This past week has been hot with security issues after Lockheed Martin discovered a breach in their communication security and shut down their network. As a customer of RSA, who suffered a hack that may have exposed the cryptographic keys for their SecurID product, both Lockheed Martin and Northop Grumman may have been put at risk to further sophisticated attacks resulting from that exposure.
According to an article written up on FoxNews.com, the source within Northop Grumman has speculated that they also might have been subject to a cyberattack last week,
On May 26, Northrop Grumman shut down remote access to its network without warning — catching even senior managers by surprise and leading to speculation that a similar breach had occurred.
“We went through a domain name and password reset across the entire organization,” the source told FoxNews.com. “This caught even my executive management off guard and caused chaos.”
“I’ve been here a good amount of time and they’ve never done anything this way — we always have advanced notice,” the person said, speculating that the surprise action was a response to a similar network assault.
Lockheed Martin responded in a very similar fashion when they discovered suspicious activity on their network. Wikibon analyst, John Casaretto all but predicted further attacks of this type in a recent analysis article of the path of these attacks. Chances are good there will be more to come—or at least more to be revealed—as defense contractors appear to be on the firing line at the moment.
Tentatively, Lockheed Martin and Northop Grumman are just customers of RSA and use SecurID. There is currently no evidence that these devices have been the vector for the cyberattacks against these defense contractors, only the connection that many American corporations use RSA to harden their Internet defenses.
Indeed, the pattern of attacks has been visibly certain: government defense contractors are being selectively targeted by hackers.
Defense giant L-3 Communications was the second defense contractor to suffer a cyberattack (before Northop Grumman). According to an article from Wired a leaked memo directly linked SecurID to the attack (although there’s little information on how L-3 made that connection.)
To date, an RSA spokeswoman has explained that the company is still investigating the Lockheed incident: “The investigation remains ongoing and it would be premature to speculate.”
As these hacks are unveiled and further hacks are uncovered we will get a better and sharper image of what’s going on. This is a rapidly evolving story with multiple sources that we’re still investigating. As our understanding chances and more information is accurately corroborated we will continue to expand this story.
Needless to say: This is far from over.
[...] An association with RSA was implied, but with few details. Northrop Grumman was reported to be subjected to a cyberattack last week, again the response was a shutdown of the [...]
[...] As we’ve seen, affiliated companies and contractors are amid the weakest links in the defense chain when it comes to cyberattacks. If we follow the recent spree of highly publicized hacks against FBI affiliates using primitive scriptkiddie antics such as AntiSec hacks of IRC Federal and Anonymous leaks from Booz Allen Hamilton, a grim picture is painted of the security of systems external to the Department of Defense and FBI. Yet this is nothing compared to stunningly sophisticated hacking that involves breaking security and cryptographic defenses such as used breached RSA SecurID tokens to get into defense contractors such as Lockheed Martin and Northop Grumman. [...]
[...] related to the attacks on the networks of at least two government contractors: Lockheed Martin and Northop Grumman. Many have been paying attention to all this activity, including Sen. John McCain, who is now [...]
[...] sphere such as the theft of RSA SecurID tokens and the subsequent break ins at Lockheed Martin, Northop Grumman, and other defense contractors. Of course, we’ve also had the startling discovery revealed by [...]
[...] six months ago and further the lack of any substantive actions in light of the current climate. The federal contractor hacks that started to be reported in late spring were certainly serious and disconcerting in that they [...]
[...] breach of the RSA SecurID keys later used against defense contractors such as Lockheed Martin and Northop Grumman who experienced network outages when defending against attempted intrusions. The real big boys in [...]
[...] many US companies suffer attacks and attempts to penetrate their defenses such as Lockheed Martin, Nothop Grumman, and L-3 Communications. Those attacks are suspected to have been perpetrated by a well-funded, [...]