Lockheed keeps mum on reported data breach

Company grappling with massive internal network problems; RSA SecurID tokens involved, Reuters report says

The nation's No. 1 defense contractor, Lockheed Martin, today would neither confirm nor deny a Reuters story saying the company had experienced a major data breach.

A Lockheed spokesman, Jeffrey Adams, said today in a brief statement via email that the company did not, as a matter of policy, discuss specific threats or responses. "We have policies and procedures in place to mitigate the cyber threats to our business, and we remain confident in the integrity of our robust, multi-layered information systems security," the statement noted.

Earlier, a Reuters story quoting unnamed sources within Lockheed had reported that the defense contractor was grappling with a major internal computer network problem that had affected a "lot of people."

The incident has forced Lockheed to reset passwords for employees and take other unspecified measures. Lockheed has notified the Pentagon about the problem, the report said.

Reuters quoted technology blogger Robert Cringley as saying the intrusion may have involved the use of RSA's SecurID tokens, which Lockheed Martin employees use when logging into their network from outside the company.

RSA, part of EMC, had earlier this year disclosed that intruders had broken into its networks and potentially compromised data involving its SecurID authentication technology.

Since then, several security analysts have urged companies that are using SecurID to review their authentication measures.

The Reuters story does not say when exactly the alleged intrusion may have occurred. But it does note that Lockheed employees have been experiencing a network slowdown since last Sunday.

Targeted attacks keep coming

Lockheed, which manufactures the F-22 and F-35 fighter planes and other weapons systems, is only one in a growing list of high-profile organizations that have been hit this year by highly targeted attacks.

In April, Oak Ridge National Laboratory, home to one of the fastest supercomputers in the world, was forced to shut down its email systems and Internet access for several days following a breach.

The measures were implemented after officials discovered attempts by someone to steal technical data from the lab's systems and send it to an external system.

More recently, Sony's PlayStation Network and Sony Online Entertainment networks were forced offline for several days after intruders broke into them and compromised data belonging to as many as 100 million account holders.

In Sony's case, the motive for the attack appears to be tied to the company's hard-line stance on copyright enforcement and IP protection. But in several of the other cases, the motives for the attack appear to be espionage and data theft.

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at  @jaivijayan or subscribe to Jaikumar's RSS feed . His e-mail address is jvijayan@computerworld.com.

Join the discussion
Be the first to comment on this article. Our Commenting Policies