it to be down to 10 minutes," Blake added.

Information security has been a c-level concern at Raytheon ever since it started selling missiles to Taiwan five years ago. It was at this point, when "a country next-door to Taiwan" began to show interest in the company's intellectual property information, leading to a significant growth in cyber-attacks it experienced.

Blake said that now: "We block 1.2 billion attacks a day." This is in addition to blocking four million spam emails each day.

"We went from knowing nothing [about our network] to reporting to our CEO every day of what's going on," he said, keen to get across the fact that board-level buy-in was key to IT security.

Share:

Comments

Advertisement
Send to a friend

Email this article to a friend or colleague:


PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.


We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

ComputerworldUK Knowledge Vault

ComputerworldUK
Share
x
Open
* *