Lockheed Martin’s has “major internal computer network problems,†that one security blogger is linking to compromised RSA tokens, according to published reports.
Lockheed Martin’s has “major internal computer network problems,†that one security blogger is linking to compromised RSA tokens, according to published reports.
Use of the company network is disrupted, but a Lockheed spokesperson wouldn’t talk about the problem directly as a matter of policy, according to a Reuters story.
The report was based on two sources, one of whom termed the incident to be major and the other who said it was “affecting a lot of people.â€Security consultant Robert Cringely says in a blog that a major defense contractor is issuing new RSA SecurID to all employees using them for remote access, and he confirmed in a phone call that the contractor is Lockheed.
PRECAUTION: RSA’s SecurID security breach: What should you do?
RSA revealed March 17 that its network was breached and it is believed algorithms used to generate SecurID passwords were stolen.
Remote access at Lockheed will be down at least until Sunday, and in the meantime telecommuters have been asked to work from corporate offices near their homes, Cringely says.
Cringeley’s analysis of the problem is that someone managed to install a key logger on a machine that had access to the Lockheed network, grabbed passwords and has combined the passwords with knowledge of RSA algorithms used to generate access codes used in SecurID two-factor authentication tokens.
He says that after RSA’s network was breached earlier this year, Lockheed required an extra password for remote access, but that a keylogger would get around this extra layer of protection.
Read more: CSO | Security and Risk
Recent Comments