Raytheon and Nightwing will settle for cybersecurity failures for $8.4 million.

On Thursday, the US government announced it had made a settlement with Raytheon, RTX Corporation, and Nightwing Group over a lawsuit. The lawsuit was about their failure to follow cybersecurity rules for defense contractors.

  North America Cyber affairs News   May 5, 2025  Add to Reading List
Raytheon and Nightwing will settle for cybersecurity failures for $8.4 million.

On Thursday, the US government announced it had made a settlement with Raytheon, RTX Corporation, and Nightwing Group over a lawsuit. The lawsuit was about their failure to follow cybersecurity rules for defense contractors.

Raytheon is part of RTX Corporation, which used to be called Raytheon Technologies Corporation. Raytheon had a subsidiary back then named Raytheon Cyber Solutions, Inc. (RCSI). They allegedly didn’t follow cybersecurity rules in 29 contracts and subcontracts with the Department of Defense (DoD). Nightwing, which also got involved, is a cybersecurity and intelligence company that was once part of RTX.

The settlement states that from 2015 to 2021, Raytheon didn’t have the needed cybersecurity measures on a system they used for working on DoD contracts. Back in 2015, they received a cybersecurity contract from the Department of Homeland Security (DHS) worth $1 billion.

Reports say Raytheon and RCSI not only didn’t use a security plan for an important system but also failed to meet other rules from the Defense Federal Acquisition Regulation Supplement (DFARS) and Federal Acquisition Regulation (FAR). These rules require contractors to protect systems that handle federal contract data and ensure those systems are secure enough.

The Department of Justice said that the settlement resolved allegations about Raytheon. They supposedly used a system that didn’t follow rules to handle defense and federal contract information in 29 DoD contracts and subcontracts.

In the settlement, it’s mentioned that the company gave false reports for unclassified work done on the system that didn’t meet rules under the DoD contracts. In 2020, Raytheon informed the government about this issue and later replaced the non-compliant system with one that met the rules.

Raytheon did not admit to doing anything wrong but agreed to pay $8.4 million to the US government to settle these claims. Of this payment, $4.2 million is restitution, and the remaining is interest.

A former director at Raytheon, Branson Kenneth Fowler, filed the lawsuit that led to this settlement. He used the whistleblower rules in the False Claims Act and will get $1.5 million from the settlement.

SecurityWeek has reached out to RTX for a statement on the settlement. If they reply, they will update the information.

This $8.4 million settlement is quite small compared to the $950 million Raytheon agreed to pay in October 2024. That larger settlement was for other issues, such as mistakes in pricing government contracts and breaking laws like the Foreign Corrupt Practices Act (FCPA), the Arms Export Control Act (AECA), and the International Traffic in Arms Regulations (ITAR).