Building off its legacy capabilities combined with its purchase last October of the cyber security firm Oakley Networks, Raytheon [RTN] has launched an Information Security Solutions practice aimed at the federal market and large commercial firms.
“Through Information Security Solutions, we protect federal mission-critical information and infrastructures from attack, intrusion, disruption and compromise,” says Michael Keebaugh, president of Raytheon’s Intelligence and Information Systems segment. “We also protect Enterprise 500 customers from information breaches, fraud, theft and sabotage.” The new cyber security business practice is based within Keebaugh’s segment.
Raytheon is launching the new business just as the federal government is preparing to dramatically increase its spending on information technology defenses and as the number of cyber attacks is increasing.
“The threat is driving the market,” Steve Hawkins, who will lead the Information Security Solutions practice, tells TR2. “It has gone from individual hackers to nation states to organized crime to terrorist groups.”
On top of that shift, there has been an increase in the numbers of attacks, Hawkins says. In 2002 there were about 23,000 attempted cyber attacks against U.S. military installations whereas last year that figure was 100,000 attempts per second, he adds.
Hawkins also says that with the federal government preparing to double its annual spending on cyber security, in the neighborhood of $7 billion, more business opportunities are expected to emerge in the next six to 12 months. He says the Department of Homeland Security (DHS) is coordinating with other federal agencies how various cyber security efforts should proceed.
Near-term the federal government represents the largest business opportunity but Raytheon, through its purchase of Oakley, has traction with the commercial critical infrastructure sector. About 75 percent of Raytheon Oakley Systems business is with the national security sector and the rest is largely within Fortune 500 companies such as banks, manufacturers and utilities, Derek Smith, president of the Oakley business unit, tells TR2.
“Anybody who has key proprietary intellectual property or customers who have confidential data that it’s important it not be leaked off or stolen off their networks,” is a potential customer, Smith says.
Hawkins says there is interest within the federal government about how to protect commercial critical infrastructure, including discussions regarding any sort of regulatory environment for portions of that infrastructure. However, Companies also have an economic interest in protecting themselves, he adds.
In 2003 it cost about $10,000 to overcome a typical computer hack, Hawkins says. Now those attacks are more sophisticated and it can cost close to $400,000 to overcome the damage, he adds.
And, citing statements from the Director of National Intelligence and DHS, Hawkins says critical commercial infrastructure may be facing as big, or bigger, as the federal government. “So we’re trying to organize around that,” he says.
The insider threat poses even potentially greater consequences, according to Hawkins.
The insider threat, which is where data is compromised from within an organization by an employee or contractor or someone else, is where Raytheon believes there is a gap in the nation’s cyber defenses. Raytheon Oakley Systems makes computer software that helps enforce acceptable use policies and provides automatic alerts when improper activity is taking place, Smith says.
What sets Raytheon’s new cyber security business practice apart is its focus on providing integrated end-to-end solutions, Hawkins says. Smith also said another differentiator is the focus on the insider threat.
Raytheon believes that for now it is ahead of any of its potential competition in putting together an end-to-end capability approach to addressing federal and commercial cyber security needs.
“You need to take five or six commercial and defense companies and stack them up to be able to offer the kind of end-to-end capability we think we can offer,” Hawkins says.
New Symantec Report on Internet Security
More than 50 percent of denial of service attacks were targeted against computers in the United States in the second half of 2007, according to a new report by the computer security firm Symantec [SYMC].
Governments are the top sector for the denial of service attacks, which are essentially meant to shut down computer systems and networks, according to the report, Government Internet Threat Security Report, which is published twice a year. The wide ranging report analyzes attack activity that occurred worldwide during the second half of 2007 and highlights overall cyber attack trends as well as trends in malicious code, phishing and spam.
“Over the past several reporting periods, Symantec has observed a shift in the threat landscape in which attackers have increasingly moved away from nuisance and destructive attacks toward targets and methods that are driven by financial motives,” the report says. “Today’s attackers are increasingly sophisticated, determined, and organized, and have begun to adopt methods that are similar to traditional software development and business practices.”
The report also says that denial of service attacks against government organization are increasing and are now the most common attack type against government targets. Symantec says that 56 percent of all denial of service attacks targeted the U.S. during the last six months of 2007. That figure is down from 61 percent in the first half of 2007.
The vast majority, 95 percent, of denial of service attacks in the second half of 2005 that originated from critical infrastructure sectors came from telecommunications organizations. The military sector accounted for less than 1 percent of the origin of the attacks.
The report says that the U.S. was the top country in terms of where attacks originated during the six month reporting period, accounting for 24 percent of worldwide activity. However, that statistic doesn’t indicate whether the persons behind the attack were in the U.S. or elsewhere because Symantec’s sensors only record the address of the last Internet Service Provider used, not necessarily the first.
The report also says that government accounted for a majority of identities exposed globally, 60 percent, an increase from 12 percent increase in the first half of 2007.