Lockheed Systems on Lock Down After Cyber Attack

Wednesday, June 01, 2011



Lockheed Martin Corp., the U.S. government’s top information technology provider has suspended remote access to corporate systems after discovering a network intrusion that is related to a previous breach at  RSA.

“As a result of the swift and deliberate actions taken to protect the network and increase IT security, our systems remain secure,” Jennifer Whitlow, a Lockheed spokeswoman, said in an e-mailed statement. “No customer, program or employee personal data has been compromised.”

The incident is related to the use of SecurID tokens from RSA to log into different accounts and may be associated with attacks on RSA Security last march. Unknown hackers have penetrated the network and gained unspecified information related to the SecurID product – perhaps even the start vector generation used to create a one-time code supplied token.

SecurIDs are widely used electronic keys to that work using a two-pronged approach to confirming the identity of a person trying to access a computer system. They are designed to thwart hackers who might use key-logging viruses to capture passwords by constantly generating new passwords to access the system.

SecurID generates new strings of digits on a minute-by-minute basis that the user must enter along with a secret PIN (personal identification number) before he or she can access the network. If the user fails to enter the string before it expires, then access is denied.

Potential hackers need a lot of information – including user names on accounts and PIN-codes – to attack a corporate email or remote access to systems protected by RSA SecurID. It seems that Lockheed has found attempts to gain access only to that information, and as a result they suspended remote access and closed some parts of network as a preventive measure.

Boeing spokesman Todd Kelley said his company had a “wide range” of systems in place to detect and prevent intrusions on its networks. “We have a robust computing security team that constantly monitors our network,” he said.

The RSA breach did raise concerns about security tokens that may have been compromised, and EMC is now facing tough questions about whether “they can repair that product line or whether they need to ditch it and start over again,” he said.

EMC disclosed in March that hackers had broken into its network and stolen some information related to its SecurIDs. It said the information could potentially be used to reduce the effectiveness of those devices in securing customer networks.

Data held by Lockheed is of great interest to the agents of other governments. Security experts say that it is virtually impossible for any company or government agency to build a security network that hackers will be unable to penetrate.

Contributed by SecTechno

Possibly Related Articles:
Network Access Control
RSA Authentication Attack Access Control Headlines hackers SecurID Lockheed
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.