Slashdot Mirror

← Back to Stories (view on slashdot.org)

Duplicate RSA Keys Enable Lockheed Martin Network Intrusion

Posted by timothy on from the nobody's-perfect dept.

An anonymous reader writes "Unknown hackers have broken into the security networks of Lockheed Martin Corp and several other US military contractors, a source with direct knowledge of the attacks told Reuters. They breached security systems designed to keep out intruders by creating duplicates to 'SecurID' electronic keys from EMC Corp's RSA security division, said the person who was not authorized to publicly discuss the matter." There's also coverage at PC Magazine.

4 of 138 comments (clear)

  1. Spoken like a true spokesperson... by Zakabog · · Score: 4, Insightful

    and we remain confident in the integrity of our robust, multi-layered information systems security

    Translation: Our system's breached but maybe you won't realize that if I throw enough buzz words at you...

    1. Re:Spoken like a true spokesperson... by betterunixthanunix · · Score: 4, Insightful

      On the other hand, a robust security system should be able to keep your most important information secure even when a breach occurs at lower levels. So, perhaps a breach occurred that allows some expense reports to be copied but does not enable the attackers to obtain designs for stealth aircraft. A breach is not a good thing, but it does not have to be an all-or-nothing scenario.

      --
      Palm trees and 8
    2. Re:Spoken like a true spokesperson... by Fallen+Kell · · Score: 3, Insightful

      For anyone working at a place like this, they know that the real data is on a separate network which has no physical connection to the internet. The only data that could possibly have been compromised would be unclassified, business trade secrets, and/or proprietary information.

      As the one official said (which was almost completely ignored by the article's authors), there should be little risk to actual projects. Really, what they got was access to "TPS reports", and other such documents. Now, there may be an issue with "Export Control" as even if some documents are unclassified, they may not be allowed to be transmitted to certain countries. But all the real information is on that other network which you need physical access to hack, which is one of the easiest things to secure.

      --
      We were all warned a long time ago that MS products sucked, remember the Magic 8 Ball said, "Outlook not so good"
  2. Does RSA store usernames and pins? by solarium_rider · · Score: 3, Insightful

    Can someone explain what was actually stolen from RSA that allowed them to break into the networks? From what I understand even if you had had a duplicate SecurID number generator, you would still need the username and securid password (fixed code + random 6 digit) associated with the account to get into the network. Once you are into the network you probably also need a username (same as above) and user password to access the machines. This sounds more like the attackers must have had significant insider knowledge to get in.

    --
    -- How many sigs are as useless as this one?