May 27, 2011

Report: Lockheed Martin fighting off network attack

The major defense contractor Lockheed Martin is experiencing a massive network disruption that may be related to an attack on RSA earlier this year in which information about the security company's two-factor authentication offerings was compromised.

According to a Reuters report, citing two unnamed sources, the network problems are impacting many people.

The incident was first brought to light Wednesday by technology blogger Robert Cringely, who noted that a "very large U.S. defense contractor" was forced to cut off remote access to its internal network following a compromise. As a result, the company is being forced to replace RSA SecurID tokens and mandate password resets for more than 100,000 users.

"It seems likely that whoever hacked the RSA network got the algorithm for the current tokens and then managed to get a keylogger installed on one or more computers used to access the intranet at this company," Cringely wrote. "With those two pieces of information, they were then able to get access to the internal network."

Jeff Adams, a Lockheed spokesman, would not confirm a breach.

"As a matter of policy, we don't discuss specific threats or responses," he told SCMagazineUS.com on Friday in a statement. "However, to counter any threats, we regularly take actions to increase the security of our systems and to protect our employee, customer and program data."

"We have policies and procedures in place to mitigate the cyberthreats to our business, and we remain confident in the integrity of our robust, multilayered information systems security," Adams added.

Mike Rothman, president of consultant firm Securosis, said incidents like this may force RSA to reissue millions of tokens. But the focus should be on the sophistication of the attackers, not the particular style of attack.

"Let's just say a company tossed all their RSA tokens and brought in someone else," he wrote in a blog post Friday. "Guess what? Then the attackers would compromise a device already on the network, taking the [two-factor authentication] out of play. And that's really the point...So panic all you want. They are still going to get in."

 
Related Articles
Related Topics
Related Links

More in News

Privacy-bolstering "Apps Act" introduced in House

The bill would provide consumers nationwide with similar protections already enforced by a California law.

Microsoft readies permanent fix for Internet Explorer bug used in energy attacks

Microsoft is prepping a whopper of a security update that will close 33 vulnerabilities, likely including an Internet Explorer (IE) flaw that has been used in targeted website attacks against the U.S. government.

Weakness in Adobe ColdFusion allowed court hackers access to 160K SSNs

Up to 160,000 Social Security numbers and one million driver's license numbers may have been accessed by intruders.