US forced to redesign secret weapon after cyber breach

'Cyber Pilot' called in following backdoor penetration

The United States may be forced to redesign an unnamed new weapon system now under development – because tech specs and plans were stolen from a defence contractor's databases.

Reuters and Aviation Week report on the revelation by US Deputy Defense Secretary William Lynn, made in the course of announcing beefed-up cyber defences intended to put a stop to such intrusions. Lynn said that a "foreign intelligence service" was behind the theft of the secret weapon's blueprints in March – apparently amounting to 24,000 files – but declined to specify which nation had carried out the attack.

"It is a significant concern that over the past decade, terabytes of data have been extracted by foreign intruders from corporate networks of defense companies," Lynn said. "In a single intrusion this March, 24,000 files were taken."

According to the secretary, stolen data lifted from the Pentagon and its contractors ranges from specs for small parts up to aircraft avionics, surveillance technologies, satellite communications systems and network security protocols.

In response, he said, the Defense and Homeland Security departments have established a pilot program with a handful of defence companies that helps protect the corporate networks.

"In this Defense Industrial Base – or DIB – Cyber Pilot," Lynn said, "classified threat intelligence is shared with defense contractors or their commercial Internet service providers, along with the know-how to employ it in network defense."

The UK is also known to be suffering serious defence-related data losses, with many analysts tending to point the finger at China – while acknowledging the difficulty of really knowing who has initiated a cyber attack.

A British source very much in a position to know has told the Register off the record that "an entire jet engine" design was stolen in recent times from its UK manufacturer before security measures were stepped up.

A Pentagon press-service report on Lynn's speech can be read here. ®

Sponsored: How to determine if cloud backup is right for your servers