Feeds

US forced to redesign secret weapon after cyber breach

'Cyber Pilot' called in following backdoor penetration

Beginner's guide to SSL certificates

The United States may be forced to redesign an unnamed new weapon system now under development – because tech specs and plans were stolen from a defence contractor's databases.

Reuters and Aviation Week report on the revelation by US Deputy Defense Secretary William Lynn, made in the course of announcing beefed-up cyber defences intended to put a stop to such intrusions. Lynn said that a "foreign intelligence service" was behind the theft of the secret weapon's blueprints in March – apparently amounting to 24,000 files – but declined to specify which nation had carried out the attack.

"It is a significant concern that over the past decade, terabytes of data have been extracted by foreign intruders from corporate networks of defense companies," Lynn said. "In a single intrusion this March, 24,000 files were taken."

According to the secretary, stolen data lifted from the Pentagon and its contractors ranges from specs for small parts up to aircraft avionics, surveillance technologies, satellite communications systems and network security protocols.

In response, he said, the Defense and Homeland Security departments have established a pilot program with a handful of defence companies that helps protect the corporate networks.

"In this Defense Industrial Base – or DIB – Cyber Pilot," Lynn said, "classified threat intelligence is shared with defense contractors or their commercial Internet service providers, along with the know-how to employ it in network defense."

The UK is also known to be suffering serious defence-related data losses, with many analysts tending to point the finger at China – while acknowledging the difficulty of really knowing who has initiated a cyber attack.

A British source very much in a position to know has told the Register off the record that "an entire jet engine" design was stolen in recent times from its UK manufacturer before security measures were stepped up.

A Pentagon press-service report on Lynn's speech can be read here. ®

Protecting against web application threats using SSL

More from The Register

next story
Hey, Scots. Microsoft's Bing thinks you'll vote NO to independence
World's top Google-finding website calls it for the UK
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
Apple CEO Tim Cook: TV is TERRIBLE and stuck in the 1970s
The iKing thinks telly is far too fiddly and ugly – basically, iTunes
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Huawei ditches new Windows Phone mobe plans, blames poor sales
Giganto mobe firm slams door shut on Microsoft. OH DEAR
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
OECD lashes out at tax avoiding globocorps' location-flipping antics
You hear that, Amazon, Google, Microsoft et al?
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.