RSA Hack Implicated in Lockheed Martin Attack


Lockheed Martin has been attacked using counterfeit electronic keys based on virtual keys obtained in the RSA hack. The Lockheed attack is reported to be unsuccessful in the sense that no data was compromised. The attack was detected almost immediately. The attack has resulted in some employees not being able to work. Reading between the lines this is likely because of the aggressive defensive measures being taken, which are likely justified given the risk.

Breaches at supplies need to be carefully reviewed for the risk that they may pose to your organization. This means looking beyond whether your data has been compromised in the original attack. If access to a vendor’s system has been obtained, your network and/or customers could be vulnerable. Do not rely solely on the representations of the vendor. Conduct your own risk review.

I recall an incident where a vendor backup tape disappeared. The vendor stated that the details of only 10 of our customers was on the tape. As I elicited further information (not from the vendor), I learned that hundreds of thousands of our customers were potentially at risk because our they had used their debit and credit cards to pay for the vendor’s services independently. We were potentially on the hook for a lot of money.

Vendor management issues aside. They use of the RSA attack illustrates, not the growing aptitude of attackers, but the skill and sophistication that they already have, whether they be members of organized crime, particular governments, or other organizations with certain agendas.

Here is an article arguing RSA tokens are not true “something you have” authentication and it describes a hack the author has successfully carried out evidencing this.

UPDATE 31 May 2011 17:31- Good Wall Street Journal article summarizing motives of hackers and how divergent they have become.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s