Boston/Washington: Unknown hackers have broken into the security networks of Lockheed Martin Corp and several other US military contractors, a source with direct knowledge of the attacks told Reuters.
They breached security systems designed to keep out intruders by creating duplicates to “SecurID” electronic keys from EMC’s RSA security division, said the person who was not authorised to publicly discuss the matter.
It was not immediately clear what kind of data, if any, was stolen by the hackers. But Lockheed and other military contractor networks house sensitive data on future weapons systems as well as military technology currently used in battles in Iraq and Afghanistan. They are the latest companies to be breached through sophisticated attacks that have pierced the defences of huge corporations including Sony, Google and EMC. Security experts say it is virtually impossible for any company or government agency to build a security network that hackers will be unable to pierce.
The Pentagon, which has about 85,000 military personnel and civilians working on cybersecurity issues worldwide, said it also uses a limited number of the RSA security keys, but declined to say how many for security reasons.
The hackers learned how to copy those electronic keys with data stolen from RSA during a sophisticated attack that EMC disclosed in March, according to the source. EMC declined to comment on the matter, as did executives at major defence contractors.
Lockheed, which employs 126,000 people worldwide and had $45.8 billion in revenue last year, said it does not discuss specific threats or responses as a matter of principle, but regularly took actions to counter threats and ensure security. Many defence companies, including General Dynamics, use the “SecurID” tokens.
Executives at General Dynamics, Boeing, Northrop Grumman, Raytheon and other defence companies declined to comment on any security breaches. “We do not comment on whether or not Northrop Grumman is or has been a target for cyber intrusions,” said Northrop spokesman Randy Belote.
Raytheon spokesman Jonathan Kasle said his company took immediate company-wide actions in March when incident information was initially provided to RSA customers. “As a result of these actions, we prevented a widespread disruption of our network,” he said.
Boeing spokesman Todd Kelley said his company had a “wide range” of systems in place to detect and prevent intrusions of its networks. “We have a robust computing security team that constantly monitors our network,” he said.
SecurIDs are widely used electronic keys to computer systems that work using a two-pronged approach to confirming the identity of the person trying to access a computer system. They are designed to thwart hackers who might use key-logging viruses to capture passwords by constantly generating new passwords to enter the system.
The SecurID generates new strings of digits on a minute-by-minute basis that the user must enter along with a secret PIN before they can access the network. If the user fails to enter the string before it expires, then access is denied.
EMC disclosed in March that hackers had broken into its network and stolen some information related to its SecurIDs. It said the information could potentially be used to reduce the effectiveness of those devices in securing customer networks.
EMC said it worked with the Department of Homeland Security to publish a note on the March attack and provided Web addresses to help companies identify where the attack might have come from. It briefed individual customers on how to secure their systems. In a bid to ensure secrecy, the company required them to sign non-disclosure agreements promising not to discuss the advice that it provided in those sessions, according .