Lockheed and RSA Security, which supplies coded access tokens to millions of corporate users and government officials, said they were still trying to determine whether the attack had relied on any data that hackers had stolen from RSA in March or if it had exploited another weakness.
Lockheed, which is based in Bethesda, Md., said on Saturday night that the attack, which occurred on May 21, was “significant and tenacious.” Lockheed officials said they had stopped the attack shortly after hackers got into a system, adding that no customer or company data was compromised.
Sondra Barbour, Lockheed’s chief information officer, sent a memo to the company’s employees on Sunday, saying that its systems remained secure. She said Lockheed had quickly shut down remote access to its network after the attack began.
Still, the attack was significant enough that it was described in briefing materials provided to President Obama, the White House spokesman, Jay Carney, said on Sunday. He said the damage was “fairly minimal.”
Government officials have said Lockheed Martin, the nation’s largest military contractor, and other military companies face frequent attacks from hackers seeking national security data.
Officials at Lockheed and RSA Security, a division of the EMC Corporation that provides the SecurID brand of electronic access tokens, said they were working with federal officials to investigate how the attack occurred and who was behind it.
Ms. Barbour said Lockheed also had accelerated a plan to increase network security. The company has upgraded the SecurID tokens supplied by RSA and is resetting all user passwords. Lockheed also switched to eight-digit access codes from four-digit codes, which are randomly generated by the tokens.
Lockheed officials said on Friday that the attack on its systems might have been linked to one on the RSA network in March. At the time, RSA said it had sustained a data breach that could have compromised some of its security products. Its announcement shocked computer security experts, particularly because its systems are widely used.
Shortly after RSA announced that breach, Lockheed, like many other large companies, said it had added an additional password to the process employees used to connect to its system from remote locations.
One Lockheed executive, who spoke on the condition of anonymity because of security issues, said on Sunday that investigators “cannot rule out” a connection between the attacks on the RSA and Lockheed networks.
EMC said in a statement on Sunday that it was “premature to speculate” on the cause of the Lockheed attack.
Some blog items and articles have suggested that customers would back away from using RSA’s SecurID tokens. But Lockheed said it planned to continue using them, and EMC said it remained confident in the tokens.
Article source: http://feeds.nytimes.com/click.phdo?i=5d93c9a1190580fe52eee98888484e5f
Speak Your Mind
You must be logged in to post a comment.