How bad was the cyber attack on Lockheed Martin?
Last week's cyber attack on top US weapons manufacturer Lockheed Martin shows that cyber espionage is evolving and could soon become more of a serious threat to governments and companies.
US Air Force
• A daily summary of global reports on security issues.
Lockheed Martin – one of the world’s biggest military and aerospace companies and the Pentagon's top supplier – came under a “significant and tenacious” cyber attack last week, it has emerged in the past few days. The company said it detected the attack almost immediately and managed to stop it before any critical data was compromised.
Although it appears the attack had limited impact on the Department of Defense, it may indicate that cyber espionage is evolving and could become more of a serious threat to governments and companies in the near future.
“It certainly seems at face value like either a state-sponsored attack, or an attack by well-funded hackers with the intent to market whatever information can be extracted internationally to other governments,” writes Tony Bradley, a PC World columnist. “Malware has evolved from a trivial, script-kiddie nuisance, to a professional crime syndicate, and now into a tool for precision corporate and government espionage.”
The Defense Department and the Department of Homeland Security are working to determine the extent of the attack and investigating ways to ensure that similar attacks do not happen in the future, reports Radio Free Europe.
“No customer, program, or employee personal data has been compromised,” said Lockheed Martin in a press release on Saturday. “The team continues to work around the clock to restore employee access to the network, while maintaining the highest level of security.”
Scarce details
Aside from acknowledging the attack, which took place on May 21, Lockheed Martin and the US government have provided no details about the incident. It remains unclear where it originated and even Internet security experts with government ties say they have little information about the attack.
“I think it tells us that DHS doesn’t know much about what’s going on," said Anup Ghosh, a former senior scientist at the Pentagon’s Defense Advanced Research Projects Agency in an article by Al Jazeera.
Hackers may have gained access to Lockheed Martin’s system using a special password generation key produced by EMC Corp.'s RSA security division, reports Market Watch. Last March, the company said hackers had attacked their systems related to the security keys. The keys are used by a number of government agencies and security conscious corporations.
RSA tried to remedy the breech by replacing people’s security code generation keys, reports Bloomberg. The keys expire every three years. Major defense contractors, including Northrop Grumman Corp and Raytheon are among the company’s other users.
Another breach in 2009
Hackers managed to break into Lockheed Martin’s system in 2009. They reportedly accessed computers with information about the F-35 fighter jet program, reports Haaretz. The program is projected to cost more than $380 billion and is the most expensive Pentagon arms purchase.
Cyber security issues have been becoming increasingly high profile, since hackers broke into the Sony PlayStation network in April, compromising the information of more than 100 million users and costing Sony and credit card companies an estimated $1 to $2 billion.