Security - Channel Insider
Empowering the next generation Channel
 

Sponsored Links
  • Try Windows Azure free for 90 days

  • Introducing the world's first family of systems with integrated expertise

  • FREE Securing Smartphones & Tablets for Dummies Book from Sophos
  • 5 New Technologies That Will Change Enterprise ITAdvertisement
  • Build an IT Infrastructure That Delivers the Future

    		•  

    Security Threat Intensifies: Lockheed, Google, DoD

    in Security



    DATE: 2011-06-06 | By Ericka Chickowski
    Article Rating:starstarstarstarstar / 1
    Article Views: 4691

      Table of Contents:
    1. Security Threat Intensifies: Lockheed, Google, DoD
    2. Chinese Connections

    The days of worms, viruses and identity theft may have seemed serious at the time, but recently the IT security threat level has ratcheted up significantly. Now U.S. defense contractors are under attack, White House email accounts are hacked, and the U.S. Department of Defense classifies cyberwarefare as an act of war. It's a whole new level of threat.

    Rate This Article:
    Poor Best
    Add This Article To:

    Security Threat Intensifies: Lockheed, Google, DoD


    ( Page 1 of 2 )

    Last week the threat of cyberwarfare and state-sponsored hacking activities flared up to show itself as more than just an imaginary boogeyman. The fleeting specter gained some tangibility with a number of incidents coming to light, including the details of a sophisticated attack against defense contractor Lockheed Martin, some of  its subcontractors and potentially other defense contractors as well, a hack against Google Gmail aimed at gaining White House secrets and proclamations from Department of Defense (DoD) officials that cyberwarfare  will be treated as acts of war. All of these events have been tied together with speculation that the common denominator for all of them is the threat from China.

    Lockheed and Defense Contractors

    One of the biggest hacking events of the year and potentially not a lick of information actually reported breached as a result, the Lockheed Martin incident has kicked up a lot of dust over the few weeks due to its big-picture implications. Security experts claim that recent attacks of Lockheed and several other defense contractors have potentially leveraged information gained through the attack earlier this spring that many speculate compromised the authentication token seeds for RSA's SecurID products.

    The incident came to light on May 21 when news broke that Lockheed had shut down remote access to its internal network following a major attack on those resources. Journalist Robert Cringely reported early on that the Lockheed reissued RSA tokens to all of its employees in the attack's wake.

    A week later the company confirmed that it had come under attack, saying that " As a result of the swift and deliberate actions taken to protect the network and increase IT security, our systems remain secure; no customer, program or employee personal data has been compromised."

    Lockheed confirmed to the New York Times that the breach was linked to the RSA SecurID breach. It was just a matter of time, industry experts said. Experts with security testing and analysis firm NSS Labs had predicted in March that high-profile attacks against government-related targets utilizing SecurID would be hackers’ next chess move following the RSA breach.

    "Since then, there have been malware and phishing campaigns in the wild seeking specific data linking RSA tokens to the end-user, leading us to believe that this attack was carried out by the original RSA attackers," wrote Rick Moy, president of NSS Labs, following the Lockheed news. "Given the military targets, and that millions of compromised keys are in circulation, this is not over."

    And last week it was clear that Moy was right as news of more government contractors potentially getting hit came uncovered.

    One source with Northrup Grumman told FoxNews.com that the firm "went through a domain name and password reset across the entire organization," though that firm publicly said it would not comment on cyberattacks against it. More concrete evidence showing a SecurID connection also blew open last week when Wired released an internal memo that it came across from defense contractor L3 Communications that “L-3 Communications has been actively targeted with penetration attacks leveraging the compromised information.”




    comments dic



     
     
    >>> More Security Articles          >>> More By Ericka Chickowski
     



    		 


    Related Content

    Articles Labs/How-To Multimedia

    channel chatter


    HTML PLAIN TEXT

    Keep on top of news for VARs and Resellers with CI's Weekly Newsletter and Alerts.


    [ci] feeds
    XML
    Add Channel News, Product Reviews, Trends and Analysis to your RSS newsreader or My Yahoo!

     

    CHANNEL SPONSORED RESOURCE CENTER
     
     
     
    Start the New Year with business intelligence—it’s a smart move
    Join us on February 1 for an encore rebroadcast at either 5 am or 12 noon EST and discover how business intelligence (BI) supports companies in uncertain business and economic climates. Get expert advice on how to create a strategy that fits your organization's needs and budget and see how quickly it can pay for itself.
    Click Here
     
    Security and Availability Essentials for Running Your Business in the Cloud
    Are you moving to the cloud? Find out what every IT professional should know about security and availability before moving to the cloud. Hear what a security provider’s own CSO has to say.
    Watch Video
    A new algorithm automatically identifies relationships between variables to help reduce researcher prejudice.
    Click HereAdvertisement