Notice – plural, networks of Lockheed Martin. – plural, networks of other US military contractors.
On Friday, Reuters news agency reported that unknown hackers have managed to break into the networks of arms manufacturer Lockheed Martin as well as those of other US military contractors. According to the report, the intruders exploited the information about cryptography specialist RSA’s SecurID products that was seized by hackers during an attack in March. It is currently unclear whether the intruders actually managed to obtain valuable information; however, the fact that all the systems attached to the network are likely to contain documentation relating to weapons systems which are currently in use, or are in development, doesn’t bode well.
When last reported, it was the Defense department itself, and through the Defense Department the hackers broke into military systems all over the world. See: Infected USB caused biggest US military breach ever
The article is short, so we recommend that you read it all. But the highlights are that this is a continuing escalation, using codes from the RSA recent attack.
The US Defense Department reportedly told Reuters on Saturday that it was working with Lockheed to determine the scope of the attack. Lockheedconfirmed, in a statement, that it had detected a “significant” attack on its network on 21 May and had reacted “almost immediately” to institute counter measures; it said that its “systems remain secure”. The company is currently investigating the attack but is already claiming that “no customer, program or employee personal data has been compromised”. It is still working to restore employee access to its network.
While military facilities and their suppliers were previously thought to be fully protected against cyber attacks, even their experts now concede that no protection is one hundred per cent safe. SecurID tokens which create one-time passwords (OTPs) every 60 seconds used to be quite an efficient protective mechanism. However, in addition to source code, the hackers who attacked RSA are also believed to have obtained the “seed” components. These seeds would enable hackers to generate valid OTPs for any system.
Therefore, security experts are now assuming that SecurID tokens provide less security, and that the system must be regarded as having been cracked. The only remaining protection is provided by the password that is also required. In its recommendations, RSA has therefore emphasised that users should be particularly wary of phishing attacks.