News on Twitter buzzed recently as security professionals and hackers alike shared information pertaining to a network breach of top U.S. weapons manufacturer Lockheed Martin. Initially it was not immediately clear if any sensitive information was stolen or compromised, but late Saturday evening,Reuters and MSNBC reported “Lockheed Martin Corp., the U.S. government’s top information technology provider, said on Saturday that it detected and thwarted “a significant and tenacious attack” on its information systems network.”
The Department of Homeland Security and the Department of Defense assisted the company during the computer breach to determine the extent of the incident. It is believed access to Lockheed Martin’s network may be linked to a breach against RSA network earlier this year in March. RSA is the maker of the popular SecurID token, which are the little key chain dongles that generate numbers every 30 or 60 seconds to provide a secure way of logging into computers known as two-factor authentication. Hackers at the time made off with unspecified information related to SecurID data, but many security professionals believe the algorithm used to generate one-time codes supplied by the token were taken.
RSA has about 40 million tokens and 250 million mobile software versions deployed in over 25,000 organizations in various industries, such as banking, government, manufacturing and pharmaceutical to name a few.
Even though Lockheed Martin thwarted off the attacks on its network, organizations should take precautionary measures if they are using the RSA SecurID token system. The National Security Agency (NSA) releasedInformation Assurance Advisory No. IAA-003-2011: Recommended Actions for SecurID Users in Response to RSA Cyber Intrusion. This advisory expands on the information previously released by NSA via Information Assurance Alert No. IAR-001-2011: Mitigations for the RSA Cyber Intrusion, and provides additional guidance and recommendations.