In a reminder that other networks beyond Sony’s are targets for cyber attack, Reuters is reporting that major Department of Defense contractor and aeronautics giant Lockheed-Martin, and possibly other weapons makers, have been hacked. There is no word yet as to whether any data was compromised as a result of the alleged attack, and Lockheed-Martin has not confirmed the breach.
Confirmed information remains scant, but according to Reuter’s sources, the attack appears to be a direct result of a confirmed security breach at EMC, which provides the SecurID tokens for Lockheed-Martin. These tokens produce a new passcode minute by minute, providing an additional layer of security on top of the personal identification numbers assigned to Lockheed-Martin employee. During the attack on EMC this past March, hackers were apparently able to steal information which allowed them to produce their own passcodes. This breach was followed by a string of phishing and malware attacks designed to match tokens to users, and thus circumvent the system.
As of yet, the motivations behind the attacks remain unknown. It should be noted that while the report specifically mentions Lockheed-Martin, many other organizations employee the SecurID system and are potential targets. One possibly motivation behind the attacks could be espionage; Lockheed-Martin, for instance, is developing both the F-35 Lightning II and the F-22, the two newest fighter jets in the U.S. fleet. Some commentators have already speculated that similar attacks in previous years may have contributed to the development of China’s J-20 stealth jet.
Though it will likely be a long time before the extent of the EMC breach is known, news that it could have affected high-profiled clients is surely ruffling some feathers across industries that require especially advanced security in their day-to-day operations.
