Feeds

US forced to redesign secret weapon after cyber breach

'Cyber Pilot' called in following backdoor penetration

Securing Web Applications Made Simple and Scalable

The United States may be forced to redesign an unnamed new weapon system now under development – because tech specs and plans were stolen from a defence contractor's databases.

Reuters and Aviation Week report on the revelation by US Deputy Defense Secretary William Lynn, made in the course of announcing beefed-up cyber defences intended to put a stop to such intrusions. Lynn said that a "foreign intelligence service" was behind the theft of the secret weapon's blueprints in March – apparently amounting to 24,000 files – but declined to specify which nation had carried out the attack.

"It is a significant concern that over the past decade, terabytes of data have been extracted by foreign intruders from corporate networks of defense companies," Lynn said. "In a single intrusion this March, 24,000 files were taken."

According to the secretary, stolen data lifted from the Pentagon and its contractors ranges from specs for small parts up to aircraft avionics, surveillance technologies, satellite communications systems and network security protocols.

In response, he said, the Defense and Homeland Security departments have established a pilot program with a handful of defence companies that helps protect the corporate networks.

"In this Defense Industrial Base – or DIB – Cyber Pilot," Lynn said, "classified threat intelligence is shared with defense contractors or their commercial Internet service providers, along with the know-how to employ it in network defense."

The UK is also known to be suffering serious defence-related data losses, with many analysts tending to point the finger at China – while acknowledging the difficulty of really knowing who has initiated a cyber attack.

A British source very much in a position to know has told the Register off the record that "an entire jet engine" design was stolen in recent times from its UK manufacturer before security measures were stepped up.

A Pentagon press-service report on Lynn's speech can be read here. ®

Application security programs and practises

More from The Register

next story
ONE EMAIL costs mining company $300 MEEELION
Environmental activist walks free after hoax sent share price over a cliff
Arrr: Freetard-bothering Digital Economy Act tied up, thrown in the hold
Ministry of Fun confirms: Yes, we're busy doing nothing
Help yourself to anyone's photos FOR FREE, suggests UK.gov
Copyright law reforms will keep m'learned friends busy
Apple smacked with privacy sueball over Location Services
Class action launched on behalf of 100 million iPhone owners
US judge: YES, cops or feds so can slurp an ENTIRE Gmail account
Crooks don't have folders labelled 'drug records', opines NY beak
UK government officially adopts Open Document Format
Microsoft insurgency fails, earns snarky remark from UK digital services head
You! Pirate! Stop pirating, or we shall admonish you politely. Repeatedly, if necessary
And we shall go about telling people you smell. No, not really
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.