Lockheed Martin hit by cyber incident, U.S. says

Reuters ^ | 05/28/2011

[SeekAndFind]

Lockheed Martin Corp, the world's biggest aerospace company and the Pentagon's No. 1 supplier by sales, has been hit by an unspecified cyber incident, the government said on Saturday.

The Department of Homeland Security said it and the Defense Department had offered to help gauge the scope of a "cyber incident impacting LMCO," as the maker of fighter jets, ships and other major weapons systems is known.

The U.S. government also has offered to help analyze "available data in order to provide recommendations to mitigate further risk," Chris Ortman, a Homeland Security official, said in an e-mailed reply to a query from Reuters.

It was not immediately clear what kind of data, if any, was stolen by the hackers. But military contractors' networks contain sensitive data on arms that are under development as well as technology used by U.S. forces in Iraq and Afghanistan.

A person with direct knowledge told Reuters on Friday that unknown attackers had broken into sensitive networks of Lockheed Martin and several other U.S. military contractors.

They breached security systems designed to keep out intruders by creating duplicates to "SecurID" electronic keys from EMC Corp's RSA security division, said the person, who was not authorized to discuss the matter publicly.

Lockheed Martin did not immediately respond to a request for comment on the government statement. The Defense Department did not respond to a request for comment earlier on Saturday.

[basil]

Am I the only one who is a bit nervous about this?

[arnoldc1]

No

[labette]

No.

Because the bad guys weren’t looking over the menu for the company picnic.

[buwaya]

No, you are not alone. RSA tokens are ubiquitous.
It was a very neat technology for authentication.
For a while there was some hope that what was stolen would not compromise the huge installed base, but thats out the window.
Now thousands of systems need to be revised and millions of tokens reissued. The cost and disruption will be significant.

[traumer]

I suspect.....

[Little Ray]

We use RSA tokens where I work. Figures.

[sergeantdave]

“Am I the only one who is a bit nervous about this?

Yes. Anyone who believes anything from reuters rooters is:

1) an imbecile

2) an idiot

3) a left wing slug

I’m sure you’re none of those, so go to sleep and dream good dreams.

[pieceofthepuzzle]

I have no IT background whatsoever, but am wondering whether it is possible to put misinformation into the system in such a way as to add another layer of uncertainty for potential hackers? I realize that the best scenario is a ‘hacker-proof’ system, but given that this doesn't seem to exist, would it be helpful to have lots of decoy files with misinformation?

[Lumper20]

China. BIL owns a high tech company with Gov contracts that are extremely sensitive. Chinese intel has tried to break into his Corp. site. Once they used a catholic school in GA.

[Lumper20]

China. BIL owns a high tech company with Gov contracts that are extremely sensitive. Chinese intel has tried to break into his Corp. site. Once they used a catholic school in GA.

[gonzo]

"...Am I the only one who is a bit nervous about this?..."

No, I hope we get a follow-up on this ...................... FRegards

[basil]

Good.....

[basil]

I can say without a doubt that I have never been a left wing slug......the other two, well............

[meadsjn]

Do you or your employer use "SecurID" electronic keys from EMC Corp's RSA?

Do you even know what is being discussed?

[buwaya]

Ideally there are multiple layers of security systems, controls and policies. However the IT environment of a large enterprise like Lockheed is extremely complex. Keeping track of vulnerabilities of all kinds is extremely difficult, and information always leaks from one spot to another.

[kbennkc]

Wouldn't you think the progeny of the Skunk Works could send some kind of a spike back to a hacker that would melt his eyeballs or something?