Lockheed Martin Confirms Hack, Says No Critical Data at Risk

By Beecher Tuttle May 31, 2011

U.S. defense contractor Lockheed Martin has acknowledged that its network experienced a "significant and tenacious attack" late last week, although it said that its systems remain secure and no critical data has been compromised.

The confirmation comes one day after Reuters reported that Lockheed and several other U.S. military contractors had been hacked using data that was stolen from EMC Corp's RSA security division, which was attacked in March. The hackers reportedly created duplicates of RSA's "SecurID" electronic keys, which they then attempted to use to exploit Lockheed's VPN access system, according to Information Week. SecurIDs are often used to confirm the identity of an employee who is attempting to access the system remotely.

RSA said in March that it was confident that the stolen information would not result in the direct attacks on RSA SecureID customers, but the data "could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack."

Rick Moy, president and CEO of NSS Labs, an information security company, said that it looks like the March RSA attack was meant to exploit its customers, like Lockheed.

"Since then, there have been malware and phishing campaigns in the wild seeking specific data linking RSA tokens to the end user, leading us to believe that this attack was carried out by the original RSA attackers," Moy noted in a blog post.

Lockheed said that its security team detected the attempted breach almost immediately and took appropriate action to protect its systems. The defense contractor also disabled remote access for all employees and instructed telecommuters to work from company offices for at least a week, according to security blogger Robert Cringely, who helped break the news of the attack.

As a result, "our systems remain secure; no customer, program, or employee personal data has been compromised," Lockheed Martin said in a statement.

An unnamed official close to the matter told Reuters that the attack raises concerns over whether RSA can repair its SecurID product line, or if it needs to "ditch it and start over again."

EMC said on Sunday that it was "premature to speculate" on the cause of the attack.


Beecher Tuttle is a TechZone360 contributor. He has extensive experience writing and editing for print publications and online news websites. He has specialized in a variety of industries, including health care technology, politics and education. To read more of his articles, please visit his columnist page.

Edited by Rich Steeves

TechZone360 Contributor

SHARE THIS ARTICLE
Related Articles

Why Blockchain Could Be a Gamechanger

By: Paula Bernier    1/22/2018

Blockchain has become closely associated with the controversial topic of cryptocurrency. And that's fine because blockchain is an enabling technology …

Read More

Consumer Privacy in the Digital Era: Three Trends to Watch

By: Special Guest    1/18/2018

Digital advertising has exploded in recent years, with the latest eMarketer data forecasting $83 billion in revenue this year and continued growth on …

Read More

CES 2018: Terabit Fiber - Closer Than We Think

By: Doug Mohney    1/17/2018

One of the biggest challenges for 5G and last mile 10 Gig deployments is not raw data speeds, but middle mile and core networks. The wireless industry…

Read More

10 Benefits of Drone-Based Asset Inspections

By: Frank Segarra    1/15/2018

Although a new and emerging technology, (which is still evolving), in early 2018, most companies are not aware of the possible benefits they can achie…

Read More

VR Could Change Entertainment Forever

By: Special Guest    1/11/2018

VR could change everything from how we play video games to how we interact with our friends and family. VR has the power to change how we consume all …

Read More