We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
78,230 News Articles

Raytheon hit by cloud-based attack

One of the company's 1.2 billion daily threat events

Defence company Raytheon has revealed that it was the victim of a cloud-based attack for the first time,with the incident occurring just last week.

It was a spear phishing attack where an email was sent to employees at the company, asking them to access an application through a certain link, which was through a cloud service.

No data was exploited via the attack, which Raytheon discovered through its monitoring of outgoing network traffic. It described anything trying to get out to the internet as 'beaconing'.

"We recently saw our first cloud-based attack, where the cloud was the enabler to the attack," Vincent Blake, head of cyber security at Raytheon UK told the RSA Conference in London.

"We had 20 people targeted. It was looped back through a cloud service. Two of the individuals did click [on the link in the phishing email]. We fortunately detected these two [when they] started beaconing through [to] the cloud and we picked it up through the beaconing."

Blake attributed the detection to "very sophisticated engines" which use some automation.

Raytheon also makes sure that the "dwell time", the maximum length of time an attack is left in the system before the company responds to it - though it will be working on the response during this time - is just two hours.

"A year from now, I would like it to be down to 10 minutes," Blake added.

Information security has been a c-level concern at Raytheon ever since it started selling missiles to Taiwan five years ago. It was at this point, when "a country next-door to Taiwan" began to show interest in the company's intellectual property information, leading to a significant growth in cyber-attacks it experienced.

Blake said that now: "We block 1.2 billion attacks a day." This is in addition to blocking four million spam emails each day.

"We went from knowing nothing [about our network] to reporting to our CEO every day of what's going on," he said, keen to get across the fact that board-level buy-in was key to IT security.


IDG UK Sites

OnePlus Two release date rumours: Something's happening on 22 July

IDG UK Sites

13in MacBook Air review, Apple's MacBook Air 2014 reviewed

IDG UK Sites

5 reasons to buy an electric car and 5 reasons not to

IDG UK Sites

Evernote Skitch: the best way for creatives to doodle feedback