U.S. defense contractor Lockheed Martin has acknowledged that its network experienced a "significant and tenacious attack" late last week, although it said that its systems remain secure and no critical data has been compromised.
The confirmation comes one day after Reuters reported that Lockheed and several other U.S. military contractors had been hacked using data that was stolen from EMC Corp's RSA security division, which was attacked in March. The hackers reportedly created duplicates of RSA's "SecurID" electronic keys, which they then attempted to use to exploit Lockheed's VPN access system, according to Information Week. SecurIDs are often used to confirm the identity of an employee who is attempting to access the system remotely.
RSA said in March that it was confident that the stolen information would not result in the direct attacks on RSA SecureID customers, but the data "could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack."
Rick Moy, president and CEO of NSS Labs, an information security company, said that it looks like the March RSA attack was meant to exploit its customers, like Lockheed.
"Since then, there have been malware and phishing campaigns in the wild seeking specific data linking RSA tokens to the end user, leading us to believe that this attack was carried out by the original RSA attackers," Moy noted in a blog post.
Lockheed said that its security team detected the attempted breach almost immediately and took appropriate action to protect its systems. The defense contractor also disabled remote access for all employees and instructed telecommuters to work from company offices for at least a week, according to security blogger Robert Cringely, who helped break the news of the attack.
As a result, "our systems remain secure; no customer, program, or employee personal data has been compromised," Lockheed Martin said in a statement.
An unnamed official close to the matter told Reuters that the attack raises concerns over whether RSA can repair its SecurID product line, or if it needs to "ditch it and start over again."
EMC said on Sunday that it was "premature to speculate" on the cause of the attack.
Beecher Tuttle is a TechZone360 contributor. He has extensive experience writing and editing for print publications and online news websites. He has specialized in a variety of industries, including health care technology, politics and education. To read more of his articles, please visit his columnist page.
Edited by Rich Steeves
