It looks like Lockheed Martin is the latest victim in what seems to be an endless string of security breaches. This time however, it does not look like a lack of security measures led to the breach. In fact, it seems that Lockheed’s implementation of a widely-trusted security tool was the attack vector this time around.
Last month we reported on the apparent compromise of RSA’s SecurID product, and while many speculated that this intrusion could lead to subsequent attacks, the firm downplayed the breach. They stated that the stolen data was unlikely to affect their customers, but as usual, the problem appears to be far larger than originally estimated.
The breadth of the intrusion is currently unknown, and with both RSA and Lockheed officials keeping mum, it may be some time before anyone knows how serious it is. When military secrets are in question however, you know it can’t be good!
- Duplicate RSA Keys Enable Lockheed Martin Network Intrusion (it.slashdot.org)
- Dept. of Defense and Homeland Security confirm Lockheed Martin hacker breach (boingboing.net)
- US military contractors hacked – possible link with RSA SecurID breach, reports claim (nakedsecurity.sophos.com)
- Lockheed Martin breached by unknown digital assailants (eset.com)
- Report: Major weapons makers see networks breached by hackers (news.cnet.com)