Northrop Grumman Regularly Repels Advanced Attacks Seeking Sensitive Data
Organized hackers have been attempting to breach aerospace and defense company Northrop Grumman for years to steal sensitive information, according to a Northrop Grumman senior executive at the Gartner security summit.
The APTs (advanced persistent threats) are designed to infiltrate networks at companies and government agencies to steal intellectual property or other sensitive information. As one of the largest defense contractors in the country, Northrop Grumman is a lucrative target.
"These advanced attacks have been going on for several years," said Timothy McKnight, vice president and chief information security officer at Northrop Grumman, during a panel discussion on APTs at the Gartner Security and Risk Management Summit in Washington, D.C., June 21.
Northrop Grumman has created profiles of about a dozen distinct groups constantly battering the company based on the information collected by its monitoring, detection and prevention systems, McKnight said. The cyber-intelligence group keeps tabs on the attackers, including attack procedures used and the kind of malware designed.
A typical attack method involves using zero-day vulnerabilities to compromise end-user machines, according to McKnight. About 300 zero-day attack attempts were recorded last year, and the pace has ramped up enormously to several exploits coming in throughout the day.
"Every attack, in order to succeed, needs to exploit a vulnerability," John Pescatore, a Gartner distinguished analyst, said during a separate discussion at the summit.