'Significant' attack shuts down Lockheed network
Hack may have exploted SecurID tokens; company and DOD say no data compromised
- By Nick Wakeman
- May 31, 2011
A "significant and tenacious" cyber attack that may have exploited RSA SecurID tokens caused Lockheed Martin to shut down one of its networks. As of Sunday, Lockheed stilll wasn't using the network, a week after the attack.
The attack, which occurred May 21, was detected immediately and the company “took aggressive actions to protect all systems and data,” according to a May 28 statement by Lockheed.
The company’s statement says that Lockheed’s systems are secure and that no customer, program or employee personal data was compromised. Lockheed has a team working around the clock to restore employee access to the network and maintain “the highest level of security.”
After hack, security of RSA SecurID tokens in the hands of customers
The company did not say what network was attacked or what kind of data or systems were targeted.
The Defense Department also downplayed the potential damage from the attack, according to the Washington Post.
“Impact to DOD is minimal,” Air Force Lt. Col. April Cunningham, a Pentagon spokeswoman, told the Post via e-mail.
DOD and the Homeland Security Department offered their help in determining the extent of the attack and providing analysis to mitigate further risks, Bloomberg reported.
Gopal Ratnam of Bloomberg reported that the breach may have involved RSA’s SecurID, a mobile security system that apparently was the target of a cyber attack on RSA in March.
In that attack, data on the SecurID authentication products was taken. The same products are used by Northrop Grumman Corp. and Raytheon Co., according to Bloomberg.
PCMagazine reported that the hackers spoofed SecurID tokens to gain access to Lockheed’s network.
According to PCMagazine, Lockheed has added another layer of security to the remote login procedure and reset employee passwords.
Nick Wakeman is the editor-in-chief of Washington Technology. Follow him on Twitter: @nick_wakeman.