Lockheed Martin Confirms Hack, Says No Critical Data at Risk

By Beecher Tuttle May 31, 2011

U.S. defense contractor Lockheed Martin has acknowledged that its network experienced a "significant and tenacious attack" late last week, although it said that its systems remain secure and no critical data has been compromised.

The confirmation comes one day after Reuters reported that Lockheed and several other U.S. military contractors had been hacked using data that was stolen from EMC Corp's RSA security division, which was attacked in March. The hackers reportedly created duplicates of RSA's "SecurID" electronic keys, which they then attempted to use to exploit Lockheed's VPN access system, according to Information Week. SecurIDs are often used to confirm the identity of an employee who is attempting to access the system remotely.

RSA said in March that it was confident that the stolen information would not result in the direct attacks on RSA SecureID customers, but the data "could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack."

Rick Moy, president and CEO of NSS Labs, an information security company, said that it looks like the March RSA attack was meant to exploit its customers, like Lockheed.

"Since then, there have been malware and phishing campaigns in the wild seeking specific data linking RSA tokens to the end user, leading us to believe that this attack was carried out by the original RSA attackers," Moy noted in a blog post.

Lockheed said that its security team detected the attempted breach almost immediately and took appropriate action to protect its systems. The defense contractor also disabled remote access for all employees and instructed telecommuters to work from company offices for at least a week, according to security blogger Robert Cringely, who helped break the news of the attack.

As a result, "our systems remain secure; no customer, program, or employee personal data has been compromised," Lockheed Martin said in a statement.

An unnamed official close to the matter told Reuters that the attack raises concerns over whether RSA can repair its SecurID product line, or if it needs to "ditch it and start over again."

EMC said on Sunday that it was "premature to speculate" on the cause of the attack.

Beecher Tuttle is a TechZone360 contributor. He has extensive experience writing and editing for print publications and online news websites. He has specialized in a variety of industries, including health care technology, politics and education. To read more of his articles, please visit his columnist page.

Edited by Rich Steeves

TechZone360 Contributor

Related Articles

Why People Don't Update Their Computers

By: Special Guest    7/13/2018

When the WannaCry ransomware attacked companies all over the world in 2017, experts soon realized it was meant to be stopped by regular updating. Even…

Read More

More Intelligence About The New Intelligence

By: Rich Tehrani    7/9/2018

TMC recently announced the launch of three new artificial intelligence events under the banner of The New Intelligence. I recently spoke with TMC's Ex…

Read More

Technology, Innovation, and Compliance: How Businesses Approach the Digital Age

By: Special Guest    6/29/2018

Organizations must align internally to achieve effective innovation. Companies should consider creating cross-functional teams or, at a minimum, incre…

Read More

Contribute Your Brain Power to The New Intelligence

By: Paula Bernier    6/28/2018

The three events that are part of The New Intelligence are all about how businesses and service providers, and their customers, can benefit from artif…

Read More

TMC Launches The New Intelligence - an Unparalleled AI and Machine Learning Conference & Expo in Florida

By: TMCnet News    6/28/2018

TMC announced the launch of The New Intelligence conference and expo - The Event Powering the AI Revolution. This exciting new event will take place o…

Read More