Lockheed Martin Hack Puts Spotlight on EMC Security Products

Defense Contractor Lockheed Martin confirmed over the weekend that it was the target of an aggressive online attack earlier this month. It said its security team detected the attack almost immediately, and protected all of its systems and data. No data’s been compromised, the company says.

Gulf War TargetAccording to InformationWeek, the hackers tried to break in through Lockheed’s VPN access system, which uses RSA SecurID hardware tokens. They apparently had factory-encoded random keys used by at least some of Lockheed’s SecurID hardware fobs. They also seem to have had serial numbers and the underlying algorithm used to secure the devices.

That suggests the attackers may be the same people behind March’s successful attack on EMC’s RSA division, which makes SecurID. It seems that since then, a lot of malware and phishing attacks have been going on.

This isn’t good news for EMC. If it’s confirmed that RSA information was a factor in the attack, the company could be forced to publically reveal any risks the use of the system could pose to users of SecurID and its software.

Source: InformationWeek

2 Responses to “Lockheed Martin Hack Puts Spotlight on EMC Security Products”

  1. To their credit, RSA had reached out to all existing customers and reminded them of best practices around PINs and to be on the lookout for any attempted social engineering efforts to find user names.

    In response, we tightened user lockout parameters to fewer failed attempts, and generate alerts to Ops staff who query callers complaining of lockout if they indeed locked themselves out. If not, we could be certain it was an attack that tried a stolen token number, username, and PIN generator.

    It makes for a boatload of extra alerts, but the peace of mind is worth it. It will all be moot as we renew our stock of expiring tokens. It is still an extremely valuable system.