Lockheed Martin confirms it came under attack

Defense contractor confirms that the network problems it has been contending with during the last several days are the result of a "significant and tenacious attack" carried out against its network.

Arik Hesseldahl
3 min read

Defense contractor Lockheed Martin confirmed last night that the network problems it has been contending with during the last several days are the result of a "significant and tenacious attack" carried out against its network.

The company says that because its information security team detected the attack right away and took aggressive action to ward it off, its systems remain secure.

Reuters is reporting that the U.S. Department of Homeland Security and the Defense Department have offered to help Lockheed determine the extent of the attack. It's not known as yet if any data was taken or who the attackers are. Reuters is also citing a "person with direct knowledge" saying the attackers had broken into sensitive Lockheed Martin networks, and similar networks run by other U.S. defense contractors.

They breached security systems designed to keep out intruders by creating duplicates of "SecurID" electronic keys from EMC's RSA security division, said the person, who was not authorized to discuss the matter publicly.

While there's no official word as yet regarding what kind of attack it was, Reuters is citing that same person as saying the attackers created duplicate SecureID devices. These are the electronic key fobs that generate a new numeric sequence every 60 seconds which are used in combination with a personal identification number to create a two-factor authentication system that is intended to keep intruders out of sensitive networks.

The tokens come from RSA, a unit of EMC, whose systems were attacked in March. In April it disclosed that that attack was carried out via a phishing attack.

EMC isn't saying anything, but Bloomberg News is reporting that the company is speedily replacing existing key fobs with new ones as a way of remediating the damage.

All of this is yet another example of how the Internet has gotten scary in recent years. The knowledge and capabilities to launch attacks on the systems and networks used in sensitive military work, as well as the industrial systems that control the machinery required for modern life, have made such systems increasingly tempting targets for people who want to have an impact.

There's no indication as yet that the parties who carried out the attack against EMC are the same who have attacked Lockheed, but it wouldn't be unreasonable to suspect they're related. That would make the effort a fairly sophisticated, multiphase attack. What the target may ultimately be is anyone's guess.

It wouldn't be the first time a U.S. defense contractor had been attacked. In 2008, a BusinessWeek cover story profiled an attack against Booz Allen Hamilton, also carried out via phishing.

Going after the systems used by defense contractors to steal jet designs is one thing. Attacking systems like the power grid--deemed by the government to be "critical infrastructure," is quite another. It's the fear that these systems could come under attack just as readily as any other that keeps the government funding numerous cybersecurity efforts.

You can see a little of one such cybersecurity facility--one that's probably seeing action as events unfold--in the CNBC documentary "Code Wars," which aired last night on that network.

BETHESDA, Md., May 28, 2011--On Saturday, May 21, Lockheed Martin detected a significant and tenacious attack on its information systems network. The company's information security team detected the attack almost immediately, and took aggressive actions to protect all systems and data. As a result of the swift and deliberate actions taken to protect the network and increase IT security, our systems remain secure; no customer, program or employee personal data has been compromised.

Throughout the ongoing investigation, Lockheed Martin has continued to keep the appropriate U.S. government agencies informed of our actions. The team continues to work around the clock to restore employee access to the network, while maintaining the highest level of security.

To counter the constant threats we face from adversaries around the world, we regularly take actions to increase the security of our systems and to protect our employee, customer and program data. Our policies, procedures and vigilance mitigate the cyber threats to our business, and we remain confident in the integrity of our robust, multi-layered information systems security.

Headquartered in Bethesda, Md., Lockheed Martin is a global security company that employs about 126,000 people worldwide and is principally engaged in the research, design, development, manufacture, integration and sustainment of advanced technology systems, products and services. The Corporation's 2010 sales from continuing operations were $45.8 billion.