13/10/2011
The UK defence contractor Raytheon has been target of a recent cyber-attack. Raytheon’s head of cyber-security Vincent Blake explained that hackers applied a cloud-based attack to steal important data from the computers of 20 of the company’s employees.
“The attack vector was through emails targeted to individuals,” he said. “We had 20 people targeted. It was looped back through a cloud service saying ‘please use this particular service for this particular application’. Two of the individuals did click.” As hackers normally base their attempts on severs which are entirely under their control, this attack has to be considered exceptional. Raytheon however managed to stop the process of data being stolen and reacted to the spear-phishing attack. According to Blake, the group of hackers responsible is known to the company. The cyber head also pointed to another cyber-attack five years ago: “We truly had a ‘come to Jesus’ moment because we decided to sell missiles to Taiwan,” he said. “For some reason, a country next door to Taiwan didn’t really like that, so they got very interested in our intellectual property rights. We’ve had to very, very rapidly catch up with our own internal networks.” Raytheon is currently dealing with about 35 000 persistent threats to information security per day.
The SDA recently launched a cyber-security initiative, featuring EU Commissioner for Home Affairs Cecilia Malmström in an evening debate on November 9th.