We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,258 News Articles

Lockheed-Martin Attack Signals New Era of Cyber Espionage

The attack on Lockheed-Martin actually started a couple months ago with the breach at RSA Security.

The network of defense contractor Lockheed-Martin was attacked using counterfeit electronic keys. Since the RSA Security network was hacked and the keys to its SecurID tokens were compromised a few months ago, the world has been waiting for the proverbial other shoe to drop. Well, it dropped.

In an analysis of the breach at RSA Security, NSS Labs predicted, "This was a strategic move to grab the virtual keys to RSA's customers--who are the most security conscious in the world. One or several RSA clients are likely the ultimate target of this attack. Military, financial, governmental, and other organizations with critical intellectual property, plans and finances are at risk."

Since the compromise of the SecurID keys, there have been malware and phishing campaigns probing for specific data connecting RSA tokens to the end-user, suggesting that those attacks were being conducted by the original RSA Security attackers with a goal in mind.

Most crimes are crimes of opportunity, and most crimes of opportunity can be avoided. Stay in populated, well-lit areas, and you're relatively safe. Walk down dark, deserted alleys and your odds of getting mugged go up. Lock your car doors and keep valuable hidden, and you probably won't get things stolen. Leave your car unlocked with your iPad sitting on the passenger seat and it probably won't be there when you get back.

However, avoiding a targeted attack--a stalker dedicated to trailing you specifically--is much more difficult. The attack against RSA Security does not appear to have been a random crime of opportunity, but rather a targeted attack calculated with the goal of acquiring the keys necessary to tackle larger prey like Lockheed-Martin.

I am sure that Lockheed-Martin and the United States government have information security experts much smarter than me investigating these incidents and connecting the dots, but it certainly seems at face value like either a state-sponsored attack, or an attack by well-funded hackers with the intent to market whatever information can be extracted internationally to other governments.

Thankfully, Lockheed-Martin detected the attack and acted quickly to thwart it. A spokesperson for Lockheed-Martin reports that no customer, program, or employee data has been compromised as a result of this attack.

But, the entire incident--starting from the RSA Security attack and compromise of the SecurID tokens, and ending at Lockheed-Martin--illustrates that malware and cyber-crime are becoming more insidious. Malware has evolved from a trivial, script-kiddie nuisance, to a professional crime syndicate, and now into a tool for precision corporate and government espionage.

IDG UK Sites

Very best Black Friday 2014 tech deals UK: Latest bargains on phones, tablets, laptops and more...

IDG UK Sites

Tech trends 2015: 3D printing grows up

IDG UK Sites

10 mind-blowing Oculus Rift experiments that reveal VR's practical potential

IDG UK Sites

Black Friday 2014 UK: Apple deals, Amazon deals & other Black Friday tech offers