Defense Contractor Lockheed Martin confirmed over the weekend that it was the target of an aggressive online attack earlier this month. It said its security team detected the attack almost immediately, and protected all of its systems and data. No data’s been compromised, the company says.
According to InformationWeek, the hackers tried to break in through Lockheed’s VPN access system, which uses RSA SecurID hardware tokens. They apparently had factory-encoded random keys used by at least some of Lockheed’s SecurID hardware fobs. They also seem to have had serial numbers and the underlying algorithm used to secure the devices.
That suggests the attackers may be the same people behind March’s successful attack on EMC’s RSA division, which makes SecurID. It seems that since then, a lot of malware and phishing attacks have been going on.
This isn’t good news for EMC. If it’s confirmed that RSA information was a factor in the attack, the company could be forced to publically reveal any risks the use of the system could pose to users of SecurID and its software.